{ "swagger": "2.0", "basePath": "/", "paths": { "/auth/": { "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/model_auth_token" } } }, "summary": "Creates a JSON Web Token(JWT) for authentication", "operationId": "createJWTToken", "parameters": [ { "name": "expires_in", "in": "formData", "type": "integer", "minimum": 60, "maximum": 16070400, "description": "Time (in seconds) when the token expires.", "default": 14400 }, { "name": "scope", "in": "formData", "type": "string", "description": "Access scopes space-separated. Available scopes:\nREADONLY\nNAMESPACES\nJOBS\nUSERS\nHYPERCUBE\nCLEANUP\nLICENSES\nUSAGE\nAUTH\nCONFIGURATION" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] } }, "/auth/ldap-providers": { "put": { "responses": { "404": { "description": "Not found", "schema": { "$ref": "#/definitions/not_found" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Updates the identity provider of type LDAP with the specified name", "description": "Requires admin role.", "operationId": "updateLDAPIdentityProvider", "parameters": [ { "name": "name", "in": "formData", "type": "string", "pattern": "^[\\w-]{3,32}$", "required": true, "description": "Unique identifier of the identity provider." }, { "name": "label", "in": "formData", "type": "string", "pattern": "^[\\w\\-][\\w\\- ]{1,30}[\\w\\-]$", "required": true, "description": "Suggested login tab name" }, { "name": "hidden", "in": "formData", "type": "boolean", "required": true, "description": "Should the identity provider be listed when all identity providers are listed?" }, { "name": "host", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "Host of the LDAP server excluding protocol and port" }, { "name": "port", "in": "formData", "type": "integer", "minimum": 1, "maximum": 65535, "required": true, "description": "Port of the LDAP server. Examples: 389 and 636(for simple_tls)" }, { "name": "uid", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "The LDAP attribute that is used as username. Examples: \"sAMAccountName\" for Active Directory, \"uid\" for OpenLDAP. This will be appended to user_filter with an \"&\" clause." }, { "name": "bind_dn", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "The full DN of the user who is used for binding. Example for OpenLDAP: \"uid=admin,ou=users,dc=example,dc=org\". Example for Active Directory: \"EXAMPLE\\\\admin\"" }, { "name": "password", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "The password of the user who is used for binding" }, { "name": "encryption", "in": "formData", "type": "string", "required": true, "description": "Encryption method", "enum": [ "start_tls", "simple_tls", "plain" ] }, { "name": "verify_certificates", "in": "formData", "type": "boolean", "default": true }, { "name": "active_directory", "in": "formData", "type": "boolean", "description": "Is LDAP server an Active Directory LDAP server. For AD, NTLMv2 authentication is used", "default": false }, { "name": "base", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "DN of the base where users are located. Example for OpenLDAP: \"ou=users,dc=example,dc=com\"" }, { "name": "user_filter", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "LDAP user filter. Format can be found in RFC4515. Examples:\"(objectClass=User)\" or \"(memberOf=cn=gams-engine,ou=groups,dc=example,dc=com)\" or \"&((objectClass=User),(employeeType=developer))\"" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] }, "get": { "responses": { "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/identity_provider_ldap" } } }, "summary": "Lists the LDAP providers", "description": "Requires admin role. `name` field can be used to display only the desired LDAP\nprovider. By default all fields are listed, you can use `X-Fields` to filter the fields.\nFor example, X-Fields: name, label, host, port", "operationId": "listLDAPIdentityProviders", "parameters": [ { "name": "name", "in": "query", "type": "string", "description": "Name of a LDAP provider to show" }, { "name": "X-Fields", "in": "header", "type": "string" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "auth" ] }, "post": { "responses": { "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Creates an identity provider of type LDAP", "description": "Fields are visible through the API after creation only via an\nadmin account. Requires admin role. Timeout value for communication is 10 seconds", "operationId": "createLDAPIdentityProvider", "parameters": [ { "name": "name", "in": "formData", "type": "string", "pattern": "^[\\w-]{3,32}$", "required": true, "description": "A unique string to identify the identity provider" }, { "name": "label", "in": "formData", "type": "string", "pattern": "^[\\w\\-][\\w\\- ]{1,30}[\\w\\-]$", "required": true, "description": "Suggested login tab name" }, { "name": "hidden", "in": "formData", "type": "boolean", "required": true, "description": "Should the identity provider be listed when all identity providers are listed?" }, { "name": "host", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "Host of the LDAP server excluding protocol and port" }, { "name": "port", "in": "formData", "type": "integer", "minimum": 1, "maximum": 65535, "required": true, "description": "Port of the LDAP server. Examples: 389 and 636(for simple_tls)" }, { "name": "uid", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "The LDAP attribute that is used as username. Examples: \"sAMAccountName\" for Active Directory, \"uid\" for OpenLDAP. This will be appended to user_filter with an \"&\" clause." }, { "name": "bind_dn", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "The full DN of the user who is used for binding. Example for OpenLDAP: \"uid=admin,ou=users,dc=example,dc=org\". Example for Active Directory: \"EXAMPLE\\\\admin\"" }, { "name": "password", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "The password of the user who is used for binding" }, { "name": "encryption", "in": "formData", "type": "string", "required": true, "description": "Encryption method", "enum": [ "start_tls", "simple_tls", "plain" ] }, { "name": "verify_certificates", "in": "formData", "type": "boolean", "default": true }, { "name": "active_directory", "in": "formData", "type": "boolean", "description": "Is LDAP server an Active Directory LDAP server. For AD, NTLMv2 authentication is used", "default": false }, { "name": "base", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "DN of the base where users are located. Example for OpenLDAP: \"ou=users,dc=example,dc=com\"" }, { "name": "user_filter", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "LDAP user filter. Format can be found in RFC4515. Examples:\"(objectClass=User)\" or \"(memberOf=cn=gams-engine,ou=groups,dc=example,dc=com)\" or \"&((objectClass=User),(employeeType=developer))\"" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] } }, "/auth/ldap-providers/{provider_name}/login": { "parameters": [ { "name": "provider_name", "in": "path", "required": true, "type": "string" } ], "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Not found", "schema": { "$ref": "#/definitions/not_found" } }, "401": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/model_auth_token" } } }, "summary": "Creates a JSON Web Token(JWT) for authentication (username and password in request body)", "operationId": "loginWithLDAP", "parameters": [ { "name": "grant_type", "in": "formData", "type": "string", "default": "password", "enum": [ "password" ] }, { "name": "username", "in": "formData", "type": "string", "required": true, "description": "LDAP Username" }, { "name": "password", "in": "formData", "type": "string", "required": true, "description": "LDAP Password" }, { "name": "scope", "in": "formData", "type": "string", "description": "Access scopes space-separated. Available scopes:\nREADONLY\nNAMESPACES\nJOBS\nUSERS\nHYPERCUBE\nCLEANUP\nLICENSES\nUSAGE\nAUTH\nCONFIGURATION" }, { "name": "expires_in", "in": "formData", "type": "integer", "minimum": 60, "maximum": 16070400, "description": "Time (in seconds) when the token expires.", "default": 14400 }, { "name": "access_scopes", "in": "formData", "type": "array", "description": "Deprecated, please use `scope` instead. Access scopes. Possible values:\nREADONLY\nNAMESPACES\nJOBS\nUSERS\nHYPERCUBE\nCLEANUP\nLICENSES\nUSAGE\nAUTH\nCONFIGURATION", "items": { "type": "string" }, "collectionFormat": "multi", "enum": [ "READONLY", "NAMESPACES", "JOBS", "USERS", "HYPERCUBE", "CLEANUP", "LICENSES", "USAGE", "AUTH", "CONFIGURATION" ] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] } }, "/auth/login": { "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/model_auth_token" } } }, "summary": "Creates a JSON Web Token(JWT) for authentication (username and password in request body)", "operationId": "createJWTTokenJSON", "parameters": [ { "name": "grant_type", "in": "formData", "type": "string", "default": "password", "enum": [ "password" ] }, { "name": "username", "in": "formData", "type": "string", "required": true }, { "name": "password", "in": "formData", "type": "string", "required": true }, { "name": "scope", "in": "formData", "type": "string", "description": "Access scopes space-separated. Available scopes:\nREADONLY\nNAMESPACES\nJOBS\nUSERS\nHYPERCUBE\nCLEANUP\nLICENSES\nUSAGE\nAUTH\nCONFIGURATION" }, { "name": "expires_in", "in": "formData", "type": "integer", "minimum": 60, "maximum": 16070400, "description": "Time (in seconds) when the token expires.", "default": 14400 }, { "name": "access_scopes", "in": "formData", "type": "array", "description": "Deprecated, please use `scope` instead. Access scopes. Possible values:\nREADONLY\nNAMESPACES\nJOBS\nUSERS\nHYPERCUBE\nCLEANUP\nLICENSES\nUSAGE\nAUTH\nCONFIGURATION", "items": { "type": "string" }, "collectionFormat": "multi", "enum": [ "READONLY", "NAMESPACES", "JOBS", "USERS", "HYPERCUBE", "CLEANUP", "LICENSES", "USAGE", "AUTH", "CONFIGURATION" ] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] } }, "/auth/logout": { "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Invalidates all of your JSON Web Tokens(JWTs)", "operationId": "invalidateJWTTokens", "security": [ { "BasicAuth": [] } ], "tags": [ "auth" ] } }, "/auth/oauth2-providers": { "put": { "responses": { "404": { "description": "Identity provider not found", "schema": { "$ref": "#/definitions/not_found" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Updates the identity provider of type OAuth2 with the specified name", "description": "Requires admin role.", "operationId": "updateOAuth2IdentityProvider", "parameters": [ { "name": "name", "in": "formData", "type": "string", "pattern": "^[\\w-]{3,32}$", "required": true, "description": "Unique identifier of the identity provider." }, { "name": "label", "in": "formData", "type": "string", "pattern": "^[\\w\\-][\\w\\- ]{1,30}[\\w\\-]$", "required": true, "description": "Suggested login button string" }, { "name": "hidden", "in": "formData", "type": "boolean", "required": true, "description": "Should the identity provider be listed when identity providers are listed. Client secrets are never displayed whether the identity provider is hidden or not." }, { "name": "web_ui_client_id", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "OAuth 2.0 client id that should be used by Engine UI while logging in" }, { "name": "web_ui_client_secret", "in": "formData", "type": "string", "minLength": 1, "maxLength": 512, "description": "OAuth 2.0 client secret that should be used by Engine UI while logging in. We recommend using a public OAuth 2.0 client and not specifying a secret, as Engine UI is a single-page application and cannot store client secrets. However, if this is not possible, you can use a slightly modified version of the Authorization Code Flow and have the API send token requests with the secret on your behalf." }, { "name": "device_client_id", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "OAuth 2.0 client ID, which should be used by clients that do not have browser access. The client must be a public client." }, { "name": "issuer", "in": "formData", "type": "string", "required": true, "description": "URL using the https scheme with no query or fragment component that the OP asserts as its Issuer Identifier." }, { "name": "override_audience", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "By default, JWT tokens are expected to have audience claim matching the hostname in the configuration. To change expected audience for this provider, you can provide override_audience. Please try to avoid this. Instead, set the hostname properly in the Engine configuration and in the authorization server." }, { "name": "use_oidc_discover", "in": "formData", "type": "boolean", "description": "Should OpenID Connect Discovery be used. Fetches information from issuer URL appended with /.well-known/openid-configuration", "default": false }, { "name": "use_oauth2_auth_server_metadata", "in": "formData", "type": "boolean", "description": "Should OAuth 2.0 Authorization Server Metadata be used.Fetches information from issuer URL appended with /.well-known/oauth-authorization-server", "default": false }, { "name": "authorization_endpoint", "in": "formData", "type": "string", "description": "Required unless discovery is used. URL of the OP's OAuth 2.0 Authorization Endpoint (ignored if discovery is used)." }, { "name": "token_endpoint", "in": "formData", "type": "string", "description": "URL of the OP's OAuth 2.0 Token Endpoint (ignored if discovery is used)." }, { "name": "jwks_uri", "in": "formData", "type": "string", "description": "Required unless discovery is used. URL of the OP's JSON Web Key Set document (ignored if discovery is used)." }, { "name": "response_types_supported", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "description": "Required unless discovery is used. Array containing a list of the OAuth 2.0 response_type values that this OP supports (ignored if discovery is used).", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "grant_types_supported", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "description": "Array containing a list of the OAuth 2.0 Grant Type values that this OP supports (ignored if discovery is used).", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "token_endpoint_auth_methods_supported", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "description": "Array containing a list of client authentication methods supported by the OP's token endpoint (ignored if discovery is used).", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "end_session_endpoint", "in": "formData", "type": "string", "description": "URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP (ignored if discovery is used)" }, { "name": "device_authorization_endpoint", "in": "formData", "type": "string", "description": "URL of the authorization server's device authorization endpoint (ignored if discovery is used)" }, { "name": "request_scope_READONLY", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'READONLY' scope", "default": "READONLY" }, { "name": "request_scope_NAMESPACES", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'NAMESPACES' scope", "default": "NAMESPACES" }, { "name": "request_scope_JOBS", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'JOBS' scope", "default": "JOBS" }, { "name": "request_scope_USERS", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'USERS' scope", "default": "USERS" }, { "name": "request_scope_HYPERCUBE", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'HYPERCUBE' scope", "default": "HYPERCUBE" }, { "name": "request_scope_CLEANUP", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'CLEANUP' scope", "default": "CLEANUP" }, { "name": "request_scope_LICENSES", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'LICENSES' scope", "default": "LICENSES" }, { "name": "request_scope_USAGE", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'USAGE' scope", "default": "USAGE" }, { "name": "request_scope_AUTH", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'AUTH' scope", "default": "AUTH" }, { "name": "request_scope_CONFIGURATION", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'CONFIGURATION' scope", "default": "CONFIGURATION" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] }, "get": { "responses": { "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/identity_provider_oauth2_with_secret" } } } }, "summary": "Lists the OAuth2 providers", "description": "Requires admin role, as it displays client secrets. `name` field can be used\nto display only the desired OAuth2 provider. By default all fields are listed, you can use `X-Fields` to filter\nthe fields. For example, X-Fields: name, label, scopes", "operationId": "listOAuth2IdentityProviders", "parameters": [ { "name": "name", "in": "query", "type": "string", "description": "Name of a OAuth2 provider to show" }, { "name": "X-Fields", "in": "header", "type": "string" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "auth" ] }, "post": { "responses": { "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Creates an identity provider of type OAuth2", "description": "The access token provided by the identity provider\nmust be a valid JWT token. Opaque tokens are not supported. Requires admin role.", "operationId": "createOAuth2IdentityProvider", "parameters": [ { "name": "name", "in": "formData", "type": "string", "pattern": "^[\\w-]{3,32}$", "required": true, "description": "A unique string to identify the identity provider." }, { "name": "label", "in": "formData", "type": "string", "pattern": "^[\\w\\-][\\w\\- ]{1,30}[\\w\\-]$", "required": true, "description": "Suggested login button string" }, { "name": "hidden", "in": "formData", "type": "boolean", "required": true, "description": "Should the identity provider be listed when identity providers are listed. Client secrets are never displayed whether the identity provider is hidden or not." }, { "name": "web_ui_client_id", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "OAuth 2.0 client id that should be used by Engine UI while logging in" }, { "name": "web_ui_client_secret", "in": "formData", "type": "string", "minLength": 1, "maxLength": 512, "description": "OAuth 2.0 client secret that should be used by Engine UI while logging in. We recommend using a public OAuth 2.0 client and not specifying a secret, as Engine UI is a single-page application and cannot store client secrets. However, if this is not possible, you can use a slightly modified version of the Authorization Code Flow and have the API send token requests with the secret on your behalf." }, { "name": "device_client_id", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "OAuth 2.0 client ID, which should be used by clients that do not have browser access. The client must be a public client." }, { "name": "issuer", "in": "formData", "type": "string", "required": true, "description": "URL using the https scheme with no query or fragment component that the OP asserts as its Issuer Identifier." }, { "name": "override_audience", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "By default, JWT tokens are expected to have audience claim matching the hostname in the configuration. To change expected audience for this provider, you can provide override_audience. Please try to avoid this. Instead, set the hostname properly in the Engine configuration and in the authorization server." }, { "name": "use_oidc_discover", "in": "formData", "type": "boolean", "description": "Should OpenID Connect Discovery be used. Fetches information from issuer URL appended with /.well-known/openid-configuration", "default": false }, { "name": "use_oauth2_auth_server_metadata", "in": "formData", "type": "boolean", "description": "Should OAuth 2.0 Authorization Server Metadata be used.Fetches information from issuer URL appended with /.well-known/oauth-authorization-server", "default": false }, { "name": "authorization_endpoint", "in": "formData", "type": "string", "description": "Required unless discovery is used. URL of the OP's OAuth 2.0 Authorization Endpoint (ignored if discovery is used)." }, { "name": "token_endpoint", "in": "formData", "type": "string", "description": "URL of the OP's OAuth 2.0 Token Endpoint (ignored if discovery is used)." }, { "name": "jwks_uri", "in": "formData", "type": "string", "description": "Required unless discovery is used. URL of the OP's JSON Web Key Set document (ignored if discovery is used)." }, { "name": "response_types_supported", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "description": "Required unless discovery is used. Array containing a list of the OAuth 2.0 response_type values that this OP supports (ignored if discovery is used).", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "grant_types_supported", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "description": "Array containing a list of the OAuth 2.0 Grant Type values that this OP supports (ignored if discovery is used).", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "token_endpoint_auth_methods_supported", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "description": "Array containing a list of client authentication methods supported by the OP's token endpoint (ignored if discovery is used).", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "end_session_endpoint", "in": "formData", "type": "string", "description": "URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP (ignored if discovery is used)" }, { "name": "device_authorization_endpoint", "in": "formData", "type": "string", "description": "URL of the authorization server's device authorization endpoint (ignored if discovery is used)" }, { "name": "request_scope_READONLY", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'READONLY' scope", "default": "READONLY" }, { "name": "request_scope_NAMESPACES", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'NAMESPACES' scope", "default": "NAMESPACES" }, { "name": "request_scope_JOBS", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'JOBS' scope", "default": "JOBS" }, { "name": "request_scope_USERS", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'USERS' scope", "default": "USERS" }, { "name": "request_scope_HYPERCUBE", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'HYPERCUBE' scope", "default": "HYPERCUBE" }, { "name": "request_scope_CLEANUP", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'CLEANUP' scope", "default": "CLEANUP" }, { "name": "request_scope_LICENSES", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'LICENSES' scope", "default": "LICENSES" }, { "name": "request_scope_USAGE", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'USAGE' scope", "default": "USAGE" }, { "name": "request_scope_AUTH", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'AUTH' scope", "default": "AUTH" }, { "name": "request_scope_CONFIGURATION", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "Scope that the client should request from the OP to get 'CONFIGURATION' scope", "default": "CONFIGURATION" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] } }, "/auth/oauth2-token": { "post": { "responses": { "428": { "description": "Authorization pending or slow down", "schema": { "$ref": "#/definitions/token_forward_error" } }, "404": { "description": "Identity provider not found", "schema": { "$ref": "#/definitions/not_found" } }, "401": { "description": "Unauthenticated", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/forwarded_token_response" } } }, "summary": "Sends a request on your behalf to the OAuth provider token endpoint with the client secret", "description": "This endpoint is only for \"Authorization Code Flow\" and \"Device Code Flow\" flow.\nIt works only with OAuth 2.0/OIDC providers with a client secret.\nIt is not recommended to use this endpoint if you can register a public client.\nToken forwarding for Device Code Flow is only allowed for OIDC clients.", "operationId": "fetchOAuth2TokenOnBehalf", "parameters": [ { "name": "grant_type", "in": "query", "type": "string", "description": "Grant type of the forwarded request", "default": "authorization_code", "enum": [ "authorization_code", "urn:ietf:params:oauth:grant-type:device_code" ] }, { "name": "identity_provider_name", "in": "formData", "type": "string", "pattern": "^[\\w-]{3,32}$", "required": true, "description": "Unique identifier of the identity provider." }, { "name": "code", "in": "formData", "type": "string", "minLength": 1, "maxLength": 5000, "description": "Code from the OAuth2 Server, required for authorization code flow" }, { "name": "code_verifier", "in": "formData", "type": "string", "minLength": 43, "maxLength": 128, "description": "PKCE code verifier, required for authorization code flow" }, { "name": "redirect_uri", "in": "formData", "type": "string", "format": "uri", "description": "Redirection URI used when initiating the request, required for authorization code flow" }, { "name": "device_code", "in": "formData", "type": "string", "minLength": 1, "maxLength": 5000, "description": "The device verification code, required for device flow" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] } }, "/auth/oidc-providers": { "put": { "responses": { "404": { "description": "Identity provider not found", "schema": { "$ref": "#/definitions/not_found" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Updates the identity provider of type OIDC with the specified name", "description": "Requires admin role.", "operationId": "updateOIDCIdentityProvider", "parameters": [ { "name": "name", "in": "formData", "type": "string", "pattern": "^[\\w-]{3,32}$", "required": true, "description": "Unique identifier of the identity provider." }, { "name": "label", "in": "formData", "type": "string", "pattern": "^[\\w\\-][\\w\\- ]{1,30}[\\w\\-]$", "required": true, "description": "Suggested login button string" }, { "name": "hidden", "in": "formData", "type": "boolean", "required": true, "description": "Should the identity provider be listed when identity providers are listed. Client secrets are never displayed whether the identity provider is hidden or not." }, { "name": "web_ui_client_id", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "OAuth 2.0 client id that should be used by Engine UI while logging in" }, { "name": "web_ui_client_secret", "in": "formData", "type": "string", "minLength": 1, "maxLength": 512, "description": "OAuth 2.0 client secret that should be used by Engine UI while logging in. We recommend using a public OAuth 2.0 client and not specifying a secret, as Engine UI is a single-page application and cannot store client secrets. However, if this is not possible, you can use a slightly modified version of the Authorization Code Flow and have the API send token requests with the secret on your behalf." }, { "name": "device_client_id", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "OAuth 2.0 client ID, which should be used by clients that do not have browser access." }, { "name": "device_client_secret", "in": "formData", "type": "string", "minLength": 1, "maxLength": 512, "description": "OAuth 2.0 client secret that should be used by devices while logging in. We recommend using a public OAuth 2.0 client and not specifying a secret. However, if this is not possible, you can use a slightly modified version of the Device Code Flow and have the API send token requests with the secret on your behalf." }, { "name": "extra_client_ids", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "description": "Array of extra OAuth 2.0 client IDs from which the API accepts ID tokens", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "issuer", "in": "formData", "type": "string", "required": true, "description": "URL using the https scheme with no query or fragment component that the OP asserts as its Issuer Identifier." }, { "name": "use_oidc_discover", "in": "formData", "type": "boolean", "description": "Should OpenID Connect Discovery be used. Fetches information from issuer URL appended with /.well-known/openid-configuration", "default": false }, { "name": "authorization_endpoint", "in": "formData", "type": "string", "description": "Required unless discovery is used. URL of the OP's OAuth 2.0 Authorization Endpoint (ignored if discovery is used)." }, { "name": "token_endpoint", "in": "formData", "type": "string", "description": "URL of the OP's OAuth 2.0 Token Endpoint (ignored if discovery is used)." }, { "name": "jwks_uri", "in": "formData", "type": "string", "description": "Required unless discovery is used. URL of the OP's JSON Web Key Set document (ignored if discovery is used)." }, { "name": "end_session_endpoint", "in": "formData", "type": "string", "description": "URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP (ignored if discovery is used)" }, { "name": "device_authorization_endpoint", "in": "formData", "type": "string", "description": "URL of the authorization server's device authorization endpoint (ignored if discovery is used)" }, { "name": "token_endpoint_auth_methods_supported", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "description": "Array containing a list of client authentication methods supported by the OP's token endpoint (ignored if discovery is used).", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "scopes", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "required": true, "description": "The scopes that will be requested from the OP", "default": [ "openid", "profile", "email" ], "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "uid", "in": "formData", "type": "string", "minLength": 1, "maxLength": 64, "description": "The claim from the OIDC ID token to use as the user's unique identifier. The `sub` claim is the default and recommended value.", "default": "sub" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] }, "get": { "responses": { "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/identity_provider_oidc_with_secret" } } } }, "summary": "Lists the OIDC providers", "description": "Requires admin role, as it displays client secrets. `name` field can be used\nto display only the desired OIDC provider. By default all fields are listed, you can use `X-Fields` to filter\nthe fields. For example, X-Fields: name, label, uid", "operationId": "listOIDCIdentityProviders", "parameters": [ { "name": "name", "in": "query", "type": "string", "description": "Name of a OIDC provider to show" }, { "name": "X-Fields", "in": "header", "type": "string" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "auth" ] }, "post": { "responses": { "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Creates an identity provider of type OIDC", "description": "The id token provided by the identity provider must be a valid JWT\ntoken where the audience matches the web_ui_client_id, the device_client_id or any of the extra_client_ids. Requires admin role.", "operationId": "createOIDCIdentityProvider", "parameters": [ { "name": "name", "in": "formData", "type": "string", "pattern": "^[\\w-]{3,32}$", "required": true, "description": "A unique string to identify the identity provider." }, { "name": "label", "in": "formData", "type": "string", "pattern": "^[\\w\\-][\\w\\- ]{1,30}[\\w\\-]$", "required": true, "description": "Suggested login button string" }, { "name": "hidden", "in": "formData", "type": "boolean", "required": true, "description": "Should the identity provider be listed when identity providers are listed. Client secrets are never displayed whether the identity provider is hidden or not." }, { "name": "web_ui_client_id", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "required": true, "description": "OAuth 2.0 client id that should be used by Engine UI while logging in" }, { "name": "web_ui_client_secret", "in": "formData", "type": "string", "minLength": 1, "maxLength": 512, "description": "OAuth 2.0 client secret that should be used by Engine UI while logging in. We recommend using a public OAuth 2.0 client and not specifying a secret, as Engine UI is a single-page application and cannot store client secrets. However, if this is not possible, you can use a slightly modified version of the Authorization Code Flow and have the API send token requests with the secret on your behalf." }, { "name": "device_client_id", "in": "formData", "type": "string", "minLength": 1, "maxLength": 255, "description": "OAuth 2.0 client ID, which should be used by clients that do not have browser access." }, { "name": "device_client_secret", "in": "formData", "type": "string", "minLength": 1, "maxLength": 512, "description": "OAuth 2.0 client secret that should be used by devices while logging in. We recommend using a public OAuth 2.0 client and not specifying a secret. However, if this is not possible, you can use a slightly modified version of the Device Code Flow and have the API send token requests with the secret on your behalf." }, { "name": "extra_client_ids", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "description": "Array of extra OAuth 2.0 client IDs from which the API accepts ID tokens", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "issuer", "in": "formData", "type": "string", "required": true, "description": "URL using the https scheme with no query or fragment component that the OP asserts as its Issuer Identifier." }, { "name": "use_oidc_discover", "in": "formData", "type": "boolean", "description": "Should OpenID Connect Discovery be used. Fetches information from issuer URL appended with /.well-known/openid-configuration", "default": false }, { "name": "authorization_endpoint", "in": "formData", "type": "string", "description": "Required unless discovery is used. URL of the OP's OAuth 2.0 Authorization Endpoint (ignored if discovery is used)." }, { "name": "token_endpoint", "in": "formData", "type": "string", "description": "URL of the OP's OAuth 2.0 Token Endpoint (ignored if discovery is used)." }, { "name": "jwks_uri", "in": "formData", "type": "string", "description": "Required unless discovery is used. URL of the OP's JSON Web Key Set document (ignored if discovery is used)." }, { "name": "end_session_endpoint", "in": "formData", "type": "string", "description": "URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP (ignored if discovery is used)" }, { "name": "device_authorization_endpoint", "in": "formData", "type": "string", "description": "URL of the authorization server's device authorization endpoint (ignored if discovery is used)" }, { "name": "token_endpoint_auth_methods_supported", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "description": "Array containing a list of client authentication methods supported by the OP's token endpoint (ignored if discovery is used).", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "scopes", "in": "formData", "type": "array", "minLength": 1, "maxLength": 255, "required": true, "description": "The scopes that will be requested from the OP", "default": [ "openid", "profile", "email" ], "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "uid", "in": "formData", "type": "string", "minLength": 1, "maxLength": 64, "description": "The claim from the OIDC ID token to use as the user's unique identifier. The `sub` claim is the default and recommended value.", "default": "sub" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] } }, "/auth/oidc-providers/login": { "post": { "responses": { "401": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/model_auth_token" } } }, "summary": "Creates a JSON Web Token(JWT) for authentication in exchange for a valid ID token from your OIDC identity provider", "description": "An ID token can only be used once to get an access token.", "operationId": "loginWithOIDC", "parameters": [ { "name": "id_token", "in": "formData", "type": "string", "minLength": 80, "maxLength": 2048, "required": true, "description": "ID Token of the user" }, { "name": "scope", "in": "formData", "type": "string", "description": "Access scopes space-separated. Available scopes:\nREADONLY\nNAMESPACES\nJOBS\nUSERS\nHYPERCUBE\nCLEANUP\nLICENSES\nUSAGE\nAUTH\nCONFIGURATION" }, { "name": "expires_in", "in": "formData", "type": "integer", "minimum": 60, "maximum": 16070400, "description": "Time (in seconds) when the token expires.", "default": 14400 } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] } }, "/auth/password-policy": { "put": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Update the password policy for Engine managed users", "operationId": "updatePasswordPolicy", "parameters": [ { "name": "min_password_length", "in": "formData", "type": "integer", "minimum": 8, "maximum": 70, "required": true }, { "name": "must_include_uppercase", "in": "formData", "type": "boolean", "required": true }, { "name": "must_include_lowercase", "in": "formData", "type": "boolean", "required": true }, { "name": "must_include_number", "in": "formData", "type": "boolean", "required": true }, { "name": "must_include_special_char", "in": "formData", "type": "boolean", "required": true }, { "name": "not_in_popular_passwords", "in": "formData", "type": "boolean", "required": true } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "auth" ] }, "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/password_policy" } } }, "summary": "Get the current password policy for Engine managed users", "operationId": "getPasswordPolicy", "tags": [ "auth" ] } }, "/auth/providers": { "get": { "responses": { "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/identity_provider" } } } }, "summary": "Lists the visible identity providers that are supported by Engine", "description": "If the name is specified, the identity\nprovider is displayed, regardless of whether it is hidden or not.", "operationId": "listIdentityProviders", "parameters": [ { "name": "name", "in": "query", "type": "string", "description": "Name of the identity provider to display. If not specified, all visible identity providers are listed. To display a hidden identity provider, its name must be specified" } ], "tags": [ "auth" ] }, "delete": { "responses": { "404": { "description": "Identity provider not found", "schema": { "$ref": "#/definitions/not_found" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes the identity provider with the specified name", "description": "Unused invitations that use this identity provider are\nconsidered invalid. Users using this identity provider can no longer sign in, and their identity provider must\nbe updated before they can sign in again. All JWT tokens signed by this identity provider are considered\ninvalid. Requires admin role.", "operationId": "deleteIdentityProvider", "parameters": [ { "name": "name", "in": "query", "type": "string", "pattern": "^[\\w-]{3,32}$", "required": true, "description": "Unique identifier of the identity provider." } ], "security": [ { "BasicAuth": [] } ], "tags": [ "auth" ] } }, "/auth/providers/all": { "get": { "responses": { "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/identity_provider" } } } }, "summary": "Lists the all identity providers supported by Engine", "description": "Requires admin role.", "operationId": "listAllIdentityProviders", "security": [ { "BasicAuth": [] } ], "tags": [ "auth" ] } }, "/cleanup/results": { "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Page not found" }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/cleanable_job_result_page" } } }, "summary": "Lists all job and Hypercube results", "description": "Admins can see everyone's results.\nInviters can see results of their own jobs as well as jobs of their invitees.\nUsers can only see results of their own jobs.\nNote that jobs that are shared with the logged in user via access groups are not listed here.\n\nIf the page is not one and there are no elements on this page, throws 404.", "operationId": "listResults", "parameters": [ { "name": "page", "in": "query", "type": "integer", "minimum": 1, "maximum": 2147483647, "default": 1 }, { "name": "per_page", "in": "query", "type": "integer", "minimum": 0, "maximum": 2147483647, "default": 0 }, { "name": "order_by", "in": "query", "type": "string", "default": "upload_date", "enum": [ "filename", "username", "namespace", "length", "upload_date" ] }, { "name": "order_asc", "in": "query", "type": "boolean", "default": false }, { "name": "from_datetime", "in": "query", "type": "string", "format": "date-time", "description": "iso8601 Datetime to select the results if they are uploaded before." }, { "name": "to_datetime", "in": "query", "type": "string", "format": "date-time", "description": "iso8601 Datetime to select the results if they are uploaded after." }, { "name": "namespace", "in": "query", "type": "string", "description": "Filter results by namespace." } ], "security": [ { "BasicAuth": [] } ], "tags": [ "cleanup" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "413": { "description": "Too many files specified", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Some files are not found", "schema": { "$ref": "#/definitions/files_not_found" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes job results and Hypercube results", "description": "If a submission token is specified, text entries are also deleted.\nAdmins can delete everyone's results.\nInviters can delete results of their own jobs as well as jobs of their invitees.\nUsers can only delete results of their own jobs.\nNote that jobs that are shared with the logged in user via access groups cannot be deleted via this endpoint.\n\nAt most 1000 files can be deleted with a single request.", "operationId": "removeResults", "parameters": [ { "name": "filename", "in": "query", "type": "array", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "token", "in": "query", "type": "array", "format": "UUID", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "hypercube_token", "in": "query", "type": "array", "format": "UUID", "items": { "type": "string" }, "collectionFormat": "multi" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "cleanup" ] } }, "/configuration": { "get": { "responses": { "200": { "description": "Successful", "schema": { "$ref": "#/definitions/model_configuration" } } }, "summary": "Returns current configuration", "operationId": "getConfiguration", "tags": [ "default" ] }, "patch": { "responses": { "405": { "description": "Not supported", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Updates configuration", "description": "Requires admin role.", "operationId": "updateConfiguration", "parameters": [ { "name": "webhook_access", "in": "formData", "type": "string", "description": "Whether to enable webhook access or enable it for admins only. Possible values are: ['DISABLED', 'ADMIN_ONLY', 'ENABLED']", "enum": [ "DISABLED", "ADMIN_ONLY", "ENABLED" ] }, { "name": "instance_pool_access", "in": "formData", "type": "string", "description": "Whether to enable instance pool access, enable it for admins or inviters only. If access to instance pools is removed for specific user roles or for all, existing instance pools are not affected. Only new pools cannot be created by these users. Existing instance pools can still be deleted. Possible values are: ['DISABLED', 'ADMIN_ONLY', 'INVITER_ONLY', 'ENABLED']", "enum": [ "DISABLED", "ADMIN_ONLY", "INVITER_ONLY", "ENABLED" ] }, { "name": "job_priorities_access", "in": "formData", "type": "string", "description": "Whether to enable job priorities. WARNING: Enable/disable job priorities when the system is not in use, as jobs submitted while the feature is enabled/disabled may end up in an inconsistent state. Possible values are: ['DISABLED', 'ENABLED']", "enum": [ "DISABLED", "ENABLED" ] }, { "name": "text_entries_max_size", "in": "formData", "type": "integer", "minimum": 0, "maximum": 1000000000.0, "description": "Maximum size (in bytes) for text entries. Text entries that exceed this size will be truncated." }, { "name": "hostname", "in": "formData", "type": "string", "format": "uri", "description": "Hostname of the Engine API. It is used for authentication purposes. It must match value from the authorization server. For example, https://engine.gams.com/api" }, { "name": "custom_cas", "in": "formData", "type": "string", "description": "Custom certificate authorities that are used when validating SSL certificates e.g. when sending webhooks, connecting to identity providers etc.The certificates must be provided in PEM format (RFC 1422). Set to empty string to remove custom CAs." }, { "name": "use_brokerv2", "in": "formData", "type": "boolean", "description": "Flag indicating whether to use brokerv2." } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "default" ] } }, "/hypercube/": { "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Page not found" }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/hypercube_page" } } }, "summary": "Lists the Hypercube jobs sent by the user unless `everyone` flag is set", "description": "If user has admin role and `everyone` flag is set, all Hypercube jobs are listed.\nIf user is not inviter or admin and `everyone` flag is set,\nall visible Hypercube jobs (Hypercube jobs that were assigned to a user group that user is member of) are listed.\nIf user is inviter and 'everyone' flag is set, Hypercube jobs of all invitees will be listed additionally.\n\nIf `page` is not one and there are no elements at that page, throws 404.\nDue to performance issues the fields `result_exists`, `dep_tokens`, `labels` and `access_groups`\nare only provided for queries for a single Hypercube job.\n\nIf `show_only_active` flag is set it only shows hypercube jobs that are not finished.\n`labels.resource_warning`, `labels.instance`, `labels.multiplier`, `access_groups` and `tag` fields are hidden by default for compatibility reasons,\nplease use X-Fields header to get it.\nFor example: X-Fields: \\*, labels{\\*}", "operationId": "listHypercubes", "parameters": [ { "name": "hypercube_token", "in": "query", "type": "string", "format": "UUID", "description": "Hypercube token to filter" }, { "name": "everyone", "in": "query", "type": "boolean", "description": "Can be set by admin/inviter; shows Hypercube submissions of everyone/invitees" }, { "name": "page", "in": "query", "type": "integer", "minimum": 1, "maximum": 2147483647, "default": 1 }, { "name": "per_page", "in": "query", "type": "integer", "minimum": 0, "maximum": 2147483647, "default": 0 }, { "name": "X-Fields", "in": "header", "type": "string" }, { "name": "order_by", "in": "query", "type": "string", "default": "submitted_at", "enum": [ "model", "namespace", "finished", "job_count", "submitted_at", "user" ] }, { "name": "order_asc", "in": "query", "type": "boolean", "default": false }, { "name": "show_only_active", "in": "query", "type": "boolean", "default": false } ], "security": [ { "BasicAuth": [] } ], "tags": [ "hypercube" ] }, "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Model or namespace not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "402": { "description": "Quota exceeded", "schema": { "$ref": "#/definitions/quota_exceeded" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/hypercube_token" } } }, "summary": "Posts a Hypercube job", "description": "If the model is a registered model, execute permission for the namespace is required.\nIf model is a temporary model execute and write permission for the namespace is required.\nWhen the disk or volume quota reaches 80%, quota_warning is included in the response.", "operationId": "createHypercube", "parameters": [ { "name": "model", "in": "query", "type": "string", "required": true, "description": "Name of the model" }, { "name": "run", "in": "query", "type": "string", "description": "Name of the main gms file with its extension. Will use model + '.gms' if not provided." }, { "name": "model_data", "in": "formData", "type": "file", "description": "Zip file containing model files, if model is not registered" }, { "name": "namespace", "in": "query", "type": "string", "required": true, "description": "Namespace containing(or will contain) the model" }, { "name": "data", "in": "formData", "type": "file", "description": "File containing data in zip" }, { "name": "inex_file", "in": "formData", "type": "file", "description": "Optional JSON file to filter the contents of the result zip file" }, { "name": "inex_string", "in": "query", "type": "string", "description": "Optional JSON string to filter the contents of the result zip file (inex_file takes precedence if specified)" }, { "name": "arguments", "in": "query", "type": "array", "description": "Arguments that will be passed to GAMS call", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "dep_tokens", "in": "query", "type": "array", "format": "UUID", "description": "Tokens of jobs on which this job depends. The order defines the order in which the results of dependent jobs are extracted.", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "labels", "in": "query", "type": "array", "description": "Labels that will be attached to the job in key=value. Currently supported labels are: cpu_request, memory_request, workspace_request, node_selectors, tolerations, instance", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "tag", "in": "query", "type": "string", "description": "Human-readable tag to assign to job (at most 255 characters)" }, { "name": "access_groups", "in": "query", "type": "array", "description": "Labels of user groups that should be able to access this job.", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "priority", "in": "query", "type": "string", "description": "Job priority. Only available if job priorities feature is enabled. Possible values are: low, medium, high", "enum": [ "low", "medium", "high" ] }, { "name": "stdout_filename", "in": "query", "type": "string" }, { "name": "hypercube_file", "in": "formData", "type": "file", "required": true, "description": "Hypercube description file" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "multipart/form-data" ], "tags": [ "hypercube" ] } }, "/hypercube/{hypercube_token}": { "parameters": [ { "name": "hypercube_token", "in": "path", "required": true, "type": "string" } ], "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Hypercube not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Already cancelled", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Terminates the unfinished jobs that belong to a Hypercube job", "description": "Job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "killHypercube", "parameters": [ { "name": "hard_kill", "in": "query", "type": "boolean", "description": "Sends SIGKILL if true, SIGINT otherwise", "default": false } ], "security": [ { "BasicAuth": [] } ], "tags": [ "hypercube" ] } }, "/hypercube/{hypercube_token}/access-groups": { "parameters": [ { "name": "hypercube_token", "in": "path", "required": true, "type": "string" } ], "put": { "responses": { "404": { "description": "Job not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Update access groups that can access a Hypercube job", "description": "Can be queried via listHypercubes endpoint.", "operationId": "updateHypercubeAccessGroups", "parameters": [ { "name": "access_groups", "in": "query", "type": "array", "description": "Labels of user groups that should be able to access this job.", "items": { "type": "string" }, "collectionFormat": "multi" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "hypercube" ] } }, "/hypercube/{hypercube_token}/result": { "parameters": [ { "name": "hypercube_token", "in": "path", "required": true, "type": "string" } ], "head": { "responses": { "500": { "description": "Internal error" }, "404": { "description": "No job found" }, "403": { "description": "Unauthorized access / File not found" }, "200": { "description": "Successful", "headers": { "st_size": { "description": "Size of the file in bytes", "type": "string" }, "md5_hash": { "description": "MD5 hash of file", "type": "string" } } } }, "summary": "Gets md5 hash and file size information of Hypercube job result", "description": "The job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "getHypercubeZipInfo", "security": [ { "BasicAuth": [] } ], "tags": [ "hypercube" ] }, "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Result not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "file" } } }, "summary": "Downloads Hypercube job result", "description": "The job must belong to the logged in user, an invitee of the logged in user, or logged in user must have admin role.", "operationId": "getHypercubeZip", "security": [ { "BasicAuth": [] } ], "produces": [ "application/zip" ], "tags": [ "hypercube" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Result not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes the results of the Hypercube job", "description": "Job must belong to the logged in user, an invitee of the logged in user, or logged in user must have admin role.", "operationId": "deleteHypercubeZip", "security": [ { "BasicAuth": [] } ], "tags": [ "hypercube" ] } }, "/hypercube/{hypercube_token}/status": { "parameters": [ { "name": "hypercube_token", "in": "path", "required": true, "type": "string" } ] }, "/hypercube/{hypercube_token}/tag": { "parameters": [ { "name": "hypercube_token", "in": "path", "required": true, "type": "string" } ], "put": { "responses": { "404": { "description": "Job not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Update human-readable tag of a Hypercube job", "description": "Stored in `tag` field. Can be queried via listHypercubes endpoint.", "operationId": "updateHypercubeTag", "parameters": [ { "name": "tag", "in": "query", "type": "string", "pattern": "^.{0,255}$", "required": true, "description": "Human-readable tag to assign to job (at most 255 characters)" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "hypercube" ] } }, "/jobs/": { "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Page not found" }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/job_no_text_entry_page" } } }, "summary": "Lists the jobs of the user unless `everyone` flag is set", "description": "If user has admin role and `everyone` flag is set, all jobs are listed.\nIf user is not inviter or admin and `everyone` flag is set,\nall visible jobs (jobs that were assigned to a user group that user is member of) are listed.\nIf user is inviter and 'everyone' flag is set, jobs of all invitees will be listed additionally.\n\nIf `page` is not one and there are no elements at that page, throws 404.\n\n`per_page` is zero by default and it indicates that you want all the values.\nIf a non-zero value provided to `per_page`, result will be paginated by that `page_size`\n\nif `show_only_active` set, submissions that are waiting, queued, running or cancelling will be returned.\n\nThe fields that are displayed by default are:\n`model`, `status`, `process_status`, `submitted_at`, `stdout_filename`, `namespace`, `token`, `finished_at`\nTo see other fields, please use X-Fields accordingly. E.g `X-Fields: *` will show everything.", "operationId": "listJobs", "parameters": [ { "name": "everyone", "in": "query", "type": "boolean", "description": "Can be set by admin/inviter; shows submissions of everyone/invitees" }, { "name": "X-Fields", "in": "header", "type": "string" }, { "name": "page", "in": "query", "type": "integer", "minimum": 1, "maximum": 2147483647, "default": 1 }, { "name": "per_page", "in": "query", "type": "integer", "minimum": 0, "maximum": 2147483647, "default": 0 }, { "name": "order_by", "in": "query", "type": "string", "default": "submitted_at", "enum": [ "model", "namespace", "status", "process_status", "submitted_at", "finished_at", "user" ] }, { "name": "order_asc", "in": "query", "type": "boolean", "default": false }, { "name": "show_only_active", "in": "query", "type": "boolean", "default": false } ], "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] }, "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Namespace could not be found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "402": { "description": "Quota exceeded", "schema": { "$ref": "#/definitions/quota_exceeded" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Input is not valid" }, "201": { "description": "Job created", "schema": { "$ref": "#/definitions/message_and_token" } } }, "summary": "Submits a new job to be solved", "description": "Requires execute permission for registered models,\nrequires write and execute permissions for unregistered models.\nWhen the disk or volume quota reaches 80%, quota_warning is included in the response.", "operationId": "createJob", "parameters": [ { "name": "model", "in": "query", "type": "string", "required": true, "description": "Name of the model" }, { "name": "run", "in": "query", "type": "string", "description": "Name of the main gms file with its extension. Will use model + '.gms' if not provided." }, { "name": "model_data", "in": "formData", "type": "file", "description": "Zip file containing model files, if model is not registered" }, { "name": "namespace", "in": "query", "type": "string", "required": true, "description": "Namespace containing(or will contain) the model" }, { "name": "data", "in": "formData", "type": "file", "description": "File containing data in zip" }, { "name": "inex_file", "in": "formData", "type": "file", "description": "Optional JSON file to filter the contents of the result zip file" }, { "name": "inex_string", "in": "query", "type": "string", "description": "Optional JSON string to filter the contents of the result zip file (inex_file takes precedence if specified)" }, { "name": "text_entries", "in": "query", "type": "array", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "stream_entries", "in": "query", "type": "array", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "stdout_filename", "in": "query", "type": "string", "description": "Name of the file that captures stdout", "default": "log_stdout.txt" }, { "name": "arguments", "in": "query", "type": "array", "description": "Arguments that will be passed to GAMS call", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "dep_tokens", "in": "query", "type": "array", "format": "UUID", "description": "Tokens of jobs on which this job depends. The order defines the order in which the results of dependent jobs are extracted.", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "labels", "in": "query", "type": "array", "description": "Labels that will be attached to the job in key=value. Currently supported labels are: cpu_request, memory_request, workspace_request, node_selectors, tolerations, instance", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "tag", "in": "query", "type": "string", "description": "Human-readable tag to assign to job (at most 255 characters)" }, { "name": "access_groups", "in": "query", "type": "array", "description": "Labels of user groups that should be able to access this job.", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "priority", "in": "query", "type": "string", "description": "Job priority. Only available if job priorities feature is enabled. Possible values are: low, medium, high", "enum": [ "low", "medium", "high" ] } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "multipart/form-data" ], "tags": [ "jobs" ] } }, "/jobs/status-codes": { "get": { "responses": { "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/status_code_meaning" } } } }, "summary": "Returns mapping of job status codes to human readable messages", "operationId": "get_status_codes", "parameters": [ { "name": "X-Fields", "in": "header", "type": "string", "format": "mask", "description": "An optional fields mask" } ], "tags": [ "jobs" ] } }, "/jobs/{token}": { "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string" } ], "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Job not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Succesful", "schema": { "$ref": "#/definitions/job" } } }, "summary": "Returns the details of a job", "description": "The job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.\n`labels.resource_warning`, `labels.instance`, `labels.multiplier`, `access_groups` and `tag` fields are hidden by default for compatibility reasons,\nplease use X-Fields header to get it.\nFor example: X-Fields: \\*, labels{\\*}", "operationId": "getJob", "parameters": [ { "name": "X-Fields", "in": "header", "type": "string" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Job not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Job is already finished", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Sends interrupt signal to a job", "description": "It has no effect if the job is finished.\nIf the job is pending, worker will disregard the job when it receives the job.\nIf the job is running, it will be terminated.\nThe job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "killJob", "parameters": [ { "name": "hard_kill", "in": "query", "type": "boolean", "description": "Sends SIGKILL if true, SIGINT otherwise", "default": false } ], "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] } }, "/jobs/{token}/access-groups": { "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string" } ], "put": { "responses": { "404": { "description": "Job not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Update access groups that can access a job", "description": "Can be queried via getJob endpoint.", "operationId": "updateJobAccessGroups", "parameters": [ { "name": "access_groups", "in": "query", "type": "array", "description": "Labels of user groups that should be able to access this job.", "items": { "type": "string" }, "collectionFormat": "multi" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] } }, "/jobs/{token}/result": { "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string" } ], "head": { "responses": { "500": { "description": "Internal error" }, "404": { "description": "Job or file not found" }, "403": { "description": "Unauthorized access" }, "200": { "description": "Successful", "headers": { "st_size": { "description": "Size of the file in bytes", "type": "string" }, "md5_hash": { "description": "MD5 hash of file", "type": "string" } } } }, "summary": "Gets size and md5 hash of job result", "description": "The job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "getJobZipInfo", "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] }, "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "No job found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Job data does not exist", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Success", "schema": { "type": "file" }, "headers": { "content-type": { "description": "application/zip", "type": "string" }, "content-disposition": { "description": "attachment; filename=data.zip", "type": "string" } } } }, "summary": "Downloads job result", "description": "The job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "getJobZip", "security": [ { "BasicAuth": [] } ], "produces": [ "application/zip" ], "tags": [ "jobs" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "No job found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Job data does not exist", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Success", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes the job result and all the text entries", "description": "The job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "deleteJobZip", "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] } }, "/jobs/{token}/stream-entry": { "delete": { "responses": { "404": { "description": "No job found / No stream entry found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "308": { "description": "Stream entry is gone", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/stream_entry" } } }, "summary": "Flushes and returns the stream entry queue", "description": "The job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "consumeStreamEntry", "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string", "description": "Token of the job whose status is to be queried" }, { "name": "entry_name", "in": "query", "type": "string", "required": true, "description": "Name of the text entry to be queried" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] } }, "/jobs/{token}/stream-entry/{entry_name}": { "delete": { "responses": { "404": { "description": "No job found / No stream entry found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "308": { "description": "Stream entry is gone", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/stream_entry" } } }, "summary": "Flushes and returns the stream entry queue", "description": "The job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "popStreamEntry", "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string", "description": "Token of the job whose status is to be queried" }, { "name": "entry_name", "in": "path", "required": true, "type": "string", "description": "Name of the stream entry to be queried" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] } }, "/jobs/{token}/tag": { "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string" } ], "put": { "responses": { "404": { "description": "Job not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Invalid input" }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Update human-readable tag of a job", "description": "Stored in `tag` field. Can be queried via getJob endpoint.", "operationId": "updateJobTag", "parameters": [ { "name": "tag", "in": "query", "type": "string", "pattern": "^.{0,255}$", "required": true, "description": "Human-readable tag to assign to job (at most 255 characters)" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] } }, "/jobs/{token}/text-entry": { "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "No job found / The text entry cannot be found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/text_entry" } } }, "summary": "Gets the value of a text entry", "description": "Start position and length can be specified to get a partial text entry.\nThe job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "queryJobTextEntry", "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string", "description": "Token of the job whose status is to be queried" }, { "name": "entry_name", "in": "query", "type": "string", "required": true, "description": "Name of the text entry to be queried" }, { "name": "start_position", "in": "query", "type": "integer", "minimum": 1, "maximum": 2147483647, "description": "Start position of the substring", "default": 1 }, { "name": "length", "in": "query", "type": "integer", "minimum": 1, "maximum": 2147483647, "description": "Number of chars you want to extract; if omitted, whole string is extracted" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] }, "head": { "responses": { "404": { "description": "No job found / The text entry cannot be found" }, "403": { "description": "Unauthorized access" }, "200": { "description": "Successful", "headers": { "char_length": { "description": "an integer will be here", "type": "string" } } } }, "summary": "Returns the number of characters of the text entry", "description": "The job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "queryJobTextEntryInfo", "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string", "description": "Token of the job whose status is to be queried" }, { "name": "entry_name", "in": "query", "type": "string", "required": true, "description": "Name of the text entry to be queried" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] } }, "/jobs/{token}/text-entry/{entry_name}": { "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "No job found / The text entry cannot be found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/text_entry" } } }, "summary": "Gets the value of a text entry", "description": "Start position and length can be specified to get a partial text entry.\nThe job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "getJobTextEntry", "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string", "description": "Token of the job whose status is to be queried" }, { "name": "entry_name", "in": "path", "required": true, "type": "string", "description": "Name of the text entry to be queried" }, { "name": "start_position", "in": "query", "type": "integer", "minimum": 1, "maximum": 2147483647, "description": "Start position of the substring", "default": 1 }, { "name": "length", "in": "query", "type": "integer", "minimum": 1, "maximum": 2147483647, "description": "Number of chars you want to extract; if omitted, whole string is extracted" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] }, "head": { "responses": { "404": { "description": "No job found / The text entry cannot be found" }, "403": { "description": "Unauthorized access" }, "200": { "description": "Successful", "headers": { "char_length": { "description": "an integer will be here", "type": "string" } } } }, "summary": "Returns the number of characters of the text entry", "description": "The job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "getJobTextEntryInfo", "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string", "description": "Token of the job whose status is to be queried" }, { "name": "entry_name", "in": "path", "required": true, "type": "string", "description": "Name of the text entry to be queried" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] } }, "/jobs/{token}/unread-logs": { "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string" } ], "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "410": { "description": "Job will not start", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "No job found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Cannot get logs of pending job / Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "308": { "description": "Partial log is not available, get the full log", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/log_piece" } } }, "summary": "Flushes and returns stdout of job", "description": "The job must belong to the logged in user, an invitee of the logged in user, or the logged in user must have admin role.", "operationId": "popJobLogs", "security": [ { "BasicAuth": [] } ], "tags": [ "jobs" ] } }, "/licenses/": { "put": { "responses": { "404": { "description": "Not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Associates a license with a user", "description": "Overwrites the user's current license, if any.\nWhen inviters receive a license, they pass the license on to the users\nthey have invited. Requires admin role.", "operationId": "updateLicense", "parameters": [ { "name": "username", "in": "formData", "type": "string", "required": true }, { "name": "license", "in": "formData", "type": "string", "maxLength": 1000, "required": true, "description": "Base64 encoded License" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "licenses" ] }, "get": { "responses": { "404": { "description": "Not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/license" } } } }, "summary": "Lists the users' licenses", "operationId": "getLicense", "parameters": [ { "name": "username", "in": "query", "type": "string", "description": "Username of the user to filter" }, { "name": "X-Fields", "in": "header", "type": "string" }, { "name": "only-owners", "in": "query", "type": "boolean", "description": "Show only license owners, not the heirs", "default": false } ], "security": [ { "BasicAuth": [] } ], "tags": [ "licenses" ] }, "delete": { "responses": { "404": { "description": "Not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes the license associated with the given user", "description": "Deletes licenses from invited users if the affected user is an inviter.\nThe user must be the owner of the license, not just an heir.\nRequires admin privileges.", "operationId": "deleteLicense", "parameters": [ { "name": "username", "in": "query", "type": "string", "required": true } ], "security": [ { "BasicAuth": [] } ], "tags": [ "licenses" ] } }, "/licenses/engine": { "put": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Input is not valid" }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Updates Engine license", "operationId": "updateEngineLicense", "parameters": [ { "name": "license", "in": "formData", "type": "string", "required": true, "description": "Engine license" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "licenses" ] }, "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/engine_license" } } }, "summary": "Returns Engine license", "operationId": "getEngineLicense", "security": [ { "BasicAuth": [] } ], "tags": [ "licenses" ] } }, "/licenses/system-wide": { "put": { "responses": { "403": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Updates the system-wide GAMS license (only admins)", "operationId": "updateSystemWideGAMSLicense", "parameters": [ { "name": "license", "in": "formData", "type": "string", "maxLength": 1000, "required": true, "description": "Base64 encoded system-wide GAMS License" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "licenses" ] }, "get": { "responses": { "403": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad request", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/system_wide_license" } } }, "summary": "Fetches the system-wide GAMS license (only admins)", "operationId": "getSystemWideGAMSLicense", "security": [ { "BasicAuth": [] } ], "tags": [ "licenses" ] }, "delete": { "responses": { "404": { "description": "Not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes the system-wide GAMS license (only admins)", "operationId": "deleteSystemWideGAMSLicense", "security": [ { "BasicAuth": [] } ], "tags": [ "licenses" ] } }, "/namespaces/": { "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/namespace" } } } }, "summary": "Lists the namespaces", "description": "You must have some permission on namespace to see it.\nAdmins can see every namespace and every permission.\nInviters can see namespaces for which they have permission, as well as the permissions of invitees.\nUsers can see namespaces in which they have permissions, as well as the permissions for themselves.", "operationId": "listNamespaces", "security": [ { "BasicAuth": [] } ], "tags": [ "namespaces" ] } }, "/namespaces/permissions/me": { "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/namespace_with_permission" } } } }, "summary": "Lists the namespaces where the user has a non-zero permission, along with that `permission` and `disk_quota`", "description": "If the user does not have write permission, then the `disk_quota` is None. If the user has write permission\nbut `disk_quota` is still None, it means namespace does not have any disk quota.", "operationId": "getAccessibleNamespaces", "security": [ { "BasicAuth": [] } ], "deprecated": true, "tags": [ "namespaces" ] } }, "/namespaces/{namespace}": { "parameters": [ { "name": "namespace", "in": "path", "required": true, "type": "string" } ], "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/models" } } } }, "summary": "Lists the models in a namespace", "description": "If the model argument is specified, the information about this model is\ndisplayed only if the model is registered in the namespace.\nModels that are not assigned to a user group are visible to anyone with any\npermission (read, write, and/or execute) in the namespace.\nModels assigned to one or more user groups are only visible if the user can see any of these user groups.\n`protect_model_files` field is hidden by default for compatibility reasons,\nplease use X-Fields header to get it.\nFor example: X-Fields: \\*", "operationId": "listModels", "parameters": [ { "name": "X-Fields", "in": "header", "type": "string" }, { "name": "model", "in": "query", "type": "string", "description": "Name of the model to filter" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "namespaces" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes a namespace", "description": "Models, permissions and results assigned to this namespace are deleted.\nIf jobs are running in this namespace, they are aborted.\nRequires admin role.", "operationId": "deleteNamespace", "security": [ { "BasicAuth": [] } ], "tags": [ "namespaces" ] }, "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Input error", "schema": { "$ref": "#/definitions/message" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Creates a namespace", "description": "Requires admin role", "operationId": "createNamespace", "parameters": [ { "name": "disk_quota", "in": "formData", "type": "integer", "minimum": 0, "exclusiveMinimum": true, "description": "disk quota in bytes" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "namespaces" ] } }, "/namespaces/{namespace}/disk-quota": { "parameters": [ { "name": "namespace", "in": "path", "required": true, "type": "string" } ], "put": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Namespace not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Input error", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Updates namespace disk quota", "description": "Requires admin role", "operationId": "updateNamespaceQuota", "parameters": [ { "name": "disk_quota", "in": "formData", "type": "integer", "minimum": 0, "exclusiveMinimum": true, "required": true, "description": "disk quota in bytes", "default": 1000000000 } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "namespaces" ] }, "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Namespace not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/namespace_quota" } } }, "summary": "Displays namespace disk quota", "description": "Requires write permission", "operationId": "getNamespaceQuota", "security": [ { "BasicAuth": [] } ], "tags": [ "namespaces" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Namespace not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Input error", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes namespace disk quota", "description": "Requires admin role", "operationId": "deleteNamespaceQuota", "security": [ { "BasicAuth": [] } ], "tags": [ "namespaces" ] } }, "/namespaces/{namespace}/models/{model}": { "parameters": [ { "name": "namespace", "in": "path", "required": true, "type": "string" }, { "name": "model", "in": "path", "required": true, "type": "string" } ], "get": { "responses": { "404": { "description": "Namespace is not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "file" }, "headers": { "content-type": { "description": "application/zip", "type": "string" }, "content-disposition": { "description": "attachment; filename=model.zip", "type": "string" } } } }, "summary": "Downloads model data", "description": "Requires read permission.", "operationId": "getModel", "security": [ { "BasicAuth": [] } ], "tags": [ "namespaces" ] }, "delete": { "responses": { "404": { "description": "Namespace is not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes a model registered in the namespace", "description": "Requires write permission.", "operationId": "deleteModel", "security": [ { "BasicAuth": [] } ], "tags": [ "namespaces" ] }, "patch": { "responses": { "404": { "description": "Namespace is not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "402": { "description": "Namespace disk quota reached", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Input error", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Partially update registered models", "operationId": "updateModel", "parameters": [ { "name": "data", "in": "formData", "type": "file", "description": "Zip file containing files of model" }, { "name": "inex_file", "in": "formData", "type": "file", "description": "JSON file that describes which files will be included/excluded from results archive" }, { "name": "inex_string", "in": "query", "type": "string", "description": "JSON string that describes which files will be included/excluded from results archive (if provided, inex_file takes precendence)" }, { "name": "arguments", "in": "query", "type": "array", "description": "Arguments that will be passed to GAMS call", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "run", "in": "query", "type": "string", "description": "Main GMS file to run, please include file extension as well. Will use model + '.gms' if not provided." }, { "name": "protect_model_files", "in": "query", "type": "boolean", "description": "Whether to protect model files from being overwritten by data files." }, { "name": "user_groups", "in": "query", "type": "array", "description": "Restrict access to specific user groups", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "text_entries", "in": "query", "type": "array", "description": "Files to store as text entries", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "stream_entries", "in": "query", "type": "array", "description": "Files to stream during execution", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "delete_inex_file", "in": "query", "type": "boolean", "description": "If `inex_file` is provided, setting this throws error, otherwise setting this to true deletes the inex file", "default": false }, { "name": "delete_arguments", "in": "query", "type": "boolean", "description": "If `arguments` is provided, setting this throws error, otherwise setting this deletes the arguments", "default": false }, { "name": "delete_run", "in": "query", "type": "boolean", "description": "If `run` is provided, setting this throws error, otherwise setting this to true deletes the run filename", "default": false }, { "name": "delete_user_groups", "in": "query", "type": "boolean", "description": "If `user_groups` is provided, setting this throws error, otherwise setting this deletes the user groups", "default": false }, { "name": "delete_text_entries", "in": "query", "type": "boolean", "description": "If `text_entries` is provided, setting this throws error, otherwise setting this deletes the text entries", "default": false }, { "name": "delete_stream_entries", "in": "query", "type": "boolean", "description": "If `stream_entries` is provided, setting this throws error, otherwise setting this deletes the stream entries", "default": false } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "multipart/form-data" ], "tags": [ "namespaces" ] }, "post": { "responses": { "404": { "description": "Namespace is not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "402": { "description": "Namespace disk quota reached", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Registers a new model in the given namespace", "description": "Requires write permission.", "operationId": "createModel", "parameters": [ { "name": "data", "in": "formData", "type": "file", "required": true, "description": "Zip file containing files of model" }, { "name": "inex_file", "in": "formData", "type": "file", "description": "JSON file that describes which files will be included/excluded from results archive" }, { "name": "inex_string", "in": "query", "type": "string", "description": "JSON string that describes which files will be included/excluded from results archive (if provided, inex_file takes precendence)" }, { "name": "arguments", "in": "query", "type": "array", "description": "Arguments that will be passed to GAMS call", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "text_entries", "in": "query", "type": "array", "description": "Files to store as text entries", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "stream_entries", "in": "query", "type": "array", "description": "Files to stream during execution", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "run", "in": "query", "type": "string", "description": "Main GMS file to run, please include file extension as well. Will use model + '.gms' if not provided." }, { "name": "protect_model_files", "in": "query", "type": "boolean", "description": "Whether to protect model files from being overwritten by data files." }, { "name": "user_groups", "in": "query", "type": "array", "description": "Restrict access to specific user groups", "items": { "type": "string" }, "collectionFormat": "multi" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "multipart/form-data" ], "tags": [ "namespaces" ] } }, "/namespaces/{namespace}/permissions": { "parameters": [ { "name": "namespace", "in": "path", "required": true, "type": "string" } ], "put": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Sets permissions of the given user for the given namespace", "description": "Admins can grant all permissions, inviting persons can only grant the permissions they have.\nRequires admin or inviter role.", "operationId": "replaceUserPermission", "parameters": [ { "name": "username", "in": "formData", "type": "string", "required": true, "description": "Username" }, { "name": "permissions", "in": "formData", "type": "integer", "minimum": 0, "maximum": 7, "required": true, "description": "4 - Read access to namespace\n2 - Write access to namespace(delete, update, create)\n1 - Execute model access to namespace\n Sum to calculate permission" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "namespaces" ] }, "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User or namespace not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/perm_and_username" } } }, "summary": "Gets permissions of the given user for the given namespace", "description": "Admins can query all users, inviters can only query the invitees.\nUsers can query themselves.", "operationId": "getUserPermission", "parameters": [ { "name": "username", "in": "query", "type": "string", "required": true, "description": "Username" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "namespaces" ] } }, "/namespaces/{namespace}/permissions/me": { "parameters": [ { "name": "namespace", "in": "path", "required": true, "type": "string" } ], "get": { "responses": { "404": { "description": "Namespace not found", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/perm_and_username" } } }, "summary": "Returns the permissions of the logged in user in the given namespace", "description": "If user has admin role, it always returns 7.", "operationId": "getMyPermissions", "security": [ { "BasicAuth": [] } ], "deprecated": true, "tags": [ "namespaces" ] } }, "/namespaces/{namespace}/user-groups": { "parameters": [ { "name": "namespace", "in": "path", "required": true, "type": "string" } ], "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Namespace not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/user_groups" } } } }, "summary": "Fetches user groups", "description": "If user, fetches groups in which the user is a member.\nIf inviter, fetches groups the inviter is a member of, as well as all groups of invitees.\nIf admin, fetches all groups.", "operationId": "getUserGroups", "security": [ { "BasicAuth": [] } ], "tags": [ "namespaces" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes a user group", "description": "Inviters with write permission to the namespace can delete their own groups as well as the groups of any invitees.\nAdmins can delete any group.", "operationId": "deleteUserGroup", "parameters": [ { "name": "label", "in": "query", "type": "string", "pattern": "^[a-zA-Z0-9_]{4,70}$", "required": true, "description": "Group label" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "namespaces" ] }, "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Namespace not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Creates a new user group", "description": "Requires admin role or inviter role with write permissions on the namespace.", "operationId": "createUserGroup", "parameters": [ { "name": "label", "in": "formData", "type": "string", "pattern": "^[a-zA-Z0-9_]{4,70}$", "required": true, "description": "Group label" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "namespaces" ] } }, "/namespaces/{namespace}/user-groups/{label}": { "parameters": [ { "name": "namespace", "in": "path", "required": true, "type": "string" }, { "name": "label", "in": "path", "required": true, "type": "string" } ], "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Removes a user from a group", "description": "Inviters can remove any invitees from a group they are a member of or that belongs to an invitee.\nAdmins can remove anyone from any group.", "operationId": "removeUserFromGroup", "parameters": [ { "name": "username", "in": "query", "type": "string", "required": true, "description": "Username to remove" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "namespaces" ] }, "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Adds a user to a group", "description": "Inviters can add any invitees to a group they are a member of or that belongs to an invitee.\nAdmins can add anyone to any group.", "operationId": "addUserToGroup", "parameters": [ { "name": "username", "in": "formData", "type": "string", "required": true, "description": "Username to add" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "namespaces" ] } }, "/namespaces/{namespace}/{model}": { "parameters": [ { "name": "namespace", "in": "path", "required": true, "type": "string" }, { "name": "model", "in": "path", "required": true, "type": "string" } ], "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "file" }, "headers": { "content-type": { "description": "application/zip", "type": "string" }, "content-disposition": { "description": "attachment; filename=model.zip", "type": "string" } } } }, "summary": "Downloads model data", "description": "Requires read permission.", "operationId": "getModelDeprecated", "security": [ { "BasicAuth": [] } ], "deprecated": true, "tags": [ "namespaces" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes a model registered in the namespace", "description": "Requires write permission.", "operationId": "deleteModelDeprecated", "security": [ { "BasicAuth": [] } ], "deprecated": true, "tags": [ "namespaces" ] }, "patch": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "402": { "description": "Namespace disk quota reached", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Input error", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Partially update registered models", "operationId": "updateModelDeprecated", "parameters": [ { "name": "data", "in": "formData", "type": "file", "description": "Zip file containing files of model" }, { "name": "inex_file", "in": "formData", "type": "file", "description": "JSON file that describes which files will be included/excluded from results archive" }, { "name": "inex_string", "in": "query", "type": "string", "description": "JSON string that describes which files will be included/excluded from results archive (if provided, inex_file takes precendence)" }, { "name": "arguments", "in": "query", "type": "array", "description": "Arguments that will be passed to GAMS call", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "run", "in": "query", "type": "string", "description": "Main GMS file to run, please include file extension as well. Will use model + '.gms' if not provided." }, { "name": "protect_model_files", "in": "query", "type": "boolean", "description": "Whether to protect model files from being overwritten by data files." }, { "name": "user_groups", "in": "query", "type": "array", "description": "Restrict access to specific user groups", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "text_entries", "in": "query", "type": "array", "description": "Files to store as text entries", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "stream_entries", "in": "query", "type": "array", "description": "Files to stream during execution", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "delete_inex_file", "in": "query", "type": "boolean", "description": "If `inex_file` is provided, setting this throws error, otherwise setting this to true deletes the inex file", "default": false }, { "name": "delete_arguments", "in": "query", "type": "boolean", "description": "If `arguments` is provided, setting this throws error, otherwise setting this deletes the arguments", "default": false }, { "name": "delete_run", "in": "query", "type": "boolean", "description": "If `run` is provided, setting this throws error, otherwise setting this to true deletes the run filename", "default": false }, { "name": "delete_user_groups", "in": "query", "type": "boolean", "description": "If `user_groups` is provided, setting this throws error, otherwise setting this deletes the user groups", "default": false }, { "name": "delete_text_entries", "in": "query", "type": "boolean", "description": "If `text_entries` is provided, setting this throws error, otherwise setting this deletes the text entries", "default": false }, { "name": "delete_stream_entries", "in": "query", "type": "boolean", "description": "If `stream_entries` is provided, setting this throws error, otherwise setting this deletes the stream entries", "default": false } ], "security": [ { "BasicAuth": [] } ], "deprecated": true, "consumes": [ "multipart/form-data" ], "tags": [ "namespaces" ] }, "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "402": { "description": "Namespace disk quota reached", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Registers a new model in the given namespace", "description": "Requires write permission.", "operationId": "createModelDeprecated", "parameters": [ { "name": "data", "in": "formData", "type": "file", "required": true, "description": "Zip file containing files of model" }, { "name": "inex_file", "in": "formData", "type": "file", "description": "JSON file that describes which files will be included/excluded from results archive" }, { "name": "inex_string", "in": "query", "type": "string", "description": "JSON string that describes which files will be included/excluded from results archive (if provided, inex_file takes precendence)" }, { "name": "arguments", "in": "query", "type": "array", "description": "Arguments that will be passed to GAMS call", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "text_entries", "in": "query", "type": "array", "description": "Files to store as text entries", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "stream_entries", "in": "query", "type": "array", "description": "Files to stream during execution", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "run", "in": "query", "type": "string", "description": "Main GMS file to run, please include file extension as well. Will use model + '.gms' if not provided." }, { "name": "protect_model_files", "in": "query", "type": "boolean", "description": "Whether to protect model files from being overwritten by data files." }, { "name": "user_groups", "in": "query", "type": "array", "description": "Restrict access to specific user groups", "items": { "type": "string" }, "collectionFormat": "multi" } ], "security": [ { "BasicAuth": [] } ], "deprecated": true, "consumes": [ "multipart/form-data" ], "tags": [ "namespaces" ] } }, "/usage/": { "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Namespace not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/model_usage" } } }, "summary": "Queries the usage data of a user with or without the user's invitees", "description": "Admins can query everyone's usage data.\nInviters can query usage data of invitees or usage data of jobs they have access to.\nUsers can only query their own usage data or usage data of jobs they have access to.\n`resource_warning`, `instance`, and `multiplier` fields are hidden by default for compatibility reasons,\nplease use X-Fields header to get it.\nFor example: X-Fields: job_usage{\\*, labels{\\*}}, hypercube_job_usage{\\*, labels{\\*}}, pool_usage{\\*}", "operationId": "getUsage", "parameters": [ { "name": "username", "in": "query", "type": "string", "required": true, "description": "Name of the user" }, { "name": "recursive", "in": "query", "type": "boolean", "description": "Show invitees as well", "default": false }, { "name": "from_datetime", "in": "query", "type": "string", "format": "date-time", "description": "iso8601 Datetime to filter jobs out when they are submitted before." }, { "name": "to_datetime", "in": "query", "type": "string", "format": "date-time", "description": "iso8601 Datetime to filter jobs out when they are submitted after." }, { "name": "X-Fields", "in": "header", "type": "string" }, { "name": "token", "in": "query", "type": "array", "format": "UUID", "description": "Job tokens to filter", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "hypercube_token", "in": "query", "type": "array", "format": "UUID", "description": "Hypercube tokens to filter", "items": { "type": "string" }, "collectionFormat": "multi" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "usage" ] } }, "/usage/instances": { "put": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Instance not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Updates existing instance", "description": "Requires admin role.", "operationId": "updateInstance", "parameters": [ { "name": "label", "in": "formData", "type": "string", "minLength": 1, "maxLength": 60, "required": true, "description": "Label to assign to instance" }, { "name": "cpu_request", "in": "formData", "type": "number", "minimum": 0, "required": true, "description": "CPU units (vCPU/Core, Hyperthread)" }, { "name": "memory_request", "in": "formData", "type": "integer", "minimum": 0, "exclusiveMinimum": true, "required": true, "description": "Memory units (MiB)" }, { "name": "multiplier_idle", "in": "formData", "type": "number", "minimum": 0, "required": true, "description": "Instance multiplier (applied when worker is idle)" }, { "name": "multiplier", "in": "formData", "type": "number", "minimum": 0, "required": true, "description": "Instance multiplier (applied when worker is busy)" }, { "name": "workspace_request", "in": "formData", "type": "integer", "minimum": 100, "maximum": 1000000, "required": true, "description": "Max amount of disk space that can be used during the solve (MiB)" }, { "name": "tolerations", "in": "formData", "type": "array", "description": "Toleration information for the pod", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "node_selectors", "in": "formData", "type": "array", "description": "Node selector information for the pod", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "gams_license", "in": "formData", "type": "string", "maxLength": 1000, "description": "Base64-encoded GAMS license to be used on this instance (takes precedence over the user license and the system-wide license, not supported in Engine One)" }, { "name": "old_label", "in": "formData", "type": "string", "minLength": 1, "maxLength": 60, "required": true, "description": "Label of instance to modify" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "usage" ] }, "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/model_instance_info_full" } } } }, "summary": "Lists all instances", "description": "Requires admin role or the user must be able to use raw resource requests.", "operationId": "getInstances", "security": [ { "BasicAuth": [] } ], "tags": [ "usage" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "409": { "description": "Conflict", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Instance not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes existing instance", "description": "Requires admin role.", "operationId": "deleteInstance", "parameters": [ { "name": "label", "in": "query", "type": "string", "minLength": 1, "maxLength": 60, "required": true, "description": "Label of instance to delete" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "usage" ] }, "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Adds new instance", "description": "Requires admin role.", "operationId": "createInstance", "parameters": [ { "name": "label", "in": "formData", "type": "string", "minLength": 1, "maxLength": 60, "required": true, "description": "Label to assign to instance" }, { "name": "cpu_request", "in": "formData", "type": "number", "minimum": 0, "required": true, "description": "CPU units (vCPU/Core, Hyperthread)" }, { "name": "memory_request", "in": "formData", "type": "integer", "minimum": 0, "exclusiveMinimum": true, "required": true, "description": "Memory units (MiB)" }, { "name": "multiplier_idle", "in": "formData", "type": "number", "minimum": 0, "required": true, "description": "Instance multiplier (applied when worker is idle)" }, { "name": "multiplier", "in": "formData", "type": "number", "minimum": 0, "required": true, "description": "Instance multiplier (applied when worker is busy)" }, { "name": "workspace_request", "in": "formData", "type": "integer", "minimum": 100, "maximum": 1000000, "required": true, "description": "Max amount of disk space that can be used during the solve (MiB)" }, { "name": "tolerations", "in": "formData", "type": "array", "description": "Toleration information for the pod", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "node_selectors", "in": "formData", "type": "array", "description": "Node selector information for the pod", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "gams_license", "in": "formData", "type": "string", "maxLength": 1000, "description": "Base64-encoded GAMS license to be used on this instance (takes precedence over the user license and the system-wide license, not supported in Engine One)" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "usage" ] } }, "/usage/instances/{username}": { "parameters": [ { "name": "username", "in": "path", "required": true, "type": "string" } ], "put": { "responses": { "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } }, "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } } }, "summary": "Updates instances (and instance pools) a user has permissions to use", "description": "Admins can update instances of anyone.\nAdmin can assign any existing instances.\nAdmins cannot be assigned instances.\nInviters can update instances of direct/indirect invitees.\nInviters can only assign instances that have been assigned to them.", "operationId": "updateUserInstances", "parameters": [ { "name": "labels", "in": "formData", "type": "array", "minLength": 1, "maxLength": 60, "description": "Instances and instance pools to assign to user", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "default_label", "in": "formData", "type": "string", "minLength": 1, "maxLength": 60, "description": "Label of the instance or instance pool to be used as default" }, { "name": "delete_pools", "in": "formData", "type": "boolean", "description": "Delete all pools associated with an instance that the user is no longer allowed to use (default: false)" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "usage" ] }, "get": { "responses": { "200": { "description": "Successful", "schema": { "$ref": "#/definitions/model_userinstance_info" } }, "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } } }, "summary": "Lists all instances user has permissions to use", "description": "Admins can list instances of anyone.\nInviters can list instances of direct/indirect invitees.\nUsers can list own instances.\n\n**NOTE**:\nThe `default_instance` and `default_inherited_from` parameters are null if the default instance is a\npool instance and therefore cannot be used safely. They are retained here for compatibility reasons.\nPlease use the `GET /usage/instances/{username}/default` endpoint instead to get a user's default instance.", "operationId": "getUserInstances", "security": [ { "BasicAuth": [] } ], "tags": [ "usage" ] }, "delete": { "responses": { "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } }, "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" } }, "summary": "Deletes instances assigned to a user", "description": "This means that the user inherits instances of inviter.\nAdmins can delete instances of anyone.\nInviters can delete instances of direct/indirect invitees.", "operationId": "deleteUserInstances", "security": [ { "BasicAuth": [] } ], "tags": [ "usage" ] } }, "/usage/instances/{username}/default": { "parameters": [ { "name": "username", "in": "path", "required": true, "type": "string" } ], "put": { "responses": { "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } }, "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Default instance not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } } }, "summary": "Updates the default instance (or instance pool) of the specified user", "description": "Admins can update default instance of anyone.\nInviters can update default instance of direct/indirect invitees.\nUsers can update their own default instance.\nInstance specified must be available to the user.", "operationId": "updateUserDefaultInstance", "parameters": [ { "name": "default_label", "in": "formData", "type": "string", "minLength": 1, "maxLength": 60, "required": true, "description": "Label of the instance or instance pool to be used as default" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "usage" ] }, "get": { "responses": { "200": { "description": "Successful", "schema": { "$ref": "#/definitions/model_default_user_instance" } }, "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" } }, "summary": "Returns the default instance of a user", "description": "Admins can get default instance of anyone.\nInviters can get default instance of direct/indirect invitees.\nUsers can get own default instance.", "operationId": "getUserDefaultInstance", "security": [ { "BasicAuth": [] } ], "tags": [ "usage" ] } }, "/usage/pools": { "put": { "responses": { "500": { "description": "Internal Error", "schema": { "$ref": "#/definitions/message" } }, "409": { "description": "Conflict", "schema": { "$ref": "#/definitions/message" } }, "405": { "description": "Not allowed on Engine One", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Instance pool not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "402": { "description": "Quota exceeded", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad Input", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Adjusts the size of the instance pool", "description": "Admins can scale any instance pool.\nInviters can scale instance pools from themselves or from invitees.\nUsers can scale their own instance pools.", "operationId": "updateInstancePool", "parameters": [ { "name": "label", "in": "formData", "type": "string", "minLength": 1, "maxLength": 60, "required": true, "description": "Label of instance pool to update" }, { "name": "size", "in": "formData", "type": "integer", "minimum": 0, "maximum": 50, "required": true, "description": "New pool size (number of machines)" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "usage" ] }, "get": { "responses": { "200": { "description": "Successful", "schema": { "$ref": "#/definitions/model_userinstancepool_info" } }, "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" } }, "summary": "Lists all instance pools", "description": "Requires admin role.", "operationId": "getInstancePools", "security": [ { "BasicAuth": [] } ], "tags": [ "usage" ] }, "delete": { "responses": { "500": { "description": "Internal Error", "schema": { "$ref": "#/definitions/message" } }, "409": { "description": "Conflict", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Instance pool not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad Input", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes existing instance pool", "description": "Admins can delete any instance pool.\nInviters can delete instance pools from themselves or from invitees.\nUsers can delete their own instance pools.", "operationId": "deleteInstancePool", "parameters": [ { "name": "label", "in": "query", "type": "string", "minLength": 1, "maxLength": 60, "required": true, "description": "Label of instance pool to delete" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "usage" ] }, "post": { "responses": { "500": { "description": "Internal Error", "schema": { "$ref": "#/definitions/message" } }, "405": { "description": "Not allowed on Engine One", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Instance not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "402": { "description": "Quota exceeded", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad Input", "schema": { "$ref": "#/definitions/bad_input" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Adds new instance pool", "operationId": "createInstancePool", "parameters": [ { "name": "label", "in": "formData", "type": "string", "minLength": 1, "maxLength": 60, "required": true, "description": "Label to assign to instance pool" }, { "name": "instance", "in": "formData", "type": "string", "minLength": 1, "maxLength": 60, "required": true, "description": "Label of the instance or instance pool to use for pool" }, { "name": "size", "in": "formData", "type": "integer", "minimum": 0, "maximum": 50, "required": true, "description": "Pool size (number of machines)" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "usage" ] } }, "/usage/pools/{username}": { "parameters": [ { "name": "username", "in": "path", "required": true, "type": "string" } ], "get": { "responses": { "200": { "description": "Successful", "schema": { "$ref": "#/definitions/model_userinstancepool_info" } }, "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" } }, "summary": "Lists all instance pools user has permissions to use", "description": "Admins can list instance pools of anyone.\nInviters can list instance pools of direct/indirect invitees.\nUsers can list own instance pools.", "operationId": "getUserInstancePools", "security": [ { "BasicAuth": [] } ], "tags": [ "usage" ] } }, "/usage/quota": { "put": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Updates the quota that is bound to the given user", "description": "If the user is inviter,\neveryone in the user's subtree is also effected. Admins cannot have quotas.\nAdmins can update quotas of everyone. Inviters can update quotas of invitees.", "operationId": "updateQuota", "parameters": [ { "name": "username", "in": "formData", "type": "string", "required": true, "description": "Name of the user" }, { "name": "parallel_quota", "in": "formData", "type": "number", "minimum": 0, "description": "Number of GAMS Seconds that the user and the user's invitees can run in parallel" }, { "name": "volume_quota", "in": "formData", "type": "number", "minimum": 0, "description": "Number of GAMS Seconds that the user and the user's invitees can run in total" }, { "name": "disk_quota", "in": "formData", "type": "integer", "minimum": 0, "maximum": 100000000000000, "description": "Storage in bytes that the user and the user's invitees can use in total" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "usage" ] }, "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/quota" } } } }, "summary": "Gets quotas for the given user", "description": "Users inherit quotas from their (grand) inviters as well.\nAdmins can query the quotas of everyone. Inviters can query the quotas of themselves and invitees. Users can query quotas for themselves.", "operationId": "getQuota", "parameters": [ { "name": "username", "in": "query", "type": "string", "required": true, "description": "Name of the user" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "usage" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes the quota that is bound to the given user", "description": "Admins can delete quotas of everyone. Inviters can delete quotas of invitees.", "operationId": "deleteQuota", "parameters": [ { "name": "username", "in": "query", "type": "string", "required": true, "description": "Name of the user" }, { "name": "field", "in": "query", "type": "string", "description": "Name of the field to delete, if not provided all fields are deleted", "enum": [ "volume_quota", "parallel_quota", "disk_quota" ] } ], "security": [ { "BasicAuth": [] } ], "tags": [ "usage" ] } }, "/users/": { "put": { "responses": { "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Changes password of the user with the given username", "description": "Users can change their own passwords,\nInviters can change password of invitees,\nAdmins can change the password of anyone.\nThis has no effect if the target user is not using Engine as identity provider.", "operationId": "replaceUserPassword", "parameters": [ { "name": "username", "in": "formData", "type": "string", "pattern": "^[a-zA-Z0-9_]{4,70}$", "required": true, "description": "Username of the user whose password is to be changed" }, { "name": "password", "in": "formData", "type": "string", "required": true } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "users" ] }, "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/user" } } } }, "summary": "If admin, lists all users unless `everyone` is set to False", "description": "If inviter, lists users invited directly/indirectly unless `everyone` is set to False.\nIf normal user, shows details of logged-in user.\nSetting username filters the results.\nWhen `everyone` is set to False, only information about the logged-in user is shown.", "operationId": "listUsers", "parameters": [ { "name": "username", "in": "query", "type": "string", "pattern": "^[a-zA-Z0-9_]{4,70}$", "description": "Username of the user to filter" }, { "name": "everyone", "in": "query", "type": "boolean", "description": "If True, which is default, shows invitees.", "default": true }, { "name": "X-Fields", "in": "header", "type": "string" }, { "name": "filter", "in": "query", "type": "array", "description": "Supported filters are: 'deleted=boolean'", "items": { "type": "string" }, "collectionFormat": "multi" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "users" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes a user", "description": "Admins can delete anyone, inviters can delete users who are directly/indirectly invited.\nRequires admin or inviter role.", "operationId": "deleteUser", "parameters": [ { "name": "username", "in": "query", "type": "string", "pattern": "^[a-zA-Z0-9_]{4,70}$", "required": true, "description": "Username of the user to delete" }, { "name": "delete_results", "in": "query", "type": "boolean", "description": "Also delete all submission results that are related to the user" }, { "name": "delete_children", "in": "query", "type": "boolean", "description": "Delete users invited directly/indirectly by this user", "default": false } ], "security": [ { "BasicAuth": [] } ], "tags": [ "users" ] }, "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "201": { "description": "Success", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Creates a new user if the invitation code is valid and not used", "description": "Username must be unique.\nInvitation code is considered invalid if the identity provider attached to it is deleted.", "operationId": "register", "parameters": [ { "name": "username", "in": "formData", "type": "string", "pattern": "^[a-zA-Z0-9_]{4,70}$", "required": true }, { "name": "password", "in": "formData", "type": "string" }, { "name": "invitation_code", "in": "formData", "type": "string", "required": true, "description": "Invitation code" }, { "name": "identification_token", "in": "formData", "type": "string", "description": "3rd party signed JWT token for identification. Needs to be an ID token for OIDC providers and an access token for OAuth 2.0 providers." } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "users" ] } }, "/users/identity-provider": { "put": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Identity provider or user not found", "schema": { "$ref": "#/definitions/not_found" } }, "403": { "description": "Unauthorized", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Unauthenticated", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "200": { "description": "Identity provider updated", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Updates the identity provider of the user or blocks the user", "description": "Admins can update anyone's identity provider to any identity provider.\nInviters can update their subtree's identity provider to any allowed identity provider.\nTo block the user, leave `identity_provider_name` empty.", "operationId": "updateUserIdentityProvider", "parameters": [ { "name": "username", "in": "formData", "type": "string", "required": true, "description": "Name of the user whose identity provider is to be updated" }, { "name": "identity_provider_name", "in": "formData", "type": "string", "description": "Name of the identity provider. To switch back to using Engine as identity provider, use `gams_engine` as value. If it is empty, the user will be blocked and won't be able to login. " }, { "name": "identity_provider_user_subject", "in": "formData", "type": "string", "description": "Subject of the user in the 3rd party identity provider. Leave empty when using Engine as your identity provider. You can leave it blank if you do not know the user's subject in the OAuth 2.0 or OIDC provider" }, { "name": "password", "in": "formData", "type": "string", "description": "When `gams_engine` is the identity provider, this field is required and used as the user's password." } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "users" ] } }, "/users/invitation": { "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/invitation" } } } }, "summary": "Lists the invitation codes created by the user", "description": "\"Everyone\" argument can only be set by the admin,\nand if it is set, all invitations are listed.\nRequires inviter or admin role.", "operationId": "listInvitations", "parameters": [ { "name": "token", "in": "query", "type": "string", "description": "Invitation code to filter" }, { "name": "everyone", "in": "query", "type": "boolean", "description": "Can only be set by admin, lists all invitations" }, { "name": "X-Fields", "in": "header", "type": "string" }, { "name": "filter", "in": "query", "type": "array", "description": "Supported filters are: 'used=boolean'", "items": { "type": "string" }, "collectionFormat": "multi" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "users" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Deletes an invitation if it is unused", "description": "Admins can delete all unused invitations,\ninviters can only delete invitations that belong to them or\nthat belong to direct/indirect invitees of them.", "operationId": "deleteInvitation", "parameters": [ { "name": "token", "in": "query", "type": "string", "required": true, "description": "Token of the invitation to be deleted" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "users" ] }, "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Namespace not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "201": { "description": "Successful", "schema": { "$ref": "#/definitions/invitation_token" } } }, "summary": "Creates an invitation code for new user", "description": "Admins can invite admins, inviters and normal users. Inviters can invite\ninviters and normal users. Inviters cannot grant permissions that they\ndo not possess. Only admins can specify `gams_license`.\nRequires admin or inviter role.", "operationId": "createInvitation", "parameters": [ { "name": "roles", "in": "formData", "type": "array", "description": "Possible values are: ['inviter', 'admin']", "items": { "type": "string" }, "collectionFormat": "multi", "enum": [ "inviter", "admin" ] }, { "name": "namespace_permissions", "in": "formData", "type": "array", "description": "Syntax is permission_number@namespace_name, ie \"7@global\"", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "parallel_quota", "in": "formData", "type": "number", "minimum": 0, "description": "Number of GAMS Seconds that the user and the user's invitees can run in parallel" }, { "name": "volume_quota", "in": "formData", "type": "number", "minimum": 0, "description": "Number of GAMS Seconds that the user and the user's invitees can run in total" }, { "name": "disk_quota", "in": "formData", "type": "integer", "minimum": 0, "maximum": 100000000000000, "description": "Storage space in bytes that the user and the user's invitees can use in total" }, { "name": "labels", "in": "formData", "type": "array", "minLength": 1, "maxLength": 60, "description": "Instances to assign to user", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "default_label", "in": "formData", "type": "string", "minLength": 1, "maxLength": 60, "description": "Label of the instance to be used as default" }, { "name": "inherit_instances", "in": "formData", "type": "boolean", "description": "Whether to inherit instances from inviter" }, { "name": "user_groups", "in": "formData", "type": "array", "description": "User groups to put the user in, in format user_group@namespace format", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "gams_license", "in": "formData", "type": "string", "maxLength": 1000, "description": "Base64 encoded GAMS license to attach to user" }, { "name": "identity_provider_name", "in": "formData", "type": "string", "description": "Name of the 3rd party identity provider that will be used to authenticate the user, use \"gams_engine\" or leave empty to use Engine as your identity provider. You can leave it blank only if you have only Engine as an invitable identity provider" }, { "name": "identity_provider_user_subject", "in": "formData", "type": "string", "description": "Subject of the user in the 3rd party identity provider. Leave empty when using Engine as your identity provider. You can leave it blank if you do not know the user's subject in the OAuth 2.0 or OIDC provider" }, { "name": "invitable_identity_providers", "in": "formData", "type": "array", "description": "If the invited user has the inviter role, this argument lists the identity providers that the user can use to invite.", "items": { "type": "string" }, "collectionFormat": "multi" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "users" ] } }, "/users/invitation/{token}": { "parameters": [ { "name": "token", "in": "path", "required": true, "type": "string" } ], "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Invitation not found", "schema": { "$ref": "#/definitions/not_found" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/invitation" } } }, "summary": "Get the metadata attached to the invitation", "description": "The invitation must be unused.", "operationId": "getInvitationMetadata", "tags": [ "users" ] } }, "/users/inviters-providers/{username}": { "parameters": [ { "name": "username", "in": "path", "required": true, "type": "string" } ], "put": { "responses": { "404": { "description": "Identity provider or user not found", "schema": { "$ref": "#/definitions/not_found" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Updates the list of identity providers that the specified user can use when inviting", "description": "Requires admin or inviter role", "operationId": "assignIdentityProvidersToInviter", "parameters": [ { "name": "name", "in": "formData", "type": "array", "description": "Unique identifiers of identity providers", "items": { "type": "string" }, "collectionFormat": "multi" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "users" ] }, "get": { "responses": { "404": { "description": "User not found", "schema": { "$ref": "#/definitions/not_found" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "type": "array", "items": { "$ref": "#/definitions/identity_provider" } } } }, "summary": "Lists the identity providers that the specified user can use when inviting", "description": "Requires admin or inviter role.\nIf the listed user is admin, returns all identity providers.\nIf the listed user is inviter, returns the identity providers that the user can invite with.\nIf the listed user has no role, returns an empty list.", "operationId": "listIdentityProvidersOfInviter", "security": [ { "BasicAuth": [] } ], "tags": [ "users" ] } }, "/users/role": { "put": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Promotes/demotes user", "description": "Admins can modify anyone.\nInviters can modify direct/indirect invitees.", "operationId": "updateUserRole", "parameters": [ { "name": "username", "in": "formData", "type": "string", "pattern": "^[a-zA-Z0-9_]{4,70}$", "required": true, "description": "Username of the user whose roles are to be changed" }, { "name": "roles", "in": "formData", "type": "array", "description": "New roles of the user, possible values are: ['inviter', 'admin']", "items": { "type": "string" }, "collectionFormat": "multi", "enum": [ "inviter", "admin" ] } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "users" ] } }, "/users/username": { "put": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "429": { "description": "Username changed recently", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "User not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Changes username of the user with the given username", "description": "Requires admin permissions.", "operationId": "replaceUserName", "parameters": [ { "name": "username", "in": "formData", "type": "string", "pattern": "^[a-zA-Z0-9_]{4,70}$", "required": true, "description": "Username of the user whose username is to be changed" }, { "name": "new_username", "in": "formData", "type": "string", "pattern": "^[a-zA-Z0-9_]{4,70}$", "required": true } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "users" ] } }, "/users/webhooks": { "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access" }, "401": { "description": "Invalid authentication" }, "200": { "description": "Succesful", "schema": { "type": "array", "items": { "$ref": "#/definitions/webhook" } } } }, "summary": "If admin, lists all webhooks", "description": "If inviter, lists webhooks of direct/indirect invitees.\nIf user, lists webhooks of logged-in user.\n\nThe webhook feature has to be enabled via the `/configuration` endpoint.\nIn case the webhook_access configuration is set to `ADMIN_ONLY`,\nonly admins are able to access this endpoint.", "operationId": "listWebhooks", "security": [ { "BasicAuth": [] } ], "tags": [ "users" ] }, "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Webhook not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Removes an existing webhook", "description": "The webhook feature has to be enabled via the `/configuration` endpoint.\nIn case the webhook_access configuration is set to `ADMIN_ONLY`,\nonly admins are able to access this endpoint.", "operationId": "deleteWebhook", "parameters": [ { "name": "id", "in": "query", "type": "integer", "minimum": 0, "exclusiveMinimum": true, "required": true, "description": "The ID of the webhook to be removed" } ], "security": [ { "BasicAuth": [] } ], "tags": [ "users" ] }, "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "201": { "description": "Created", "schema": { "$ref": "#/definitions/message_with_webhook_id" } } }, "summary": "Creates a new webhook", "description": "The webhook feature has to be enabled via the `/configuration` endpoint.\nIn case the webhook_access configuration is set to `ADMIN_ONLY`,\nonly admins are able to access this endpoint.", "operationId": "createWebhook", "parameters": [ { "name": "url", "in": "formData", "type": "string", "format": "uri", "description": "The URL to which the payload is to be sent" }, { "name": "content_type", "in": "formData", "type": "string", "description": "The media type used to serialize the data. Possible values are form and json (form is the default).", "default": "form", "enum": [ "form", "json" ] }, { "name": "secret", "in": "formData", "type": "string", "minLength": 8, "maxLength": 255, "description": "The secret key used to generate the HMAC. This HMAC will be included in the X-ENGINE-HMAC header." }, { "name": "recursive", "in": "formData", "type": "boolean", "description": "Whether the webhook should also be registered for invitees. If the logged-in user is admin, recursive means that the webhook is registered globally for all users.", "default": false }, { "name": "events", "in": "formData", "type": "array", "description": "(Non-parameterized) events to subscribe to (default: all events). Possible values:\nALL\nJOB_FINISHED\nHC_JOB_FINISHED\nJOB_OUT_OF_RESOURCES\nHC_JOB_OUT_OF_RESOURCES\nINVALIDATE_CACHE", "items": { "type": "string" }, "collectionFormat": "multi", "enum": [ "ALL", "JOB_FINISHED", "HC_JOB_FINISHED", "JOB_OUT_OF_RESOURCES", "HC_JOB_OUT_OF_RESOURCES", "INVALIDATE_CACHE" ] }, { "name": "parameterized_events", "in": "formData", "type": "array", "description": "Parameterized events to subscribe to (format: EVENT_NAME=value). Possible values:\nVOLUME_QUOTA_THRESHOLD\nJOB_DURATION_THRESHOLD\nHC_JOB_DURATION_THRESHOLD", "items": { "type": "string" }, "collectionFormat": "multi" }, { "name": "insecure_ssl", "in": "formData", "type": "boolean", "description": "Whether to disable validation of SSL certificates when submitting this webhook. We strongly recommend not disabling certificate validation to protect against Man in The Middle attacks.", "default": false } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "users" ] } }, "/users/webhooks/webpush": { "delete": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Subscription not found", "schema": { "$ref": "#/definitions/not_found" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Remove a Web Push subscription from a webhook", "operationId": "deleteWebpushSubscription", "parameters": [ { "name": "endpoint", "in": "query", "type": "string", "required": true, "description": "The endpoint URL of the Web Push subscription" }, { "name": "delete_webhook", "in": "query", "type": "boolean", "description": "Whether to delete the webhook associated with the Web Push subscription", "default": false } ], "security": [ { "BasicAuth": [] } ], "tags": [ "users" ] }, "post": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "404": { "description": "Webhook not found", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication" }, "400": { "description": "Bad input", "schema": { "$ref": "#/definitions/bad_input" } }, "201": { "description": "Created", "schema": { "$ref": "#/definitions/message" } } }, "summary": "Create a Web Push subscription for a webhook", "description": "The webhook feature has to be enabled via the `/configuration` endpoint.\nIn case the webhook_access configuration is set to `ADMIN_ONLY`,\nonly admins are able to access this endpoint.", "operationId": "createWebpushSubscription", "parameters": [ { "name": "webhook_id", "in": "formData", "type": "integer", "minimum": 0, "exclusiveMinimum": true, "required": true, "description": "The ID of the webhook to subscribe to" }, { "name": "endpoint", "in": "formData", "type": "string", "format": "uri", "required": true, "description": "The URL to which the payload is to be sent" }, { "name": "key_p256dh", "in": "formData", "type": "string", "required": true, "description": "Shared secret (ECDH P-256)" }, { "name": "key_auth", "in": "formData", "type": "string", "required": true, "description": "Authentication secret" } ], "security": [ { "BasicAuth": [] } ], "consumes": [ "application/x-www-form-urlencoded", "multipart/form-data" ], "tags": [ "users" ] } }, "/users/webhooks/webpush/vapid": { "get": { "responses": { "500": { "description": "Internal error", "schema": { "$ref": "#/definitions/message" } }, "403": { "description": "Unauthorized access", "schema": { "$ref": "#/definitions/message" } }, "401": { "description": "Invalid authentication", "schema": { "$ref": "#/definitions/message" } }, "200": { "description": "Successful", "schema": { "$ref": "#/definitions/vapid_info" } } }, "summary": "Retrieves VAPID information required for Web Push", "description": "The webhook feature has to be enabled via the `/configuration` endpoint.\nIn case the webhook_access configuration is set to `ADMIN_ONLY`,\nonly admins are able to access this endpoint.", "operationId": "getVAPIDInfo", "security": [ { "BasicAuth": [] } ], "tags": [ "users" ] } }, "/version": { "get": { "responses": { "200": { "description": "Successful", "schema": { "$ref": "#/definitions/model_version" } } }, "summary": "Returns Engine and GAMS versions", "operationId": "getVersion", "tags": [ "default" ] } } }, "info": { "title": "GAMS Engine", "version": "26.03.24", "description": "With GAMS Engine you can register and solve GAMS models.\nIt has a namespace management system, so you can restrict your users to certain models." }, "produces": [ "application/json" ], "consumes": [ "application/json" ], "securityDefinitions": { "BasicAuth": { "type": "basic" } }, "tags": [ { "name": "default", "description": "Default namespace" }, { "name": "namespaces", "description": "Namespace related operations" }, { "name": "jobs", "description": "Send jobs, query results, poll logs etc." }, { "name": "users", "description": "Create invitation codes, list users, etc." }, { "name": "auth", "description": "Get token for authentication" }, { "name": "hypercube", "description": "Post Hypercube jobs" }, { "name": "cleanup", "description": "Free resources" }, { "name": "licenses", "description": "Manage GAMS licenses" }, { "name": "usage", "description": "Retrieve user usage data, manage instances and quotas" } ], "definitions": { "model_version": { "properties": { "version": { "type": "string" }, "gams_version": { "type": "string" }, "in_kubernetes": { "type": "boolean" } }, "type": "object" }, "model_configuration": { "properties": { "webhook_access": { "type": "string", "example": "DISABLED", "enum": [ "DISABLED", "ADMIN_ONLY", "ENABLED" ] }, "instance_pool_access": { "type": "string", "example": "DISABLED", "enum": [ "DISABLED", "ADMIN_ONLY", "INVITER_ONLY", "ENABLED" ] }, "job_priorities_access": { "type": "string", "example": "DISABLED", "enum": [ "DISABLED", "ENABLED" ] }, "text_entries_max_size": { "type": "integer" }, "hostname": { "type": "string" }, "use_brokerv2": { "type": "boolean" } }, "type": "object" }, "message": { "properties": { "message": { "type": "string" } }, "type": "object" }, "models": { "properties": { "name": { "type": "string" }, "upload_date": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "arguments": { "type": "array", "items": { "type": "string" } }, "text_entries": { "type": "array", "items": { "type": "string" } }, "stream_entries": { "type": "array", "items": { "type": "string" } }, "inex": { "$ref": "#/definitions/inex" }, "run": { "type": "string", "x-nullable": true }, "protect_model_files": { "type": "boolean", "default": false }, "user_groups": { "type": "array", "items": { "type": "string" } }, "length": { "type": "integer" } }, "x-mask": "{name,upload_date,arguments,text_entries,stream_entries,inex,run,user_groups,length}", "type": "object" }, "inex": { "properties": { "type": { "type": "string" }, "files": { "type": "array", "items": { "type": "string" } }, "globbing_enabled": { "type": "boolean", "default": true } }, "type": "object", "x-nullable": true }, "perm_and_username": { "properties": { "username": { "type": "string" }, "permission": { "type": "integer" } }, "type": "object" }, "namespace_quota": { "properties": { "name": { "type": "string" }, "disk_quota": { "type": "integer", "x-nullable": true }, "disk_use": { "type": "integer" } }, "type": "object" }, "user_groups": { "properties": { "label": { "type": "string" }, "created_at": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "created_by": { "$ref": "#/definitions/model_user" }, "owned_by": { "type": "string" }, "members": { "type": "array", "items": { "$ref": "#/definitions/user_group_member" } } }, "type": "object" }, "model_user": { "properties": { "username": { "type": "string" }, "deleted": { "type": "boolean" }, "old_username": { "type": "string", "x-nullable": true } }, "type": "object" }, "user_group_member": { "properties": { "username": { "type": "string" }, "added_at": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "added_by": { "$ref": "#/definitions/model_user" } }, "type": "object" }, "namespace_with_permission": { "properties": { "name": { "type": "string" }, "permission": { "type": "integer" }, "disk_quota": { "type": "integer", "x-nullable": true } }, "type": "object" }, "namespace": { "properties": { "name": { "type": "string" }, "permissions": { "type": "array", "items": { "$ref": "#/definitions/perm_and_username" } }, "disk_quota": { "type": "integer", "x-nullable": true } }, "type": "object" }, "status_code_meaning": { "properties": { "status_code": { "type": "integer" }, "description": { "type": "string" } }, "type": "object" }, "job_no_text_entry_page": { "properties": { "count": { "type": "integer" }, "next": { "type": "string", "x-nullable": true }, "previous": { "type": "string", "x-nullable": true }, "results": { "type": "array", "items": { "$ref": "#/definitions/job_no_text_entry" } } }, "type": "object" }, "job_no_text_entry": { "properties": { "token": { "type": "string" }, "model": { "type": "string" }, "is_temporary_model": { "type": "boolean" }, "is_data_provided": { "type": "boolean" }, "status": { "type": "integer" }, "process_status": { "type": "integer", "x-nullable": true }, "stdout_filename": { "type": "string", "x-nullable": true }, "namespace": { "type": "string" }, "tag": { "type": "string", "x-nullable": true }, "stream_entries": { "type": "array", "items": { "type": "string" } }, "arguments": { "type": "array", "items": { "type": "string" } }, "submitted_at": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "finished_at": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00", "x-nullable": true }, "user": { "$ref": "#/definitions/model_user" } }, "x-mask": "{model,status,process_status,submitted_at,stdout_filename,namespace,token,finished_at}", "type": "object" }, "quota_exceeded": { "properties": { "message": { "type": "string" }, "exceeded_quotas": { "type": "array", "items": { "$ref": "#/definitions/quota" } } }, "type": "object" }, "quota": { "properties": { "username": { "type": "string" }, "parallel_quota": { "type": "number", "x-nullable": true }, "volume_quota": { "type": "number", "x-nullable": true }, "volume_used": { "type": "number" }, "disk_quota": { "type": "integer", "x-nullable": true }, "disk_used": { "type": "integer", "x-nullable": true } }, "type": "object" }, "message_and_token": { "properties": { "message": { "type": "string" }, "token": { "type": "string" }, "quota_warning": { "type": "array", "items": { "$ref": "#/definitions/quota" } } }, "type": "object" }, "job": { "properties": { "token": { "type": "string" }, "model": { "type": "string" }, "is_temporary_model": { "type": "boolean" }, "is_data_provided": { "type": "boolean" }, "status": { "type": "integer" }, "process_status": { "type": "integer", "x-nullable": true }, "stdout_filename": { "type": "string", "x-nullable": true }, "namespace": { "type": "string" }, "tag": { "type": "string", "x-nullable": true }, "stream_entries": { "type": "array", "items": { "type": "string" } }, "arguments": { "type": "array", "items": { "type": "string" } }, "submitted_at": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "finished_at": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00", "x-nullable": true }, "user": { "$ref": "#/definitions/model_user" }, "text_entries": { "type": "array", "items": { "$ref": "#/definitions/text_entry" } }, "dep_tokens": { "type": "array", "items": { "type": "string" } }, "labels": { "$ref": "#/definitions/model_job_labels" }, "result_exists": { "type": "boolean" }, "access_groups": { "type": "array", "items": { "type": "string" } } }, "x-mask": "{token,model,is_temporary_model,is_data_provided,status,process_status,stdout_filename,namespace,stream_entries,arguments,submitted_at,finished_at,user,text_entries,dep_tokens,labels,result_exists}", "type": "object" }, "text_entry": { "properties": { "entry_name": { "type": "string" }, "entry_value": { "type": "string", "x-nullable": true }, "entry_size": { "type": "integer", "x-nullable": true } }, "type": "object" }, "model_job_labels": { "properties": { "cpu_request": { "type": "number", "x-nullable": true }, "memory_request": { "type": "integer", "x-nullable": true }, "workspace_request": { "type": "integer", "x-nullable": true }, "tolerations": { "type": "array", "items": { "$ref": "#/definitions/generic_key_value_pair" }, "x-nullable": true }, "node_selectors": { "type": "array", "items": { "$ref": "#/definitions/generic_key_value_pair" }, "x-nullable": true }, "resource_warning": { "type": "string", "example": "none", "enum": [ "none", "disk", "memory" ], "x-nullable": true }, "instance": { "type": "string", "x-nullable": true }, "multiplier": { "type": "number", "x-nullable": true } }, "x-mask": "{cpu_request,memory_request,workspace_request,tolerations,node_selectors}", "type": "object", "additionalProperties": { "type": "string" }, "x-nullable": true }, "log_piece": { "properties": { "message": { "type": "string" }, "queue_finished": { "type": "boolean" }, "gams_return_code": { "type": "integer", "x-nullable": true } }, "type": "object" }, "stream_entry": { "properties": { "entry_value": { "type": "string" }, "queue_finished": { "type": "boolean" } }, "type": "object" }, "bad_input": { "properties": { "message": { "type": "string" }, "errors": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "user": { "properties": { "username": { "type": "string", "example": "John" }, "roles": { "type": "array", "items": { "type": "string", "title": "UserRole", "description": "A user role", "example": "inviter" } }, "deleted": { "type": "boolean" }, "old_username": { "type": "string", "x-nullable": true }, "inviter_name": { "type": "string", "x-nullable": true }, "invitation_time": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00", "x-nullable": true }, "identity_provider": { "type": "string", "x-nullable": true }, "identity_provider_user_subject": { "type": "string", "x-nullable": true } }, "type": "object" }, "invitation": { "properties": { "token": { "type": "string" }, "inviter_name": { "type": "string" }, "username": { "type": "string", "x-nullable": true }, "created": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "used": { "type": "boolean" }, "roles": { "type": "array", "items": { "type": "string" } }, "permissions": { "type": "array", "items": { "type": "string" } }, "quota": { "$ref": "#/definitions/invitation_quota" }, "user_groups": { "type": "array", "items": { "type": "string" } }, "gams_license": { "type": "string", "x-nullable": true }, "identity_provider": { "type": "string", "x-nullable": true }, "identity_provider_user_subject": { "type": "string", "x-nullable": true }, "invitable_identity_providers": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "invitation_quota": { "properties": { "parallel_quota": { "type": "number", "x-nullable": true }, "volume_quota": { "type": "number", "x-nullable": true }, "disk_quota": { "type": "integer", "x-nullable": true } }, "type": "object" }, "invitation_token": { "properties": { "invitation_token": { "type": "string" } }, "type": "object" }, "not_found": { "properties": { "message": { "type": "string" }, "entity": { "type": "string" }, "names": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "webhook": { "properties": { "id": { "type": "integer" }, "username": { "type": "string", "example": "John" }, "url": { "type": "string", "x-nullable": true }, "content_type": { "type": "string", "example": "form", "enum": [ "form", "json" ] }, "events": { "type": "array", "items": { "type": "string", "example": "ALL", "enum": [ "ALL", "JOB_FINISHED", "HC_JOB_FINISHED", "JOB_OUT_OF_RESOURCES", "HC_JOB_OUT_OF_RESOURCES", "VOLUME_QUOTA_THRESHOLD", "JOB_DURATION_THRESHOLD", "HC_JOB_DURATION_THRESHOLD", "INVALIDATE_CACHE" ] } }, "parameterized_events": { "type": "array", "items": { "$ref": "#/definitions/webhook_parameterized_event" } }, "recursive": { "type": "boolean" }, "insecure_ssl": { "type": "boolean" }, "created_at": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" } }, "type": "object" }, "webhook_parameterized_event": { "properties": { "event": { "type": "string", "example": "ALL", "enum": [ "ALL", "JOB_FINISHED", "HC_JOB_FINISHED", "JOB_OUT_OF_RESOURCES", "HC_JOB_OUT_OF_RESOURCES", "VOLUME_QUOTA_THRESHOLD", "JOB_DURATION_THRESHOLD", "HC_JOB_DURATION_THRESHOLD", "INVALIDATE_CACHE" ] }, "parameters": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "message_with_webhook_id": { "properties": { "message": { "type": "string" }, "id": { "type": "integer" } }, "type": "object" }, "vapid_info": { "properties": { "application_server_key": { "type": "string" } }, "type": "object" }, "identity_provider": { "properties": { "name": { "type": "string" }, "label": { "type": "string" }, "hidden": { "type": "boolean" }, "oauth2": { "$ref": "#/definitions/identity_provider_oauth2" }, "oidc": { "$ref": "#/definitions/identity_provider_oidc" }, "is_main_identity_provider": { "type": "boolean" }, "is_ldap_identity_provider": { "type": "boolean" } }, "type": "object" }, "identity_provider_oauth2": { "properties": { "issuer": { "type": "string" }, "authorization_endpoint": { "type": "string" }, "token_endpoint": { "type": "string", "x-nullable": true }, "jwks_uri": { "type": "string" }, "end_session_endpoint": { "type": "string", "x-nullable": true }, "device_authorization_endpoint": { "type": "string", "x-nullable": true }, "response_types_supported": { "type": "array", "items": { "type": "string" } }, "grant_types_supported": { "type": "array", "items": { "type": "string" } }, "token_endpoint_auth_methods_supported": { "type": "array", "items": { "type": "string" } }, "scopes": { "type": "array", "items": { "$ref": "#/definitions/identity_provider_oauth2_scope" } }, "web_ui_client_id": { "type": "string" }, "device_client_id": { "type": "string", "x-nullable": true }, "override_audience": { "type": "string", "x-nullable": true }, "has_web_ui_client_secret": { "type": "boolean" } }, "type": "object" }, "identity_provider_oauth2_scope": { "properties": { "scope": { "type": "string" }, "request_scope": { "type": "string" } }, "type": "object" }, "identity_provider_oidc": { "properties": { "issuer": { "type": "string" }, "authorization_endpoint": { "type": "string" }, "token_endpoint": { "type": "string", "x-nullable": true }, "jwks_uri": { "type": "string" }, "end_session_endpoint": { "type": "string", "x-nullable": true }, "device_authorization_endpoint": { "type": "string", "x-nullable": true }, "token_endpoint_auth_methods_supported": { "type": "array", "items": { "type": "string" } }, "web_ui_client_id": { "type": "string" }, "device_client_id": { "type": "string", "x-nullable": true }, "extra_client_ids": { "type": "array", "items": { "type": "string" } }, "scopes": { "type": "array", "items": { "type": "string" } }, "uid": { "type": "string" }, "has_web_ui_client_secret": { "type": "boolean" }, "has_device_client_secret": { "type": "boolean" } }, "type": "object" }, "model_auth_token": { "properties": { "token": { "type": "string" } }, "type": "object" }, "identity_provider_oauth2_with_secret": { "properties": { "issuer": { "type": "string" }, "authorization_endpoint": { "type": "string" }, "token_endpoint": { "type": "string", "x-nullable": true }, "jwks_uri": { "type": "string" }, "end_session_endpoint": { "type": "string", "x-nullable": true }, "device_authorization_endpoint": { "type": "string", "x-nullable": true }, "response_types_supported": { "type": "array", "items": { "type": "string" } }, "grant_types_supported": { "type": "array", "items": { "type": "string" } }, "token_endpoint_auth_methods_supported": { "type": "array", "items": { "type": "string" } }, "scopes": { "type": "array", "items": { "$ref": "#/definitions/identity_provider_oauth2_scope" } }, "web_ui_client_id": { "type": "string" }, "device_client_id": { "type": "string", "x-nullable": true }, "override_audience": { "type": "string", "x-nullable": true }, "name": { "type": "string" }, "label": { "type": "string" }, "hidden": { "type": "boolean" }, "web_ui_client_secret": { "type": "string" } }, "type": "object" }, "identity_provider_oidc_with_secret": { "properties": { "issuer": { "type": "string" }, "authorization_endpoint": { "type": "string" }, "token_endpoint": { "type": "string", "x-nullable": true }, "jwks_uri": { "type": "string" }, "end_session_endpoint": { "type": "string", "x-nullable": true }, "device_authorization_endpoint": { "type": "string", "x-nullable": true }, "token_endpoint_auth_methods_supported": { "type": "array", "items": { "type": "string" } }, "web_ui_client_id": { "type": "string" }, "device_client_id": { "type": "string", "x-nullable": true }, "extra_client_ids": { "type": "array", "items": { "type": "string" } }, "scopes": { "type": "array", "items": { "type": "string" } }, "uid": { "type": "string" }, "has_web_ui_client_secret": { "type": "boolean" }, "has_device_client_secret": { "type": "boolean" }, "name": { "type": "string" }, "label": { "type": "string" }, "hidden": { "type": "boolean" }, "web_ui_client_secret": { "type": "string" }, "device_client_secret": { "type": "string" } }, "type": "object" }, "token_forward_error": { "properties": { "error": { "type": "string" } }, "type": "object" }, "forwarded_token_response": { "properties": { "access_token": { "type": "string" }, "id_token": { "type": "string", "x-nullable": true }, "token_type": { "type": "string" }, "expires_in": { "type": "integer" }, "refresh_token": { "type": "string", "x-nullable": true }, "scope": { "type": "string", "x-nullable": true } }, "type": "object" }, "identity_provider_ldap": { "properties": { "name": { "type": "string" }, "label": { "type": "string" }, "hidden": { "type": "boolean" }, "host": { "type": "string" }, "port": { "type": "integer" }, "uid": { "type": "string" }, "bind_dn": { "type": "string", "x-nullable": true }, "password": { "type": "string", "x-nullable": true }, "encryption": { "type": "string" }, "active_directory": { "type": "boolean" }, "base": { "type": "string" }, "user_filter": { "type": "string" }, "verify_certificates": { "type": "boolean" } }, "type": "object" }, "password_policy": { "properties": { "min_password_length": { "type": "integer" }, "must_include_uppercase": { "type": "boolean" }, "must_include_lowercase": { "type": "boolean" }, "must_include_number": { "type": "boolean" }, "must_include_special_char": { "type": "boolean" }, "not_in_popular_passwords": { "type": "boolean" } }, "type": "object" }, "hypercube_page": { "properties": { "count": { "type": "integer" }, "next": { "type": "string", "x-nullable": true }, "previous": { "type": "string", "x-nullable": true }, "results": { "type": "array", "items": { "$ref": "#/definitions/hypercube" } } }, "type": "object" }, "hypercube": { "properties": { "arguments": { "type": "array", "items": { "type": "string" } }, "status": { "type": "integer" }, "finished": { "type": "integer" }, "successfully_finished": { "type": "integer" }, "is_data_provided": { "type": "boolean" }, "is_temporary_model": { "type": "boolean" }, "job_count": { "type": "integer" }, "model": { "type": "string" }, "namespace": { "type": "string" }, "submitted_at": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "finished_at": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00", "x-nullable": true }, "token": { "type": "string" }, "tag": { "type": "string", "x-nullable": true }, "user": { "$ref": "#/definitions/model_user" }, "dep_tokens": { "type": "array", "items": { "type": "string" }, "x-nullable": true }, "labels": { "$ref": "#/definitions/model_job_labels", "x-nullable": true }, "access_groups": { "type": "array", "items": { "type": "string" }, "x-nullable": true }, "result_exists": { "type": "boolean", "x-nullable": true } }, "x-mask": "{arguments,status,finished,successfully_finished,is_data_provided,is_temporary_model,job_count,model,namespace,submitted_at,finished_at,token,user,dep_tokens,labels,result_exists}", "type": "object" }, "hypercube_token": { "properties": { "hypercube_token": { "type": "string" }, "quota_warning": { "type": "array", "items": { "$ref": "#/definitions/quota" } } }, "type": "object" }, "cleanable_job_result_page": { "properties": { "count": { "type": "integer" }, "next": { "type": "string", "x-nullable": true }, "previous": { "type": "string", "x-nullable": true }, "results": { "type": "array", "items": { "$ref": "#/definitions/cleanable_job_result" } }, "total_length": { "type": "integer" } }, "type": "object" }, "cleanable_job_result": { "properties": { "type": { "type": "string" }, "token": { "type": "string" }, "filename": { "type": "string" }, "length": { "type": "integer" }, "upload_date": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "namespace": { "type": "string" }, "user": { "$ref": "#/definitions/model_user" } }, "type": "object" }, "files_not_found": { "properties": { "message": { "type": "string" }, "filename": { "type": "array", "items": { "type": "string" } }, "token": { "type": "array", "items": { "type": "string" } }, "hypercube_token": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "license": { "properties": { "user": { "type": "string" }, "inherited_from": { "type": "string" }, "license": { "type": "string" } }, "type": "object" }, "engine_license": { "properties": { "license": { "type": "string", "x-nullable": true }, "expiration_date": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00", "x-nullable": true }, "usi": { "type": "string", "x-nullable": true } }, "type": "object" }, "system_wide_license": { "properties": { "license": { "type": "string", "x-nullable": true } }, "type": "object" }, "model_usage": { "properties": { "job_usage": { "type": "array", "items": { "$ref": "#/definitions/model_job_usage" } }, "hypercube_job_usage": { "type": "array", "items": { "$ref": "#/definitions/model_hypercube_usage" } }, "pool_usage": { "type": "array", "items": { "$ref": "#/definitions/model_pool_usage" } } }, "type": "object" }, "model_job_usage": { "properties": { "username": { "type": "string" }, "token": { "type": "string" }, "status": { "type": "integer" }, "process_status": { "type": "integer", "x-nullable": true }, "namespace": { "type": "string" }, "model": { "type": "string" }, "submitted": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "finished": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00", "x-nullable": true }, "times": { "type": "array", "items": { "$ref": "#/definitions/time_span" } }, "labels": { "$ref": "#/definitions/model_job_labels" } }, "type": "object" }, "time_span": { "properties": { "start": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "finish": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00", "x-nullable": true } }, "type": "object" }, "model_hypercube_usage": { "properties": { "username": { "type": "string" }, "token": { "type": "string" }, "job_count": { "type": "integer" }, "completed": { "type": "integer" }, "jobs": { "type": "array", "items": { "$ref": "#/definitions/model_hypercube_job" } }, "namespace": { "type": "string" }, "model": { "type": "string" }, "submitted": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "finished": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00", "x-nullable": true }, "status": { "type": "integer" }, "labels": { "$ref": "#/definitions/model_job_labels" } }, "type": "object" }, "model_hypercube_job": { "properties": { "job_number": { "type": "integer" }, "status": { "type": "integer" }, "process_status": { "type": "integer", "x-nullable": true }, "times": { "type": "array", "items": { "$ref": "#/definitions/time_span" } } }, "type": "object" }, "model_pool_usage": { "properties": { "label": { "type": "string" }, "owner": { "$ref": "#/definitions/model_user" }, "instance": { "$ref": "#/definitions/model_instance_info" }, "created_at": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "deleted_at": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00", "x-nullable": true }, "times": { "type": "array", "items": { "$ref": "#/definitions/time_span_pool_worker" } } }, "type": "object" }, "model_instance_info": { "properties": { "label": { "type": "string" }, "cpu_request": { "type": "number" }, "memory_request": { "type": "integer" }, "workspace_request": { "type": "integer" }, "node_selectors": { "type": "array", "items": { "$ref": "#/definitions/generic_key_value_pair" } }, "tolerations": { "type": "array", "items": { "$ref": "#/definitions/generic_key_value_pair" } }, "multiplier": { "type": "number" }, "multiplier_idle": { "type": "number" } }, "type": "object", "x-nullable": true }, "time_span_pool_worker": { "properties": { "start": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00" }, "finish": { "type": "string", "format": "date-time", "example": "2021-08-04T17:10:15.000000+00:00", "x-nullable": true }, "worker_id": { "type": "string" }, "multiplier_idle": { "type": "number" } }, "type": "object" }, "model_userinstancepool_info": { "properties": { "instance_pools_available": { "type": "array", "items": { "$ref": "#/definitions/model_instance_pool_info" } } }, "type": "object" }, "model_instance_pool_info": { "properties": { "label": { "type": "string" }, "owner": { "$ref": "#/definitions/model_user" }, "instance": { "$ref": "#/definitions/model_instance_info" }, "size": { "type": "integer" }, "size_active": { "type": "integer" }, "size_busy": { "type": "integer" }, "cancelling": { "type": "boolean" } }, "type": "object" }, "model_instance_info_full": { "properties": { "label": { "type": "string" }, "cpu_request": { "type": "number" }, "memory_request": { "type": "integer" }, "workspace_request": { "type": "integer" }, "node_selectors": { "type": "array", "items": { "$ref": "#/definitions/generic_key_value_pair" } }, "tolerations": { "type": "array", "items": { "$ref": "#/definitions/generic_key_value_pair" } }, "multiplier": { "type": "number" }, "multiplier_idle": { "type": "number" }, "gams_license": { "type": "string", "x-nullable": true } }, "type": "object" }, "generic_key_value_pair": { "properties": { "key": { "type": "string" }, "value": { "type": "string" } }, "type": "object" }, "model_userinstance_info": { "properties": { "instances_inherited_from": { "type": "string", "x-nullable": true }, "default_inherited_from": { "type": "string", "x-nullable": true }, "instances_available": { "type": "array", "items": { "$ref": "#/definitions/model_instance_info" } }, "default_instance": { "$ref": "#/definitions/model_instance_info" } }, "type": "object" }, "model_default_user_instance": { "properties": { "default_instance": { "$ref": "#/definitions/model_default_instance", "x-nullable": true }, "default_inherited_from": { "type": "string", "x-nullable": true } }, "type": "object" }, "model_default_instance": { "properties": { "label": { "type": "string" }, "resource_type": { "type": "string", "description": "The type of computing resource", "example": "instance", "enum": [ "instance", "instance_pool" ] } }, "type": "object" }, "text_entries": { "properties": { "text_entries": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "hypercube_summary": { "properties": { "job_count": { "type": "integer" }, "finished": { "type": "integer" }, "finished_with_status_code_zero": { "type": "integer" } }, "type": "object" } }, "responses": { "ParseError": { "description": "When a mask can't be parsed" }, "MaskError": { "description": "When any error occurs on mask" } }, "host": "localhost" }