openapi: 3.0.0 info: contact: email: opensource@shinesolutions.com name: Shine Solutions url: 'http://shinesolutions.com' x-twitter: Adobe description: >- Swagger AEM is an OpenAPI specification for Adobe Experience Manager (AEM) API title: Adobe Experience Manager (AEM) version: 2.3.0-pre x-apisguru-categories: - marketing x-logo: url: >- https://api.apis.guru/v2/cache/logo/https_twitter.com_Adobe_profile_image.jpeg x-origin: - format: swagger url: >- https://raw.githubusercontent.com/shinesolutions/swagger-aem/master/conf/api.yml version: '2.0' x-preferred: true x-providerName: adobe.com x-serviceName: aem x-unofficialSpec: true security: - aemAuth: [] paths: /.cqactions.html: post: operationId: postCqActions parameters: - in: query name: authorizableId required: true schema: type: string - in: query name: changelog required: true schema: type: string responses: default: description: Default response tags: - cq /apps/system/config/com.adobe.granite.auth.saml.SamlAuthenticationHandler.config: post: operationId: postConfigAdobeGraniteSamlAuthenticationHandler parameters: - in: query name: keyStorePassword required: false schema: type: string - in: query name: keyStorePassword@TypeHint required: false schema: type: string - in: query name: service.ranking required: false schema: type: integer - in: query name: service.ranking@TypeHint required: false schema: type: string - in: query name: idpHttpRedirect required: false schema: type: boolean - in: query name: idpHttpRedirect@TypeHint required: false schema: type: string - in: query name: createUser required: false schema: type: boolean - in: query name: createUser@TypeHint required: false schema: type: string - in: query name: defaultRedirectUrl required: false schema: type: string - in: query name: defaultRedirectUrl@TypeHint required: false schema: type: string - in: query name: userIDAttribute required: false schema: type: string - in: query name: userIDAttribute@TypeHint required: false schema: type: string - in: query name: defaultGroups required: false explode: true schema: type: array items: type: string - in: query name: defaultGroups@TypeHint required: false schema: type: string - in: query name: idpCertAlias required: false schema: type: string - in: query name: idpCertAlias@TypeHint required: false schema: type: string - in: query name: addGroupMemberships required: false schema: type: boolean - in: query name: addGroupMemberships@TypeHint required: false schema: type: string - in: query name: path required: false explode: true schema: type: array items: type: string - in: query name: path@TypeHint required: false schema: type: string - in: query name: synchronizeAttributes required: false explode: true schema: type: array items: type: string - in: query name: synchronizeAttributes@TypeHint required: false schema: type: string - in: query name: clockTolerance required: false schema: type: integer - in: query name: clockTolerance@TypeHint required: false schema: type: string - in: query name: groupMembershipAttribute required: false schema: type: string - in: query name: groupMembershipAttribute@TypeHint required: false schema: type: string - in: query name: idpUrl required: false schema: type: string - in: query name: idpUrl@TypeHint required: false schema: type: string - in: query name: logoutUrl required: false schema: type: string - in: query name: logoutUrl@TypeHint required: false schema: type: string - in: query name: serviceProviderEntityId required: false schema: type: string - in: query name: serviceProviderEntityId@TypeHint required: false schema: type: string - in: query name: assertionConsumerServiceURL required: false schema: type: string - in: query name: assertionConsumerServiceURL@TypeHint required: false schema: type: string - in: query name: handleLogout required: false schema: type: boolean - in: query name: handleLogout@TypeHint required: false schema: type: string - in: query name: spPrivateKeyAlias required: false schema: type: string - in: query name: spPrivateKeyAlias@TypeHint required: false schema: type: string - in: query name: useEncryption required: false schema: type: boolean - in: query name: useEncryption@TypeHint required: false schema: type: string - in: query name: nameIdFormat required: false schema: type: string - in: query name: nameIdFormat@TypeHint required: false schema: type: string - in: query name: digestMethod required: false schema: type: string - in: query name: digestMethod@TypeHint required: false schema: type: string - in: query name: signatureMethod required: false schema: type: string - in: query name: signatureMethod@TypeHint required: false schema: type: string - in: query name: userIntermediatePath required: false schema: type: string - in: query name: userIntermediatePath@TypeHint required: false schema: type: string responses: default: description: Default response tags: - sling /apps/system/config/com.shinesolutions.aem.passwordreset.Activator: post: operationId: postConfigAemPasswordReset parameters: - in: query name: pwdreset.authorizables required: false explode: true schema: type: array items: type: string - in: query name: pwdreset.authorizables@TypeHint required: false schema: type: string responses: default: description: Default response tags: - custom /apps/system/config/com.shinesolutions.healthcheck.hc.impl.ActiveBundleHealthCheck: post: operationId: postConfigAemHealthCheckServlet parameters: - in: query name: bundles.ignored required: false explode: true schema: type: array items: type: string - in: query name: bundles.ignored@TypeHint required: false schema: type: string responses: default: description: Default response tags: - custom /apps/system/config/org.apache.felix.http: post: operationId: postConfigApacheFelixJettyBasedHttpService parameters: - in: query name: org.apache.felix.https.nio required: false schema: type: boolean - in: query name: org.apache.felix.https.nio@TypeHint required: false schema: type: string - in: query name: org.apache.felix.https.keystore required: false schema: type: string - in: query name: org.apache.felix.https.keystore@TypeHint required: false schema: type: string - in: query name: org.apache.felix.https.keystore.password required: false schema: type: string - in: query name: org.apache.felix.https.keystore.password@TypeHint required: false schema: type: string - in: query name: org.apache.felix.https.keystore.key required: false schema: type: string - in: query name: org.apache.felix.https.keystore.key@TypeHint required: false schema: type: string - in: query name: org.apache.felix.https.keystore.key.password required: false schema: type: string - in: query name: org.apache.felix.https.keystore.key.password@TypeHint required: false schema: type: string - in: query name: org.apache.felix.https.truststore required: false schema: type: string - in: query name: org.apache.felix.https.truststore@TypeHint required: false schema: type: string - in: query name: org.apache.felix.https.truststore.password required: false schema: type: string - in: query name: org.apache.felix.https.truststore.password@TypeHint required: false schema: type: string - in: query name: org.apache.felix.https.clientcertificate required: false schema: type: string - in: query name: org.apache.felix.https.clientcertificate@TypeHint required: false schema: type: string - in: query name: org.apache.felix.https.enable required: false schema: type: boolean - in: query name: org.apache.felix.https.enable@TypeHint required: false schema: type: string - in: query name: org.osgi.service.http.port.secure required: false schema: type: string - in: query name: org.osgi.service.http.port.secure@TypeHint required: false schema: type: string responses: default: description: Default response tags: - sling /apps/system/config/org.apache.http.proxyconfigurator.config: post: operationId: postConfigApacheHttpComponentsProxyConfiguration parameters: - in: query name: proxy.host required: false schema: type: string - in: query name: proxy.host@TypeHint required: false schema: type: string - in: query name: proxy.port required: false schema: type: integer - in: query name: proxy.port@TypeHint required: false schema: type: string - in: query name: proxy.exceptions required: false explode: true schema: type: array items: type: string - in: query name: proxy.exceptions@TypeHint required: false schema: type: string - in: query name: proxy.enabled required: false schema: type: boolean - in: query name: proxy.enabled@TypeHint required: false schema: type: string - in: query name: proxy.user required: false schema: type: string - in: query name: proxy.user@TypeHint required: false schema: type: string - in: query name: proxy.password required: false schema: type: string - in: query name: proxy.password@TypeHint required: false schema: type: string responses: default: description: Default response tags: - sling /apps/system/config/org.apache.sling.jcr.davex.impl.servlets.SlingDavExServlet: post: operationId: postConfigApacheSlingDavExServlet parameters: - in: query name: alias required: false schema: type: string - in: query name: alias@TypeHint required: false schema: type: string - in: query name: dav.create-absolute-uri required: false schema: type: boolean - in: query name: dav.create-absolute-uri@TypeHint required: false schema: type: string responses: default: description: Default response tags: - sling /apps/system/config/org.apache.sling.security.impl.ReferrerFilter: post: operationId: postConfigApacheSlingReferrerFilter parameters: - in: query name: allow.empty required: false schema: type: boolean - in: query name: allow.empty@TypeHint required: false schema: type: string - in: query name: allow.hosts required: false schema: type: string - in: query name: allow.hosts@TypeHint required: false schema: type: string - in: query name: allow.hosts.regexp required: false schema: type: string - in: query name: allow.hosts.regexp@TypeHint required: false schema: type: string - in: query name: filter.methods required: false schema: type: string - in: query name: filter.methods@TypeHint required: false schema: type: string responses: default: description: Default response tags: - sling /apps/system/config/org.apache.sling.servlets.get.DefaultGetServlet: post: operationId: postConfigApacheSlingGetServlet parameters: - in: query name: json.maximumresults required: false schema: type: string - in: query name: json.maximumresults@TypeHint required: false schema: type: string - in: query name: enable.html required: false schema: type: boolean - in: query name: enable.html@TypeHint required: false schema: type: string - in: query name: enable.txt required: false schema: type: boolean - in: query name: enable.txt@TypeHint required: false schema: type: string - in: query name: enable.xml required: false schema: type: boolean - in: query name: enable.xml@TypeHint required: false schema: type: string responses: default: description: Default response tags: - sling /bin/querybuilder.json: get: operationId: getQuery parameters: - in: query name: path required: true schema: type: string - in: query name: p.limit required: true schema: type: number - in: query name: 1_property required: true schema: type: string - in: query name: 1_property.value required: true schema: type: string responses: default: description: Default response content: application/json: schema: type: string tags: - sling post: operationId: postQuery parameters: - in: query name: path required: true schema: type: string - in: query name: p.limit required: true schema: type: number - in: query name: 1_property required: true schema: type: string - in: query name: 1_property.value required: true schema: type: string responses: default: description: Default response content: application/json: schema: type: string tags: - sling /crx/explorer/ui/setpassword.jsp: post: operationId: postSetPassword parameters: - in: query name: old required: true schema: type: string - in: query name: plain required: true schema: type: string - in: query name: verify required: true schema: type: string responses: default: description: Default response content: text/plain: schema: type: string tags: - crx /crx/packmgr/installstatus.jsp: get: operationId: getInstallStatus responses: '200': description: Retrieved CRX package manager install status content: application/json: schema: $ref: '#/components/schemas/InstallStatus' default: description: Default response content: application/json: schema: type: string tags: - crx /crx/packmgr/service.jsp: post: operationId: postPackageService parameters: - in: query name: cmd required: true schema: type: string responses: default: description: Default response content: text/xml: schema: type: string tags: - crx '/crx/packmgr/service/.json/{path}': post: operationId: postPackageServiceJson parameters: - in: path name: path required: true schema: type: string - in: query name: cmd required: true schema: type: string - in: query name: groupName required: false schema: type: string - in: query name: packageName required: false schema: type: string - in: query name: packageVersion required: false schema: type: string - in: query name: _charset_ required: false schema: type: string - in: query name: force required: false schema: type: boolean - in: query name: recursive required: false schema: type: boolean responses: default: description: Default response content: application/json: schema: type: string tags: - crx requestBody: content: multipart/form-data: schema: type: object properties: package: type: string format: binary /crx/packmgr/update.jsp: post: operationId: postPackageUpdate parameters: - in: query name: groupName required: true schema: type: string - in: query name: packageName required: true schema: type: string - in: query name: version required: true schema: type: string - in: query name: path required: true schema: type: string - in: query name: filter required: false schema: type: string - in: query name: _charset_ required: false schema: type: string responses: default: description: Default response content: application/json: schema: type: string tags: - crx '/crx/server/crx.default/jcr:root/.1.json': get: operationId: getCrxdeStatus responses: '200': description: CRXDE is enabled content: plain/text: schema: type: string '404': description: CRXDE is disabled content: plain/text: schema: type: string tags: - crx '/etc/packages/{group}/{name}-{version}.zip': get: operationId: getPackage parameters: - in: path name: group required: true schema: type: string - in: path name: name required: true schema: type: string - in: path name: version required: true schema: type: string responses: default: description: Default response content: application/octet-stream: schema: type: string format: binary tags: - sling '/etc/packages/{group}/{name}-{version}.zip/jcr:content/vlt:definition/filter.tidy.2.json': get: operationId: getPackageFilter parameters: - in: path name: group required: true schema: type: string - in: path name: name required: true schema: type: string - in: path name: version required: true schema: type: string responses: default: description: Default response content: application/json: schema: type: string tags: - sling '/etc/replication/agents.{runmode}.-1.json': get: operationId: getAgents parameters: - in: path name: runmode required: true schema: type: string responses: default: description: Default response content: application/json: schema: type: string tags: - sling '/etc/replication/agents.{runmode}/{name}': delete: operationId: deleteAgent parameters: - in: path name: runmode required: true schema: type: string - in: path name: name required: true schema: type: string responses: default: description: Default response tags: - sling get: operationId: getAgent parameters: - in: path name: runmode required: true schema: type: string - in: path name: name required: true schema: type: string responses: default: description: Default response tags: - sling post: operationId: postAgent parameters: - in: path name: runmode required: true schema: type: string - in: path name: name required: true schema: type: string - in: query name: 'jcr:content/cq:distribute' required: false schema: type: boolean - in: query name: 'jcr:content/cq:distribute@TypeHint' required: false schema: type: string - in: query name: 'jcr:content/cq:name' required: false schema: type: string - in: query name: 'jcr:content/cq:template' required: false schema: type: string - in: query name: 'jcr:content/enabled' required: false schema: type: boolean - in: query name: 'jcr:content/jcr:description' required: false schema: type: string - in: query name: 'jcr:content/jcr:lastModified' required: false schema: type: string - in: query name: 'jcr:content/jcr:lastModifiedBy' required: false schema: type: string - in: query name: 'jcr:content/jcr:mixinTypes' required: false schema: type: string - in: query name: 'jcr:content/jcr:title' required: false schema: type: string - in: query name: 'jcr:content/logLevel' required: false schema: type: string - in: query name: 'jcr:content/noStatusUpdate' required: false schema: type: boolean - in: query name: 'jcr:content/noVersioning' required: false schema: type: boolean - in: query name: 'jcr:content/protocolConnectTimeout' required: false schema: type: number - in: query name: 'jcr:content/protocolHTTPConnectionClosed' required: false schema: type: boolean - in: query name: 'jcr:content/protocolHTTPExpired' required: false schema: type: string - in: query name: 'jcr:content/protocolHTTPHeaders' required: false explode: true schema: type: array items: type: string - in: query name: 'jcr:content/protocolHTTPHeaders@TypeHint' required: false schema: type: string - in: query name: 'jcr:content/protocolHTTPMethod' required: false schema: type: string - in: query name: 'jcr:content/protocolHTTPSRelaxed' required: false schema: type: boolean - in: query name: 'jcr:content/protocolInterface' required: false schema: type: string - in: query name: 'jcr:content/protocolSocketTimeout' required: false schema: type: number - in: query name: 'jcr:content/protocolVersion' required: false schema: type: string - in: query name: 'jcr:content/proxyNTLMDomain' required: false schema: type: string - in: query name: 'jcr:content/proxyNTLMHost' required: false schema: type: string - in: query name: 'jcr:content/proxyHost' required: false schema: type: string - in: query name: 'jcr:content/proxyPassword' required: false schema: type: string - in: query name: 'jcr:content/proxyPort' required: false schema: type: number - in: query name: 'jcr:content/proxyUser' required: false schema: type: string - in: query name: 'jcr:content/queueBatchMaxSize' required: false schema: type: number - in: query name: 'jcr:content/queueBatchMode' required: false schema: type: string - in: query name: 'jcr:content/queueBatchWaitTime' required: false schema: type: number - in: query name: 'jcr:content/retryDelay' required: false schema: type: string - in: query name: 'jcr:content/reverseReplication' required: false schema: type: boolean - in: query name: 'jcr:content/serializationType' required: false schema: type: string - in: query name: 'jcr:content/sling:resourceType' required: false schema: type: string - in: query name: 'jcr:content/ssl' required: false schema: type: string - in: query name: 'jcr:content/transportNTLMDomain' required: false schema: type: string - in: query name: 'jcr:content/transportNTLMHost' required: false schema: type: string - in: query name: 'jcr:content/transportPassword' required: false schema: type: string - in: query name: 'jcr:content/transportUri' required: false schema: type: string - in: query name: 'jcr:content/transportUser' required: false schema: type: string - in: query name: 'jcr:content/triggerDistribute' required: false schema: type: boolean - in: query name: 'jcr:content/triggerModified' required: false schema: type: boolean - in: query name: 'jcr:content/triggerOnOffTime' required: false schema: type: boolean - in: query name: 'jcr:content/triggerReceive' required: false schema: type: boolean - in: query name: 'jcr:content/triggerSpecific' required: false schema: type: boolean - in: query name: 'jcr:content/userId' required: false schema: type: string - in: query name: 'jcr:primaryType' required: false schema: type: string - in: query name: ':operation' required: false schema: type: string responses: default: description: Default response tags: - sling /etc/replication/treeactivation.html: post: operationId: postTreeActivation parameters: - in: query name: ignoredeactivated required: true schema: type: boolean - in: query name: onlymodified required: true schema: type: boolean - in: query name: path required: true schema: type: string responses: default: description: Default response tags: - sling /etc/truststore: post: operationId: postTruststorePKCS12 responses: default: description: Default response content: text/plain: schema: type: string tags: - sling requestBody: content: multipart/form-data: schema: type: object properties: truststore.p12: type: string format: binary /etc/truststore/truststore.p12: get: operationId: getTruststore responses: default: description: Default response content: application/octet-stream: schema: type: string format: binary tags: - sling /libs/granite/core/content/login.html: get: operationId: getLoginPage responses: default: description: Default response content: text/html: schema: type: string security: [] tags: - cq /libs/granite/security/post/authorizables: post: operationId: postAuthorizables parameters: - in: query name: authorizableId required: true schema: type: string - in: query name: intermediatePath required: true schema: type: string - in: query name: createUser required: false schema: type: string - in: query name: createGroup required: false schema: type: string - in: query name: 'rep:password' required: false schema: type: string - in: query name: profile/givenName required: false schema: type: string responses: default: description: Default response content: text/html: schema: type: string tags: - sling /libs/granite/security/post/truststore: post: operationId: postTruststore parameters: - in: query name: ':operation' required: false schema: type: string - in: query name: newPassword required: false schema: type: string - in: query name: rePassword required: false schema: type: string - in: query name: keyStoreType required: false schema: type: string - in: query name: removeAlias required: false schema: type: string responses: default: description: Default response content: text/plain: schema: type: string tags: - sling requestBody: content: multipart/form-data: schema: type: object properties: certificate: type: string format: binary /libs/granite/security/truststore.json: get: operationId: getTruststoreInfo responses: '200': description: Retrieved AEM Truststore info content: application/json: schema: $ref: '#/components/schemas/TruststoreInfo' default: description: Default response content: application/json: schema: type: string tags: - sling '/system/console/bundles/{name}': post: operationId: postBundle parameters: - in: path name: name required: true schema: type: string - in: query name: action required: true schema: type: string responses: default: description: Default response tags: - console /system/console/configMgr/com.adobe.granite.auth.saml.SamlAuthenticationHandler: post: operationId: postSamlConfiguration parameters: - in: query name: post required: false schema: type: boolean - in: query name: apply required: false schema: type: boolean - in: query name: delete required: false schema: type: boolean - in: query name: action required: false schema: type: string - in: query name: $location required: false schema: type: string - in: query name: path required: false explode: true schema: type: array items: type: string - in: query name: service.ranking required: false schema: type: integer - in: query name: idpUrl required: false schema: type: string - in: query name: idpCertAlias required: false schema: type: string - in: query name: idpHttpRedirect required: false schema: type: boolean - in: query name: serviceProviderEntityId required: false schema: type: string - in: query name: assertionConsumerServiceURL required: false schema: type: string - in: query name: spPrivateKeyAlias required: false schema: type: string - in: query name: keyStorePassword required: false schema: type: string - in: query name: defaultRedirectUrl required: false schema: type: string - in: query name: userIDAttribute required: false schema: type: string - in: query name: useEncryption required: false schema: type: boolean - in: query name: createUser required: false schema: type: boolean - in: query name: addGroupMemberships required: false schema: type: boolean - in: query name: groupMembershipAttribute required: false schema: type: string - in: query name: defaultGroups required: false explode: true schema: type: array items: type: string - in: query name: nameIdFormat required: false schema: type: string - in: query name: synchronizeAttributes required: false explode: true schema: type: array items: type: string - in: query name: handleLogout required: false schema: type: boolean - in: query name: logoutUrl required: false schema: type: string - in: query name: clockTolerance required: false schema: type: integer - in: query name: digestMethod required: false schema: type: string - in: query name: signatureMethod required: false schema: type: string - in: query name: userIntermediatePath required: false schema: type: string - in: query name: propertylist required: false style: form explode: false schema: type: array items: type: string responses: '200': description: Retrieved AEM SAML Configuration content: text/plain: schema: $ref: '#/components/schemas/SamlConfigurationInfo' '302': description: Default response content: text/plain: schema: type: string default: description: Default response content: text/plain: schema: type: string tags: - console '/system/console/jmx/com.adobe.granite:type=Repository/op/{action}': post: operationId: postJmxRepository parameters: - in: path name: action required: true schema: type: string responses: default: description: Default response tags: - console /system/console/status-productinfo.json: get: operationId: getAemProductInfo responses: default: description: Default response content: application/json: schema: items: type: string type: array tags: - console /system/health: get: operationId: getAemHealthCheck parameters: - in: query name: tags required: false schema: type: string - in: query name: combineTagsOr required: false schema: type: boolean responses: default: description: Default response content: application/json: schema: type: string tags: - custom '/{intermediatePath}/{authorizableId}.ks.html': post: operationId: postAuthorizableKeystore parameters: - in: path name: intermediatePath required: true schema: type: string - in: path name: authorizableId required: true schema: type: string - in: query name: ':operation' required: false schema: type: string - in: query name: currentPassword required: false schema: type: string - in: query name: newPassword required: false schema: type: string - in: query name: rePassword required: false schema: type: string - in: query name: keyPassword required: false schema: type: string - in: query name: keyStorePass required: false schema: type: string - in: query name: alias required: false schema: type: string - in: query name: newAlias required: false schema: type: string - in: query name: removeAlias required: false schema: type: string responses: '200': description: Retrieved Authorizable Keystore info content: text/plain: schema: $ref: '#/components/schemas/KeystoreInfo' default: description: Default response content: text/plain: schema: type: string tags: - sling requestBody: content: multipart/form-data: schema: type: object properties: cert-chain: type: string format: binary pk: type: string format: binary keyStore: type: string format: binary '/{intermediatePath}/{authorizableId}.ks.json': get: operationId: getAuthorizableKeystore parameters: - in: path name: intermediatePath required: true schema: type: string - in: path name: authorizableId required: true schema: type: string responses: '200': description: Retrieved Authorizable Keystore info content: text/plain: schema: $ref: '#/components/schemas/KeystoreInfo' default: description: Default response content: text/plain: schema: type: string tags: - sling '/{intermediatePath}/{authorizableId}/keystore/store.p12': get: operationId: getKeystore parameters: - in: path name: intermediatePath required: true schema: type: string - in: path name: authorizableId required: true schema: type: string responses: default: description: Default response content: application/octet-stream: schema: type: string format: binary tags: - sling '/{path}/': post: operationId: postPath parameters: - in: path name: path required: true schema: type: string - in: query name: 'jcr:primaryType' required: true schema: type: string - in: query name: ':name' required: true schema: type: string responses: default: description: Default response tags: - sling '/{path}/{name}': delete: operationId: deleteNode parameters: - in: path name: path required: true schema: type: string - in: path name: name required: true schema: type: string responses: default: description: Default response tags: - sling get: operationId: getNode parameters: - in: path name: path required: true schema: type: string - in: path name: name required: true schema: type: string responses: default: description: Default response tags: - sling post: operationId: postNode parameters: - in: path name: path required: true schema: type: string - in: path name: name required: true schema: type: string - in: query name: ':operation' required: false schema: type: string - in: query name: deleteAuthorizable required: false schema: type: string responses: default: description: Default response tags: - sling requestBody: content: multipart/form-data: schema: type: object properties: file: type: string format: binary '/{path}/{name}.rw.html': post: operationId: postNodeRw parameters: - in: path name: path required: true schema: type: string - in: path name: name required: true schema: type: string - in: query name: addMembers required: false schema: type: string responses: default: description: Default response tags: - sling servers: - url: 'http://adobe.local/' - url: 'https://adobe.local/' components: securitySchemes: aemAuth: type: http scheme: basic schemas: InstallStatus: properties: status: properties: finished: type: boolean itemCount: type: integer type: object type: object KeystoreChainItems: properties: issuer: description: e.g. "CN=Admin" type: string notAfter: description: 'e.g. "Sun Jun 30 23:59:50 AEST 2019"' type: string notBefore: description: 'e.g. "Sun Jul 01 12:00:00 AEST 2018"' type: string serialNumber: description: '18165099476682912368' type: integer subject: description: e.g. "CN=localhost" type: string type: object KeystoreInfo: properties: aliases: items: $ref: '#/components/schemas/KeystoreItems' type: array exists: description: False if truststore don't exist type: boolean type: object KeystoreItems: properties: algorithm: description: e.g. "RSA" type: string alias: description: Keystore alias name type: string chain: items: $ref: '#/components/schemas/KeystoreChainItems' type: array entryType: description: e.g. "privateKey" type: string format: description: 'e.g. "PKCS#8"' type: string type: object SamlConfigurationInfo: properties: bundle_location: description: needed for configuration binding type: string description: description: Title type: string pid: description: Persistent Identity (PID) type: string properties: items: $ref: '#/components/schemas/SamlConfigurationProperties' type: object service_location: description: needed for configuraiton binding type: string title: description: Title type: string type: object SamlConfigurationProperties: properties: addGroupMemberships: description: >- Whether or not a user should be automatically added to CRX groups after successful authentication. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsBoolean' type: array assertionConsumerServiceURL: description: >- The (optional) AssertionConsumerServiceURL attribute of an Authn request specifies the location to which a message MUST be sent to the requester. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array clockTolerance: description: >- Time tolerance in seconds to compensate clock skew between IDP and SP when validating Assertions. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsLong' type: array createUser: description: Whether or not to autocreate nonexisting users in the repository. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsBoolean' type: array defaultGroups: description: >- A list of default CRX groups users are added to after successful authentication. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsArray' type: array defaultRedirectUrl: description: The default location to redirect to after successful authentication. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array digestMethod: description: The digest algorithm to use when signing a SAML message. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array groupMembershipAttribute: description: >- The name of the attribute containing a list of CRX groups this user should be added to. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array handleLogout: description: >- Whether or not logout (dropCredentials) requests will be processed by this handler. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsBoolean' type: array idpCertAlias: description: >- The alias of the IdP's certificate in the global truststore. If this property is empty the authentication handler is disabled. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array idpHttpRedirect: description: >- Use an HTTP Redirect to the IDP URL instead of sending an AuthnRequest-message to request credentials. Use this for IDP initiated authentication. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsBoolean' type: array idpUrl: description: >- URL of the IDP where the SAML Authentication Request should be sent to. If this property is empty the authentication handler is disabled. (idpUrl) items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array keyStorePassword: description: >- The password of the key-store of the 'authentication-service' system user. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array logoutUrl: description: >- URL of the IDP where the SAML Logout Request should be sent to. If this property is empty the authentication handler won't handle logouts. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array nameIdFormat: description: >- The value of the NameIDPolicy format parameter to send in the AuthnRequest message. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array path: description: >- Repository path for which this authentication handler should be used by Sling. If this is empty, the authentication handler will be disabled. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsArray' type: array service.ranking: description: >- OSGi Framework Service Ranking value to indicate the order in which to call this service. This is an int value where higher values designate higher precedence. Default value is 0. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsLong' type: array serviceProviderEntityId: description: >- ID which uniquely identifies this service provider with the identity provider. If this property is empty the authentication handler is disabled. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array signatureMethod: description: The signature algorithm to use when signing a SAML message. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array spPrivateKeyAlias: description: >- The alias of the SP's private key in the key-store of the 'authentication-service' system user. If this property is empty the handler will not be able to sign or decrypt messages. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array synchronizeAttributes: description: >- A list of attribute mappings (in the format \attributename=path/relative/to/user/node\) which should be stored in the repository on user-synchronization. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsArray' type: array useEncryption: description: >- Whether or not this authentication handler expects encrypted SAML assertions. If this is enabled the SP's private key must be provided in the key-store of the 'authentication-service' system user (see SP Private Key Alias above). items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsBoolean' type: array userIDAttribute: description: >- The name of the attribute containing the user ID used to authenticate and create the user in the CRX repository. Leave empty to use the Subject:NameId. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array userIntermediatePath: description: User intermediate path to store created users. items: $ref: '#/components/schemas/SamlConfigurationPropertyItemsString' type: array type: object SamlConfigurationPropertyItemsArray: properties: description: description: Property description type: string is_set: description: True if property is set type: boolean name: description: property name type: string optional: description: True if optional type: boolean type: description: 'Property type, 1=String, 3=long, 11=boolean, 12=Password' type: integer values: description: Property value items: type: string type: array type: object SamlConfigurationPropertyItemsBoolean: properties: description: description: Property description type: string is_set: description: True if property is set type: boolean name: description: property name type: string optional: description: True if optional type: boolean type: description: 'Property type, 1=String, 3=long, 11=boolean, 12=Password' type: integer values: description: Property value type: boolean type: object SamlConfigurationPropertyItemsLong: properties: description: description: Property description type: string is_set: description: True if property is set type: boolean name: description: property name type: string optional: description: True if optional type: boolean type: description: 'Property type, 1=String, 3=long, 11=boolean, 12=Password' type: integer values: description: Property value type: integer type: object SamlConfigurationPropertyItemsString: properties: description: description: Property description type: string is_set: description: True if property is set type: boolean name: description: property name type: string optional: description: True if optional type: boolean type: description: 'Property type, 1=String, 3=long, 11=boolean, 12=Password' type: integer values: description: Property value type: string type: object TruststoreInfo: properties: aliases: items: $ref: '#/components/schemas/TruststoreItems' type: array exists: description: False if truststore don't exist type: boolean type: object TruststoreItems: properties: alias: description: Truststore alias name type: string entryType: type: string issuer: description: e.g. "CN=Admin" type: string notAfter: description: 'e.g. "Sun Jun 30 23:59:50 AEST 2019"' type: string notBefore: description: 'e.g. "Sun Jul 01 12:00:00 AEST 2018"' type: string serialNumber: description: '18165099476682912368' type: integer subject: description: e.g. "CN=localhost" type: string type: object