· 7 years ago · Mar 20, 2018, 05:12 PM
1{
2 "openapi": "3.0.0",
3 "info": {
4 "version": "3.0",
5 "title": "Vizibl API",
6 "description": "Vizibl REST API",
7 "termsOfService": "https://api.vizibl.co/terms",
8 "contact": {
9 "name": "Vizibl API Support",
10 "email": "developers@oldstlabs.co"
11 },
12 "x-logo": {
13 "url": "/assets/img/logo.png",
14 "backgroundColor": null
15 }
16 },
17 "servers": [
18 {
19 "url": "https://{subdomain}.vizibl.co/{version}",
20 "description": "Production API",
21 "variables": {
22 "subdomain": {
23 "enum": [
24 "dev-api",
25 "qa-api",
26 "stage-api",
27 "preprod-api",
28 "sandbox-api"
29 ],
30 "default": "api"
31 },
32 "version": {
33 "enum": [
34 "v1",
35 "v2",
36 "v3"
37 ],
38 "default": "v3"
39 }
40 }
41 }
42 ],
43 "paths": {
44 "/oauth/authorization": {
45 "get": {
46 "summary": "Authenticate an end user.",
47 "description": "See OAuth 2.0 Authorization Endpoint](http://tools.ietf.org/html/rfc6749#section-3.1)\n",
48 "operationId": "authorize",
49 "parameters": [
50 {
51 "$ref": "#/components/parameters/clientId"
52 },
53 {
54 "$ref": "#/components/parameters/scopes"
55 },
56 {
57 "$ref": "#/components/parameters/state"
58 },
59 {
60 "$ref": "#/components/parameters/redirectUri"
61 },
62 {
63 "$ref": "#/components/parameters/responseType"
64 }
65 ],
66 "responses": {
67 "302": {
68 "description": "Successful or erroneous authentication response."
69 }
70 }
71 }
72 },
73 "/oauth/token": {
74 "post": {
75 "summary": "Obtain an authentication token.",
76 "description": "TODO\n",
77 "operationId": "token",
78 "parameters": [
79 {
80 "name": "Authorization",
81 "in": "header",
82 "description": "HTTP Basic authorization header.",
83 "required": false,
84 "type": "string"
85 }
86 ],
87 "responses": {
88 "200": {
89 "$ref": "#/components/responses/Token"
90 },
91 "400": {
92 "$ref": "#/components/responses/OAuth2Error"
93 },
94 "401": {
95 "$ref": "#/components/responses/UNAUTHORIZED"
96 }
97 }
98 }
99 },
100 "/users/me": {
101 "get": {
102 "summary": "Fetch a user object using token",
103 "description": "This API will return the user object that belongs to the provided authentication token.",
104 "operationId": "getAuthenticatedUser",
105 "parameters": [
106 {
107 "$ref": "#/components/parameters/withemailParam"
108 },
109 {
110 "$ref": "#/components/parameters/withpermittedcompaniesParam"
111 }
112 ],
113 "security": [
114 {
115 "OAuth2": [
116 "read:users"
117 ]
118 },
119 {
120 "bearerAuth": []
121 }
122 ],
123 "responses": {
124 "200": {
125 "description": "OK"
126 },
127 "401": {
128 "$ref": "#/components/responses/UNAUTHORIZED"
129 },
130 "403": {
131 "$ref": "#/components/responses/FORBIDDEN"
132 }
133 }
134 }
135 }
136 },
137 "components": {
138 "schemas": {
139 "Error": {
140 "type": "object",
141 "properties": {
142 "code": {
143 "type": "string"
144 },
145 "message": {
146 "type": "string"
147 }
148 },
149 "required": [
150 "code",
151 "message"
152 ]
153 },
154 "Token": {
155 "description": "Successful token response",
156 "required": [
157 "token_type"
158 ],
159 "properties": {
160 "token_type": null,
161 "type": "string"
162 },
163 "access_token": {
164 "description": "The access token issued by the authorization server.",
165 "type": "string"
166 },
167 "id_token": {
168 "description": "ID Token value associated with the authenticated session.",
169 "type": "string"
170 },
171 "refresh_token": {
172 "description": "The refresh token issued to the client, if any.",
173 "type": "string"
174 },
175 "expires_in": {
176 "description": "The lifetime in seconds of the access token.",
177 "type": "integer",
178 "format": "int32"
179 },
180 "expires_at": {
181 "description": "The time the access token will expire in seconds since epoch.",
182 "type": "integer",
183 "format": "int64"
184 },
185 "scope": {
186 "description": "The scope of the granted tokens.",
187 "type": "string"
188 }
189 },
190 "OAuth2Error": {
191 "description": "Error Response defined as in Section 5.2 of OAuth 2.0 [RFC6749].",
192 "required": [
193 "error"
194 ],
195 "properties": {
196 "error": {
197 "type": "string"
198 },
199 "error_description": {
200 "type": "string"
201 }
202 }
203 }
204 },
205 "parameters": {
206 "withemailParam": {
207 "in": "query",
208 "name": "with_email_details",
209 "description": "Return the user object with their email details.",
210 "type": "string",
211 "required": false
212 },
213 "withpermittedcompaniesParam": {
214 "in": "query",
215 "name": "with_permitted_companies",
216 "description": "Return the user object with the list of permitted Company objects that the user has permissons to access.",
217 "type": "string",
218 "required": false
219 },
220 "clientId": {
221 "in": "query",
222 "name": "client_id",
223 "description": "Vizibl Client ID",
224 "type": "string",
225 "required": true
226 },
227 "scopes": {
228 "in": "query",
229 "name": "scopes",
230 "description": "Token allowed permission scopes",
231 "type": "string",
232 "required": true
233 },
234 "state": {
235 "in": "query",
236 "name": "state",
237 "description": "An opaque string that will be passed back to the redirect URL and therefore can be used to communicate client side state and prevent CSRF attacks.\n",
238 "type": "string",
239 "required": true
240 },
241 "redirectUri": {
242 "in": "query",
243 "name": "redirect_uri",
244 "description": "The location to redirect to after (un)successful authentication.\n",
245 "type": "string",
246 "required": true
247 },
248 "responseType": {
249 "in": "query",
250 "name": "response_type",
251 "description": "The OIDC response type to use for this authentication flow. Valid choices are `code` and `token`.\n",
252 "type": "string",
253 "required": true
254 }
255 },
256 "responses": {
257 "BAD_REQUEST": {
258 "description": "Bad Request",
259 "schema": {
260 "$ref": "#/components/schemas/Error"
261 }
262 },
263 "UNAUTHORIZED": {
264 "description": "Unauthorized",
265 "schema": {
266 "$ref": "#/components/schemas/Error"
267 }
268 },
269 "FORBIDDEN": {
270 "description": "Forbidden",
271 "schema": {
272 "$ref": "#/components/schemas/Error"
273 }
274 },
275 "NOT_FOUND": {
276 "description": "Not Found",
277 "schema": {
278 "$ref": "#/components/schemas/Error"
279 }
280 },
281 "PRE_CONDITION_FAILED": {
282 "description": "Pre Condition Failed",
283 "schema": {
284 "$ref": "#/components/schemas/Error"
285 }
286 },
287 "CANNOT_ACCESS_COMPANY": {
288 "description": "Cannot Access Company",
289 "schema": {
290 "$ref": "#/components/schemas/Error"
291 }
292 },
293 "Token": {
294 "description": "Token Response",
295 "content": {
296 "application/x-www-form-urlencoded": {
297 "schema": {
298 "$ref": "#/components/schemas/Error"
299 }
300 },
301 "application/json": {
302 "schema": {
303 "$ref": "#/components/schemas/Error"
304 }
305 }
306 }
307 },
308 "OAuth2Error": {
309 "description": "OAuth 2.0 error response",
310 "content": {
311 "application/x-www-form-urlencoded": {
312 "schema": {
313 "$ref": "#/components/schemas/Oauth2Error"
314 }
315 },
316 "application/json": {
317 "schema": {
318 "$ref": "#/components/schemas/Oauth2Error"
319 }
320 }
321 }
322 }
323 },
324 "securitySchemes": {
325 "OAuth2": {
326 "description": "User authentication.",
327 "type": "oauth2",
328 "flows": {
329 "authorizationCode": {
330 "authorizationUrl": "oauth/authorization",
331 "tokenUrl": "oauth/token",
332 "scopes": null,
333 "read:users": "Read users"
334 }
335 }
336 },
337 "JWT": {
338 "description": "JWT authentication.",
339 "type": "oauth2",
340 "flows": {
341 "clientCredentials": {
342 "tokenUrl": "oauth/token",
343 "refreshUrl": "oauth/token"
344 }
345 }
346 },
347 "bearerAuth": {
348 "type": "http",
349 "scheme": "bearer",
350 "bearerFormat": "JWT"
351 }
352 },
353 "headers": null
354 }
355}