{ "id": "@itentialopensource/adapter-zscaler", "type": "Adapter", "export": "Zscaler", "title": "Zscaler", "src": "adapter.js", "roles": [ "admin" ], "methods": [ { "name": "iapUpdateAdapterConfiguration", "summary": "Updates the adapter configuration", "description": "Updates the adapter configuration file with the provided changes", "input": [ { "name": "configFile", "type": "string", "info": "The name of the file to change", "required": true, "schema": { "title": "configFile", "type": "string" } }, { "name": "changes", "type": "object", "info": "JSON object containing the configuration changes", "required": true, "schema": { "title": "changes", "type": "object" } }, { "name": "entity", "type": "string", "info": "The entity in which the changes are being made", "required": false, "schema": { "title": "entity", "type": "string" } }, { "name": "type", "type": "string", "info": "The type of file to change - action, schema, or mock", "required": false, "schema": { "title": "type", "type": "string" } }, { "name": "action", "type": "string", "info": "The action to be changed", "required": false, "schema": { "title": "action", "type": "string" } }, { "name": "replace", "type": "boolean", "info": "True to replace entire mock data, false to merge/append", "required": false, "schema": { "title": "replace", "type": "boolean" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapUpdateAdapterConfiguration" }, "task": true }, { "name": "iapSuspendAdapter", "summary": "Suspends the adapter", "description": "Suspends the adapter", "input": [ { "name": "mode", "type": "enum", "enumerals": [ "pause", "error" ], "info": "How incoming requests are handled. Defaults to 'pause'", "description": "How incoming requests are handled. Defaults to 'pause'", "schema": { "title": "mode", "type": "string" }, "required": false } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing the adapter suspended status", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapSuspendAdapter" }, "task": true }, { "name": "iapUnsuspendAdapter", "summary": "Unsuspends the adapter", "description": "Unsuspends the adapter", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing the adapter suspended status", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapUnsuspendAdapter" }, "task": true }, { "name": "iapGetAdapterQueue", "summary": "Return the requests that are waiting in the queue if throttling is enabled", "description": "Return the requests that are waiting in the queue if throttling is enabled", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing the adapter queue", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapGetAdapterQueue" }, "task": true }, { "name": "iapFindAdapterPath", "summary": "Provides the ability to see if a particular API path is supported by the adapter", "description": "Provides the ability to see if a particular API path is supported by the adapter", "input": [ { "name": "apiPath", "type": "string", "info": "The API Path you want to check - make sure to not include base path and version", "description": "The API Path you want to check - make sure to not include base path and version", "schema": { "title": "apiPath", "type": "string" }, "required": true } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapFindAdapterPath" }, "task": true }, { "name": "iapTroubleshootAdapter", "summary": "Runs troubleshoot script for adapter", "description": "Runs troubleshoot script for adapter", "input": [ { "name": "props", "type": "object", "info": "Object containing configuration, healthcheck and auth properties {'connProps':{'host': 'api.service.com', 'base_path': '/', 'protocol': 'http', 'port': 443, 'version': 'v1'},'healthCheckEndpoint': '/healthcheck', 'auth': {'auth_method': 'no authentication', 'username': 'username', 'password': 'password'}}", "required": true, "schema": { "title": "props", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing the test results", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapTroubleshootAdapter" }, "task": true }, { "name": "iapRunAdapterHealthcheck", "summary": "Runs healthcheck script for adapter", "description": "Runs healthcheck script for adapter", "input": [], "output": { "name": "result", "type": "boolean", "description": "Whether healthcheck passed or failed", "schema": { "title": "result", "type": "boolean" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapRunAdapterHealthcheck" }, "task": true }, { "name": "iapRunAdapterConnectivity", "summary": "Runs connectivity check script for adapter", "description": "Runs connectivity check script for adapter", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing the test results", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapRunAdapterConnectivity" }, "task": true }, { "name": "iapRunAdapterBasicGet", "summary": "Runs basicGet script for adapter", "description": "Runs basicGet script for adapter", "input": [ { "name": "maxCalls", "required": false, "type": "number", "info": "How many GET endpoints to test (defaults to 5)", "schema": { "title": "maxCalls", "type": "number", "default": 5 } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing the test results", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapRunAdapterBasicGet" }, "task": true }, { "name": "iapMoveAdapterEntitiesToDB", "summary": "Moves entities from an adapter into the Itential Platform database", "description": "Moves entities from an adapter into the Itential Platform database", "input": [], "output": { "name": "res", "type": "object", "description": "A JSON Object containing status, code and the response from the mongo transaction", "schema": { "title": "res", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapMoveAdapterEntitiesToDB" }, "task": true }, { "name": "iapDeactivateTasks", "summary": "Deactivate the inputted tasks", "description": "Deactivate the inputted tasks", "input": [ { "name": "tasks", "type": "array", "description": "Tasks to deactivate", "schema": { "title": "tasks", "type": "array" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing success status", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapDeactivateTasks" }, "task": true }, { "name": "iapActivateTasks", "summary": "Activate the inputted tasks", "description": "activate the inputted tasks", "input": [ { "name": "tasks", "type": "array", "description": "Tasks to activate", "schema": { "title": "tasks", "type": "array" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing success status", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapActivateTasks" }, "task": true }, { "name": "iapPopulateEntityCache", "summary": "Populate the cache for the given entities", "description": "Populate the cache for the given entities", "input": [ { "name": "entityTypes", "type": "array", "info": "the entity type(s) to populate", "required": true, "schema": { "title": "entityTypes", "type": "array" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapPopulateEntityCache" }, "task": true }, { "name": "iapRetrieveEntitiesCache", "summary": "Retrieves data from cache for specified entity type", "description": "Retrieves data from cache for specified entity type", "input": [ { "name": "entityType", "type": "string", "info": "entity of which to retrieve", "required": true, "schema": { "title": "entityType", "type": "string" } }, { "name": "options", "type": "object", "info": "settings of which data to return and how to return it", "required": false, "schema": { "title": "options", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapRetrieveEntitiesCache" }, "task": true }, { "name": "getDevice", "summary": "Get the Appliance", "description": "Get the Appliance", "input": [ { "name": "deviceName", "type": "string", "info": "An Appliance Device Name", "required": true, "schema": { "title": "deviceName", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDevice" }, "task": false }, { "name": "getDevicesFiltered", "summary": "Get Appliances that match the filter", "description": "Get Appliances that match the filter", "input": [ { "name": "options", "type": "object", "info": "options - e.g. { 'start': 1, 'limit': 20, 'filter': { 'name': 'abc123' } }", "required": true, "schema": { "title": "options", "type": "object" } } ], "output": { "name": "result", "type": "array", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "array" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDevicesFiltered" }, "task": false }, { "name": "isAlive", "summary": "Checks the status for the provided Appliance", "description": "Checks the status for the provided Appliance", "input": [ { "name": "deviceName", "type": "string", "info": "An Appliance Device Name", "required": true, "schema": { "title": "deviceName", "type": "string" } } ], "output": { "name": "result", "type": "boolean", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "boolean" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/isAlive" }, "task": false }, { "name": "getConfig", "summary": "Gets a config for the provided Appliance", "description": "Gets a config for the provided Appliance", "input": [ { "name": "deviceName", "type": "string", "info": "An Appliance Device Name", "required": true, "schema": { "title": "deviceName", "type": "string" } }, { "name": "format", "type": "string", "info": "The format to be returned - this is ignored as we always return json", "required": false, "schema": { "title": "format", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getConfig" }, "task": false }, { "name": "iapGetDeviceCount", "summary": "Gets a device count from the system", "description": "Gets a device count from the system", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapGetDeviceCount" }, "task": false }, { "name": "iapExpandedGenericAdapterRequest", "summary": "Makes the requested generic call with additional options", "description": "Makes the requested generic call with additional options via metadata", "input": [ { "name": "metadata", "type": "object", "info": "metadata for the call (optional)", "description": "metadata for the call - allows for many enhancements (optional)", "schema": { "title": "metadata", "type": "object" }, "required": false }, { "name": "uriPath", "type": "string", "info": "the path of the api call - do not include the host, port, base path or version", "description": "the path of the api call", "schema": { "title": "uriPath", "type": "string" }, "required": false }, { "name": "restMethod", "type": "string", "info": "the rest method (GET, POST, PUT, PATCH, DELETE)", "description": "the rest method (GET, POST, PUT, PATCH, DELETE)", "schema": { "title": "restMethod", "type": "string" }, "required": false }, { "name": "pathVars", "type": "object", "info": "the parameters to be put within the url path (optional)", "description": "the parameters to be put within the url path (optional)", "schema": { "title": "pathVars", "type": "object" }, "required": false }, { "name": "queryData", "type": "object", "info": "the query parameters to be put on the url (optional)", "description": "the query parameters to be put on the url (optional)", "schema": { "title": "queryData", "type": "object" }, "required": false }, { "name": "requestBody", "type": "object", "info": "the payload to be sent with the request (optional)", "description": "the payload to be sent with the request (optional)", "schema": { "title": "requestBody", "type": "object" }, "required": false }, { "name": "addlHeaders", "type": "object", "info": "additional headers to be put on the call (optional)", "description": "additional headers to be put on the call (optional)", "schema": { "title": "addlHeaders", "type": "object" }, "required": false } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/iapExpandedGenericAdapterRequest" }, "task": true }, { "name": "genericAdapterRequest", "summary": "Makes the requested generic call", "description": "Makes the requested generic call", "input": [ { "name": "uriPath", "type": "string", "info": "the path of the api call - do not include the host, port, base path or version", "description": "the path of the api call", "schema": { "title": "uriPath", "type": "string" }, "required": true }, { "name": "restMethod", "type": "string", "info": "the rest method (GET, POST, PUT, PATCH, DELETE)", "description": "the rest method (GET, POST, PUT, PATCH, DELETE)", "schema": { "title": "restMethod", "type": "string" }, "required": true }, { "name": "queryData", "type": "object", "info": "the query parameters to be put on the url (optional)", "description": "the query parameters to be put on the url (optional)", "schema": { "title": "queryData", "type": "object" }, "required": false }, { "name": "requestBody", "type": "object", "info": "the payload to be sent with the request (optional)", "description": "the payload to be sent with the request (optional)", "schema": { "title": "requestBody", "type": "object" }, "required": false }, { "name": "addlHeaders", "type": "object", "info": "additional headers to be put on the call (optional)", "description": "additional headers to be put on the call (optional)", "schema": { "title": "addlHeaders", "type": "object" }, "required": false } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/genericAdapterRequest" }, "task": true }, { "name": "genericAdapterRequestNoBasePath", "summary": "Makes the requested generic call", "description": "Makes the requested generic call", "input": [ { "name": "uriPath", "type": "string", "info": "the path of the api call - do not include the host, port, base path or version", "description": "the path of the api call", "schema": { "title": "uriPath", "type": "string" }, "required": true }, { "name": "restMethod", "type": "string", "info": "the rest method (GET, POST, PUT, PATCH, DELETE)", "description": "the rest method (GET, POST, PUT, PATCH, DELETE)", "schema": { "title": "restMethod", "type": "string" }, "required": true }, { "name": "queryData", "type": "object", "info": "the query parameters to be put on the url (optional)", "description": "the query parameters to be put on the url (optional)", "schema": { "title": "queryData", "type": "object" }, "required": false }, { "name": "requestBody", "type": "object", "info": "the payload to be sent with the request (optional)", "description": "the payload to be sent with the request (optional)", "schema": { "title": "requestBody", "type": "object" }, "required": false }, { "name": "addlHeaders", "type": "object", "info": "additional headers to be put on the call (optional)", "description": "additional headers to be put on the call (optional)", "schema": { "title": "addlHeaders", "type": "object" }, "required": false } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/genericAdapterRequestNoBasePath" }, "task": true }, { "name": "iapRunAdapterLint", "summary": "Run the adapter lint script to return the results", "description": "Run the adapter lint script to return the results", "input": [], "output": { "name": "result", "type": "string", "description": "A string containing the run results", "schema": { "title": "result", "type": "string" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/iapRunAdapterLint" }, "task": true }, { "name": "iapRunAdapterTests", "summary": "Run the adapter test scripts (baseunit and unit) to return the results", "description": "Run the adapter test scripts (baseunit and unit) to return the results", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/iapRunAdapterTests" }, "task": true }, { "name": "iapGetAdapterInventory", "summary": "Provide inventory information abbout the adapter", "description": "Provide inventory information abbout the adapter", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/iapGetAdapterInventory" }, "task": true }, { "name": "getAuthenticatedSession", "summary": "Checks if there is an authenticated session", "description": "Checks if there is an authentication session.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAuthenticatedSession" }, "task": true }, { "name": "postAuthenticatedSession", "summary": "Creates an authenticated session", "description": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID that must be used in subsequent requests.", "input": [ { "name": "credentials", "type": "object", "info": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID that must be used in subsequent requests.", "required": true, "schema": { "title": "credentials", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postAuthenticatedSession" }, "task": true }, { "name": "deleteAuthenticatedSession", "summary": "Ends an authenticated session", "description": "Ends an authenticated session.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/deleteAuthenticatedSession" }, "task": true }, { "name": "getAuditReport", "summary": "This endpoint is deprecated, use GET /auditlogEntryReport", "description": "Note: GET /auditReport is deprecated, use GET /auditlogEntryReport.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAuditReport" }, "task": true }, { "name": "postAuditReport", "summary": "This endpoint is deprecated, use POST /auditlogEntryReport", "description": "Note: POST /auditReport is deprecated, use POST /auditlogEntryReport.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/postAuditReport" }, "task": true }, { "name": "deleteAuditReport", "summary": "This endpoint is deprecated, use DELETE /auditlogEntryReport", "description": "Note: DELETE /auditReport is deprecated, use DELETE /auditlogEntryReport.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/deleteAuditReport" }, "task": true }, { "name": "getAuditReportdownload", "summary": "This endpoint is deprecated, use GET /auditlogEntryReport/download", "description": "Note: GET /auditReport is deprecated, use GET /auditlogEntryReport/download.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAuditReportdownload" }, "task": true }, { "name": "getAuditlogEntryReport", "summary": "Gets the status of a request for an audit log report", "description": "Gets the status of a request for an audit log report. After sending a POST request to /auditlogEntryReport to generate a report, you can continue to call GET /auditlogEntryReport to check whether the report has finished generating. Once the status is COMPLETE, you can send another GET request to /auditlogEntryReport/download to download the report as a CSV file.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAuditlogEntryReport" }, "task": true }, { "name": "postAuditlogEntryReport", "summary": "Creates an audit log report for the specified time period and saves it as a CSV file", "description": "Creates an audit log report for the specified time period and saves it as a CSV file. The report includes audit information for every call made to the cloud service API during the specified time period. Creating a new audit log report will overwrite a previously-generated report.", "input": [ { "name": "request", "type": "object", "info": "Creates an audit log report for the specified time period and saves it as a CSV file. The report includes audit information for every call made to the cloud service API during the specified time period. Creating a new audit log report will overwrite a previously-generated report.", "required": false, "schema": { "title": "request", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postAuditlogEntryReport" }, "task": true }, { "name": "deleteAuditlogEntryReport", "summary": "Cancels the request to create an audit log report", "description": "Cancels the request to create an audit log report.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/deleteAuditlogEntryReport" }, "task": true }, { "name": "getAuditlogEntryReportdownload", "summary": "Downloads the most recently created audit log report", "description": "Downloads the most recently created audit log report. After a call to GET /auditlogEntryReport indicates that the report (CSV file) was generated, you can send a GET request to /auditlogEntryReport/download to download the file.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAuditlogEntryReportdownload" }, "task": true }, { "name": "getDepartments", "summary": "Gets a list of departments", "description": "Gets a list of departments. The search parameters find matching values within the \"name\" or \"comments\" attributes.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getDepartments" }, "task": true }, { "name": "getDepartmentsid", "summary": "Gets the department for the specified ID", "description": "Gets the department for the specified ID.", "input": [ { "name": "id", "type": "number", "info": "Gets the department for the specified ID.", "required": true, "schema": { "title": "id", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDepartmentsid" }, "task": true }, { "name": "getGroups", "summary": "Gets a list of groups", "description": "Gets a list of groups. The search parameters find matching values in the \"name\" and \"comments\" attributes.", "input": [ { "name": "search", "type": "string", "info": "Gets a list of groups. The search parameters find matching values in the \"name\" and \"comments\" attributes.", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "page", "type": "number", "info": "Gets a list of groups. The search parameters find matching values in the \"name\" and \"comments\" attributes.", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Gets a list of groups. The search parameters find matching values in the \"name\" and \"comments\" attributes.", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getGroups" }, "task": true }, { "name": "getGroupsgroupId", "summary": "Gets the group for the specified ID", "description": "Gets the group for the specified ID.", "input": [ { "name": "groupId", "type": "number", "info": "Gets the group for the specified ID.", "required": true, "schema": { "title": "groupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getGroupsgroupId" }, "task": true }, { "name": "getUsers", "summary": "Gets a list of all users and allows user filtering by name, department, or group", "description": "Gets a list of all users and allows user filtering by name, department, or group. The search parameters, \"dept\" and \"group\", perform a 'starts with' match.", "input": [ { "name": "name", "type": "string", "info": "Gets a list of all users and allows user filtering by name, department, or group. The search parameters, \"dept\" and \"group\", perform a 'starts with' match.", "required": false, "schema": { "title": "name", "type": "string" } }, { "name": "dept", "type": "string", "info": "Gets a list of all users and allows user filtering by name, department, or group. The search parameters, \"dept\" and \"group\", perform a 'starts with' match.", "required": false, "schema": { "title": "dept", "type": "string" } }, { "name": "group", "type": "string", "info": "Gets a list of all users and allows user filtering by name, department, or group. The search parameters, \"dept\" and \"group\", perform a 'starts with' match.", "required": false, "schema": { "title": "group", "type": "string" } }, { "name": "page", "type": "number", "info": "Gets a list of all users and allows user filtering by name, department, or group. The search parameters, \"dept\" and \"group\", perform a 'starts with' match.", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Gets a list of all users and allows user filtering by name, department, or group. The search parameters, \"dept\" and \"group\", perform a 'starts with' match.", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getUsers" }, "task": true }, { "name": "postUsers", "summary": "Adds a new user", "description": "Adds a new user. A user can belong to multiple groups, but can only belong to one department.", "input": [ { "name": "user", "type": "object", "info": "Adds a new user. A user can belong to multiple groups, but can only belong to one department.", "required": false, "schema": { "title": "user", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postUsers" }, "task": true }, { "name": "postUsersbulkDelete", "summary": "Bulk delete users up to a maximum of 500 users per request", "description": "Bulk delete users up to a maximum of 500 users per request. The response returns the user IDs that were successfully deleted.", "input": [ { "name": "userIds", "type": "object", "info": "Bulk delete users up to a maximum of 500 users per request. The response returns the user IDs that were successfully deleted.", "required": false, "schema": { "title": "userIds", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postUsersbulkDelete" }, "task": true }, { "name": "getUsersuserId", "summary": "Gets the user information for the specified ID", "description": "Gets the user information for the specified ID.", "input": [ { "name": "userId", "type": "number", "info": "Gets the user information for the specified ID.", "required": true, "schema": { "title": "userId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getUsersuserId" }, "task": true }, { "name": "putUsersuserId", "summary": "Updates the user information for the specified ID", "description": "Updates the user information for the specified ID. However, the \"email\" attribute is read-only.", "input": [ { "name": "userId", "type": "number", "info": "Updates the user information for the specified ID. However, the \"email\" attribute is read-only.", "required": true, "schema": { "title": "userId", "type": "number" } }, { "name": "user", "type": "object", "info": "Updates the user information for the specified ID. However, the \"email\" attribute is read-only.", "required": false, "schema": { "title": "user", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putUsersuserId" }, "task": true }, { "name": "deleteUsersuserId", "summary": "Deletes the user for the specified ID", "description": "Deletes the user for the specified ID.", "input": [ { "name": "userId", "type": "number", "info": "Deletes the user for the specified ID.", "required": true, "schema": { "title": "userId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteUsersuserId" }, "task": true }, { "name": "getSecurity", "summary": "Gets a list of white-listed URLs", "description": "Gets a list of white-listed URLs", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSecurity" }, "task": true }, { "name": "putSecurity", "summary": "Updates the list of white-listed URLs", "description": "Updates the list of white-listed URLs. This will overwrite a previously-generated white list. If you need to completely erase the white list, submit an empty list.", "input": [ { "name": "policy", "type": "object", "info": "Updates the list of white-listed URLs. This will overwrite a previously-generated white list. If you need to completely erase the white list, submit an empty list.", "required": false, "schema": { "title": "policy", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putSecurity" }, "task": true }, { "name": "getSecurityadvanced", "summary": "Gets a list of black-listed URLs", "description": "Gets a list of black-listed URLs.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSecurityadvanced" }, "task": true }, { "name": "putSecurityadvanced", "summary": "Updates the list of black-listed URLs", "description": "Updates the list of black-listed URLs. This will overwrite a previously-generated black list. If you need to completely erase the black list, submit an empty list.", "input": [ { "name": "advSettings", "type": "object", "info": "Updates the list of black-listed URLs. This will overwrite a previously-generated black list. If you need to completely erase the black list, submit an empty list.", "required": false, "schema": { "title": "advSettings", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putSecurityadvanced" }, "task": true }, { "name": "postSecurityadvancedblacklistUrls", "summary": "Adds a URL to or removes a URL from the black list", "description": "Adds a URL to or removes a URL from the black list. To add a URL to the black list, set the action parameter to ADD_TO_LIST. To remove a URL, set action to REMOVE_FROM_LIST.", "input": [ { "name": "action", "type": "string", "info": "Adds a URL to or removes a URL from the black list. To add a URL to the black list, set the action parameter to ADD_TO_LIST. To remove a URL, set action to REMOVE_FROM_LIST.", "required": true, "schema": { "title": "action", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postSecurityadvancedblacklistUrls" }, "task": true }, { "name": "deleteSslSettingscertchain", "summary": "Deletes the intermediate certificate chain", "description": "Deletes the intermediate certificate chain.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/deleteSslSettingscertchain" }, "task": true }, { "name": "getSslSettingsdownloadcsr", "summary": "Downloads a Certificate Signing Request (CSR)", "description": "Downloads a Certificate Signing Request (CSR). Before you can download the CSR, you must send a POST request to /sslSettings/generatecsr to create it.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSslSettingsdownloadcsr" }, "task": true }, { "name": "postSslSettingsgeneratecsr", "summary": "Generates a Certificate Signing Request (CSR)", "description": "Generates a Certificate Signing Request (CSR). If your organization uses a custom intermediate root certificate for SSL inspection, send a GET request to /sslSettings/generatecsr to generate a new CSR, then send the generated CSR to your Certificate Authority (CA) to sign as a subordinate CA certificate. The subordinate CA can be an intermediate or an issuing CA.", "input": [ { "name": "cert", "type": "object", "info": "Generates a Certificate Signing Request (CSR). If your organization uses a custom intermediate root certificate for SSL inspection, send a GET request to /sslSettings/generatecsr to generate a new CSR, then send the generated CSR to your Certificate Authority (CA) to sign as a subordinate CA certificate. The subordinate CA can be an intermediate or an issuing CA.", "required": true, "schema": { "title": "cert", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postSslSettingsgeneratecsr" }, "task": true }, { "name": "getSslSettingsshowcert", "summary": "Shows information about the signed intermediate root certificate", "description": "Shows information about the signed intermediate root certificate.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSslSettingsshowcert" }, "task": true }, { "name": "postSslSettingsuploadcerttext", "summary": "Uploads a signed intermediate root certificate for clients that use iframe-based uploads whose content type is text/plain", "description": "Uploads a signed intermediate root certificate for clients that use iframe-based uploads whose content type is text/plain. To enable users' browsers to trust this intermediate root certificate and any certificate signed by it, install this root certificate on users' browsers. If you also want to upload a certificate chain, upload the signed intermediate root certificate before uploading the certificate chain.", "input": [ { "name": "fileInputStream", "type": "object", "info": "Uploads a signed intermediate root certificate for clients that use iframe-based uploads whose content type is text/plain. To enable users' browsers to trust this intermediate root certificate and any certificate signed by it, install this root certificate on users' browsers. If you also want to upload a certificate chain, upload the signed intermediate root certificate before uploading the certificate chain.", "required": false, "schema": { "title": "fileInputStream", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postSslSettingsuploadcerttext" }, "task": true }, { "name": "postSslSettingsuploadcertchaintext", "summary": "Uploads the Intermediate Certificate Chain (PEM) for clients that use iframe-based uploads whose content type is text/plain", "description": "Uploads the Intermediate Certificate Chain (PEM) for clients that use iframe-based uploads whose content type is text/plain. Upload the certificate chain that includes any other intermediate certificates that complete the chain to the intermediate root certificate you want to upload.", "input": [ { "name": "fileInputStream", "type": "object", "info": "Uploads the Intermediate Certificate Chain (PEM) for clients that use iframe-based uploads whose content type is text/plain. Upload the certificate chain that includes any other intermediate certificates that complete the chain to the intermediate root certificate you want to upload.", "required": false, "schema": { "title": "fileInputStream", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postSslSettingsuploadcertchaintext" }, "task": true }, { "name": "getUrlCategories", "summary": "Gets information about all or custom URL categories", "description": "Gets information about all or custom URL categories.", "input": [ { "name": "customOnly", "type": "boolean", "info": "Gets information about all or custom URL categories.", "required": false, "schema": { "title": "customOnly", "type": "boolean" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getUrlCategories" }, "task": true }, { "name": "getUrlCategoriesWithOptions", "summary": "Gets information about all or custom URL categories with query data", "description": "Gets information about all or custom URL categories with query data", "input": [ { "name": "queryData", "type": "object", "info": "Query data: includeOnlyUrlKeywordCounts, customOnly", "required": false, "schema": { "title": "queryData", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getUrlCategoriesWithOptions" }, "task": true }, { "name": "postUrlCategories", "summary": "Adds a new custom URL category", "description": "Adds a new custom URL category.", "input": [ { "name": "customCategory", "type": "object", "info": "Adds a new custom URL category.", "required": false, "schema": { "title": "customCategory", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postUrlCategories" }, "task": true }, { "name": "getUrlCategorieslite", "summary": "Gets a lightweight key-value list of all or custom URL categories", "description": "Gets a lightweight key-value list of all or custom URL categories.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getUrlCategorieslite" }, "task": true }, { "name": "getUrlCategoriesurlQuota", "summary": "Gets the URL quota information for your organization", "description": "Gets information on the number of unique URLs that are currently provisioned for your organization as well as how many URLs you can add before reaching that number.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getUrlCategoriesurlQuota" }, "task": true }, { "name": "getUrlCategoriescategoryId", "summary": "Gets the URL category information for the specified ID", "description": "Gets the URL category information for the specified ID.", "input": [ { "name": "categoryId", "type": "string", "info": "Gets the URL category information for the specified ID.", "required": true, "schema": { "title": "categoryId", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getUrlCategoriescategoryId" }, "task": true }, { "name": "putUrlCategoriescategoryId", "summary": "Updates the URL category for the specified ID", "description": "Updates the URL category for the specified ID.", "input": [ { "name": "categoryId", "type": "string", "info": "Updates the URL category for the specified ID.", "required": true, "schema": { "title": "categoryId", "type": "string" } }, { "name": "action", "type": "string", "info": "Updates the URL category for the specified ID.", "required": false, "schema": { "title": "action", "type": "string" } }, { "name": "customCategory", "type": "object", "info": "Updates the URL category for the specified ID.", "required": false, "schema": { "title": "customCategory", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putUrlCategoriescategoryId" }, "task": true }, { "name": "deleteUrlCategoriescategoryId", "summary": "Deletes the custom URL category for the specified ID", "description": "Deletes the custom URL category for the specified ID. You cannot delete a custom category while it is being used by a URL policy or NSS feed. Also, predefined categories cannot be deleted.", "input": [ { "name": "categoryId", "type": "string", "info": "Deletes the custom URL category for the specified ID. You cannot delete a custom category while it is being used by a URL policy or NSS feed. Also, predefined categories cannot be deleted.", "required": true, "schema": { "title": "categoryId", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteUrlCategoriescategoryId" }, "task": true }, { "name": "postUrlLookup", "summary": "Look up the categorization of the given set of URLs, e.g., ['abc.com', 'xyz.com']", "description": "Look up the categorization of the given set of URLs, e.g., ['abc.com', 'xyz.com']. Up to 100 URLs can be looked up per request, and a URL cannot exceed 1024 characters.", "input": [ { "name": "urls", "type": "array", "info": "Look up the categorization of the given set of URLs, e.g., ['abc.com', 'xyz.com']. Up to 100 URLs can be looked up per request, and a URL cannot exceed 1024 characters.", "required": false, "schema": { "title": "urls", "type": "array" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postUrlLookup" }, "task": true }, { "name": "getVpnCredentials", "summary": "Gets VPN credentials that can be associated to locations", "description": "Gets VPN credentials that can be associated to locations.", "input": [ { "name": "search", "type": "string", "info": "Gets VPN credentials that can be associated to locations.", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "type", "type": "string", "info": "Gets VPN credentials that can be associated to locations.", "required": false, "schema": { "title": "type", "type": "string" } }, { "name": "includeOnlyWithoutLocation", "type": "boolean", "info": "Gets VPN credentials that can be associated to locations.", "required": false, "schema": { "title": "includeOnlyWithoutLocation", "type": "boolean" } }, { "name": "locationId", "type": "number", "info": "Gets VPN credentials that can be associated to locations.", "required": false, "schema": { "title": "locationId", "type": "number" } }, { "name": "managedBy", "type": "number", "info": "Gets VPN credentials that can be associated to locations.", "required": false, "schema": { "title": "managedBy", "type": "number" } }, { "name": "page", "type": "number", "info": "Gets VPN credentials that can be associated to locations.", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Gets VPN credentials that can be associated to locations.", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getVpnCredentials" }, "task": true }, { "name": "postVpnCredentials", "summary": "Adds VPN credentials that can be associated to locations", "description": "Adds VPN credentials that can be associated to locations. When invoked with a partner API key, it automatically sets the managedBy attribute to the partner associated with the key.", "input": [ { "name": "vpnCred", "type": "object", "info": "Adds VPN credentials that can be associated to locations. When invoked with a partner API key, it automatically sets the managedBy attribute to the partner associated with the key.", "required": false, "schema": { "title": "vpnCred", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postVpnCredentials" }, "task": true }, { "name": "postVpnCredentialsbulkDelete", "summary": "Bulk delete VPN credentials up to a maximum of 100 credentials per request", "description": "Bulk delete VPN credentials up to a maximum of 100 credentials per request. The response returns the VPN IDs that were successfully deleted.", "input": [ { "name": "ids", "type": "object", "info": "Bulk delete VPN credentials up to a maximum of 100 credentials per request. The response returns the VPN IDs that were successfully deleted.", "required": false, "schema": { "title": "ids", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postVpnCredentialsbulkDelete" }, "task": true }, { "name": "getVpnCredentialsvpnId", "summary": "Gets the VPN credentials for the specified ID", "description": "Gets the VPN credentials for the specified ID.", "input": [ { "name": "vpnId", "type": "number", "info": "Gets the VPN credentials for the specified ID.", "required": true, "schema": { "title": "vpnId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getVpnCredentialsvpnId" }, "task": true }, { "name": "putVpnCredentialsvpnId", "summary": "Updates the VPN credentials for the specified ID", "description": "Updates the VPN credentials for the specified ID.", "input": [ { "name": "vpnId", "type": "number", "info": "Updates the VPN credentials for the specified ID.", "required": true, "schema": { "title": "vpnId", "type": "number" } }, { "name": "vpnCred", "type": "object", "info": "Updates the VPN credentials for the specified ID.", "required": false, "schema": { "title": "vpnCred", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putVpnCredentialsvpnId" }, "task": true }, { "name": "deleteVpnCredentialsvpnId", "summary": "Deletes the VPN credentials for the specified ID", "description": "Deletes the VPN credentials for the specified ID.", "input": [ { "name": "vpnId", "type": "number", "info": "Deletes the VPN credentials for the specified ID.", "required": true, "schema": { "title": "vpnId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteVpnCredentialsvpnId" }, "task": true }, { "name": "getLocations", "summary": "Gets information on locations", "description": "Gets locations only, not sub-locations. When a location matches the given search parameter criteria, only its parent location is included in the result set, not its sub-locations.", "input": [ { "name": "search", "type": "string", "info": "Gets locations only, not sub-locations. When a location matches the given search parameter criteria, only its parent location is included in the result set, not its sub-locations.", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "sslScanEnabled", "type": "boolean", "info": "Gets locations only, not sub-locations. When a location matches the given search parameter criteria, only its parent location is included in the result set, not its sub-locations.", "required": false, "schema": { "title": "sslScanEnabled", "type": "boolean" } }, { "name": "xffEnabled", "type": "boolean", "info": "Gets locations only, not sub-locations. When a location matches the given search parameter criteria, only its parent location is included in the result set, not its sub-locations.", "required": false, "schema": { "title": "xffEnabled", "type": "boolean" } }, { "name": "authRequired", "type": "boolean", "info": "Gets locations only, not sub-locations. When a location matches the given search parameter criteria, only its parent location is included in the result set, not its sub-locations.", "required": false, "schema": { "title": "authRequired", "type": "boolean" } }, { "name": "bwEnforced", "type": "boolean", "info": "Gets locations only, not sub-locations. When a location matches the given search parameter criteria, only its parent location is included in the result set, not its sub-locations.", "required": false, "schema": { "title": "bwEnforced", "type": "boolean" } }, { "name": "page", "type": "number", "info": "Gets locations only, not sub-locations. When a location matches the given search parameter criteria, only its parent location is included in the result set, not its sub-locations.", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Gets locations only, not sub-locations. When a location matches the given search parameter criteria, only its parent location is included in the result set, not its sub-locations.", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getLocations" }, "task": true }, { "name": "postLocations", "summary": "Adds a new location", "description": "Adds a new location. When invoked with a partner API key, it automatically sets the managedBy attribute to the partner associated with the key.", "input": [ { "name": "location", "type": "object", "info": "Adds a new location. When invoked with a partner API key, it automatically sets the managedBy attribute to the partner associated with the key.", "required": false, "schema": { "title": "location", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postLocations" }, "task": true }, { "name": "postLocationsbulkDelete", "summary": "Bulk delete locations up to a maximum of 100 locations per request", "description": "Bulk delete locations up to a maximum of 100 users per request. The response returns the location IDs that were successfully deleted.", "input": [ { "name": "LocationIds", "type": "object", "info": "Bulk delete locations up to a maximum of 100 users per request. The response returns the location IDs that were successfully deleted.", "required": false, "schema": { "title": "LocationIds", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postLocationsbulkDelete" }, "task": true }, { "name": "getLocationslite", "summary": "Gets a lightweight list of locations", "description": "Gets a lightweight list of locations.", "input": [ { "name": "sslScanEnabled", "type": "boolean", "info": "Gets a lightweight list of locations.", "required": false, "schema": { "title": "sslScanEnabled", "type": "boolean" } }, { "name": "search", "type": "string", "info": "Gets a lightweight list of locations.", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "page", "type": "number", "info": "Gets a lightweight list of locations.", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Gets a lightweight list of locations.", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getLocationslite" }, "task": true }, { "name": "getLocationslocationId", "summary": "Gets the location information for the specified ID", "description": "Gets the location information for the specified ID.", "input": [ { "name": "locationId", "type": "number", "info": "Gets the location information for the specified ID.", "required": true, "schema": { "title": "locationId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getLocationslocationId" }, "task": true }, { "name": "putLocationslocationId", "summary": "Updates the location information for the specified ID", "description": "Updates the location information for the specified ID.", "input": [ { "name": "locationId", "type": "number", "info": "Updates the location information for the specified ID.", "required": true, "schema": { "title": "locationId", "type": "number" } }, { "name": "location", "type": "object", "info": "Updates the location information for the specified ID.", "required": false, "schema": { "title": "location", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putLocationslocationId" }, "task": true }, { "name": "deleteLocationslocationId", "summary": "Deletes the location for the specified ID", "description": "Deletes the location for the specified ID.", "input": [ { "name": "locationId", "type": "number", "info": "Deletes the location for the specified ID.", "required": true, "schema": { "title": "locationId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteLocationslocationId" }, "task": true }, { "name": "getSandboxreportquota", "summary": "Gets the Sandbox Report API quota information for your organization", "description": "Resource access for retrieving Sandbox Reports is limited to 1000 requests per day. Use GET /sandbox/report/quota to retrieve details regarding your organization's daily Sandbox API resource usage (i.e., used quota, unused quota).", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSandboxreportquota" }, "task": true }, { "name": "getSandboxreportmd5Hash", "summary": "Gets a full (i.e., complete) or summary detail report for an MD5 hash of a file that was analyzed by Sandbox", "description": "Get a full (i.e., complete) or summary detail report for an MD5 hash of a file that was analyzed by Sandbox.", "input": [ { "name": "md5Hash", "type": "string", "info": "Get a full (i.e., complete) or summary detail report for an MD5 hash of a file that was analyzed by Sandbox.", "required": true, "schema": { "title": "md5Hash", "type": "string" } }, { "name": "details", "type": "string", "info": "Get a full (i.e., complete) or summary detail report for an MD5 hash of a file that was analyzed by Sandbox.", "required": false, "schema": { "title": "details", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getSandboxreportmd5Hash" }, "task": true }, { "name": "getStatus", "summary": "Gets the activation status for a configuration change", "description": "Gets the activation status for a configuration change.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getStatus" }, "task": true }, { "name": "postStatusactivate", "summary": "Activates configuration changes", "description": "Activates configuration changes.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/postStatusactivate" }, "task": true }, { "name": "submitFile", "summary": "submitFile", "description": "Submits raw or archive files (e.g., ZIP) to Sandbox for analysis. You can submit up to 100 files per day and it supports all file types that are currently supported by Sandbox. To learn more, see About Sandbox . By default, files are scanned by Zscaler antivirus (AV) and submitted directly to the sandbox in order to obtain a verdict. However, if a verdict already exists for the file, you can use the 'force' parameter to make the sandbox to reanalyze it. You must have a Sandbox policy rule co...(description truncated)", "input": [ { "name": "apiToken", "type": "string", "info": "The Sandbox API token obtained from the ZIA Admin Portal to be used for authenticating the Sandbox Submission API. To learn more, see Managing Sandbox API Token .: string", "required": true, "schema": { "title": "apiToken", "type": "string" } }, { "name": "force", "type": "string", "info": "Submit file to sandbox even if found malicious during AV scan and a verdict already exists.: ", "required": false, "schema": { "title": "force", "enum": [ "0", "1" ], "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/submitFile" }, "task": true }, { "name": "submitFileForScan", "summary": "submitFileForScan", "description": "Submits raw or archive files (e.g., ZIP) to the Zscaler service for out-of-band file inspection to generate real-time verdicts for known and unknown files. It leverages capabilities such as Malware Prevention, Advanced Threat Prevention, Sandbox cloud effect, AI/ML-driven file analysis, and integrated third-party threat intelligence feeds to inspect files and classify them as benign or malicious instantaneously. All file types that are currently supported by the Malware Protection policy and...(description truncated)", "input": [ { "name": "apiToken", "type": "string", "info": "The Sandbox API token obtained from the ZIA Admin Portal to be used for authenticating the Sandbox Submission API. To learn more, see Managing Sandbox API Token .: string", "required": true, "schema": { "title": "apiToken", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/submitFileForScan" }, "task": true }, { "name": "getApp", "summary": "getApp", "description": "https://api.apptotal.zscaler.com/v1/apps/app Constraints: For query parameters, ensure that the provided characters adhere to the specifications outlined in RFC 7230 and RFC 3986. Special characters and encoding must follow the standards defined in RFC 3986. Searches the AppTotal App Catalog by either app ID or URL (i.e., a valid consent or marketplace link). You must use one of the required parameters— app_id or url —for your search. If you use both an app ID and a URL for your ...(description truncated)", "input": [ { "name": "appId", "type": "string", "info": "The app identifier (e.g., OAuth client ID): string", "required": false, "schema": { "title": "appId", "type": "string" } }, { "name": "url", "type": "string", "info": "Valid consent link or marketplace link: string", "required": false, "schema": { "title": "url", "type": "string" } }, { "name": "verbose", "type": "boolean", "info": "Return a verbose report including potentially heavy artifacts (e.g., extracted URLs and a list of vulnerabilities): boolean", "required": false, "schema": { "title": "verbose", "type": "boolean" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getApp" }, "task": true }, { "name": "postApp", "summary": "postApp", "description": "https://api.apptotal.zscaler.com/v1/apps/app Submits an app for analysis in the AppTotal Sandbox. After analysis is complete, a subsequent GET request is required to fetch the app's information.\n", "input": [ { "name": "body", "type": "object", "info": "The app identifier (e.g., OAuth client ID): object", "required": true, "schema": { "allOf": [ { "type": "object" }, { "description": "The app identifier (e.g., OAuth client ID)" } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postApp" }, "task": true }, { "name": "appsSearchGET", "summary": "AppsSearch_GET", "description": "https://api.apptotal.zscaler.com/v1/apps/search Constraints: For query parameters, ensure that the provided characters adhere to the specifications outlined in RFC 7230 and RFC 3986. Special characters and encoding must follow the standards defined in RFC 3986. Searches for an app by name. Any app whose name contains the search term ( appName ) is returned. Note : The maximum number of results that are returned is 200.\n", "input": [ { "name": "appName", "type": "string", "info": "The app name: string", "required": true, "schema": { "title": "appName", "type": "string" } }, { "name": "limit", "type": "number", "info": "Limit the number of results: 123", "required": false, "schema": { "title": "limit", "type": "number" } }, { "name": "page", "type": "number", "info": "Page number: 123", "required": false, "schema": { "title": "page", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "PaginationResponse", "type": "object", "properties": { "count": { "type": "integer", "example": 1 }, "currentPage": { "type": "integer" }, "data": { "type": "array", "items": { "title": "Datum", "type": "object", "properties": { "result": { "title": "SearchApplicationResponse", "type": "object", "properties": { "appId": { "type": "string", "example": "745653580800-3f83vttrac3pp3gcrdoh5s74n6agihe.apps.googleusercontent.com" }, "name": { "type": "string", "example": "app name" }, "provider": { "type": "string", "example": "SLACK" }, "publisher": { "type": "string", "example": "goog" } } } } }, "description": "" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/appsSearchGET" }, "task": true }, { "name": "getViews", "summary": "getViews", "description": "https://api.apptotal.zscaler.com/v1/app_views/list Retrieves the list of custom views that you have configured in the AppTotal Admin Portal and includes all configurations that define the custom view.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "AppViewsResponse", "type": "object", "properties": { "id": { "type": "string", "example": "0cd0b469-9477-4bf9-939b-3aaaa6aedaa7" }, "name": { "type": "string", "example": "High risk apps" }, "createdBy": { "type": "string", "example": "admin@zscaler.com" }, "createdAt": { "type": "number", "example": 1707224066585 }, "spec": { "allOf": [ { "title": "Spec", "type": "object", "properties": { "map": { "type": "object", "additionalProperties": {} } }, "example": { "service": [ "account" ], "status": [ "enabled" ] } }, { "example": { "service": [ "account" ], "status": [ "enabled" ] } } ] } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getViews" }, "task": true }, { "name": "getViewApps", "summary": "getViewApps", "description": "https://api.apptotal.zscaler.com/v1/app_views/{appViewId}/apps Retrieves all assets (i.e., apps) that are related to a specified argument (i.e., custom view ). Uses the value of id from GET /app_views/list to return the app IDs of the apps related to the custom view.", "input": [ { "name": "appViewId", "type": "string", "info": "The custom view identifier: string", "required": true, "schema": { "title": "appViewId", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "AppViewAppsResponse", "type": "object", "properties": { "id": { "type": "string", "example": "0cd0b469-9477-4bf9-939b-3aaaa6aedaa7" }, "appIds": { "type": "array", "items": { "type": "string" }, "description": "" }, "spec": { "allOf": [ { "title": "Spec", "type": "object", "properties": { "map": { "type": "object", "additionalProperties": {} } }, "example": { "service": [ "account" ], "status": [ "enabled" ] } }, { "example": { "service": [ "account" ], "status": [ "enabled" ] } } ] } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getViewApps" }, "task": true }, { "name": "getRoleSummary", "summary": "getRoleSummary", "description": "Gets a name and ID dictionary of all admin roles. The list only includes the name and ID for all admin roles. To learn more, see About Role Management . \n", "input": [ { "name": "includeAuditorRole", "type": "boolean", "info": "Include or exclude auditor role information in the list.: boolean", "required": false, "schema": { "title": "includeAuditorRole", "type": "boolean" } }, { "name": "includePartnerRole", "type": "boolean", "info": "Include or exclude partner admin role information in the list.: boolean", "required": false, "schema": { "title": "includePartnerRole", "type": "boolean" } }, { "name": "includeApiRole", "type": "boolean", "info": "Include or exclude API role information in the list.: boolean", "required": false, "schema": { "title": "includeApiRole", "type": "boolean" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getRoleSummary" }, "task": true }, { "name": "getAdminUsers", "summary": "getAdminUsers", "description": "Gets a list of admin users. By default, auditor user information is not included. To learn more, see About Administrators and About Auditors . \n", "input": [ { "name": "includeAuditorUsers", "type": "boolean", "info": "Include or exclude auditor user information in the list.: boolean", "required": false, "schema": { "title": "includeAuditorUsers", "type": "boolean" } }, { "name": "includeAdminUsers", "type": "boolean", "info": "Include or exclude admin user information in the list.: boolean", "required": false, "schema": { "title": "includeAdminUsers", "type": "boolean" } }, { "name": "search", "type": "string", "info": "The search string used to partially match against an admin/auditor user's Login ID or Name.: string", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 100, but the maximum size is 1000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getAdminUsers" }, "task": true }, { "name": "addAdminUser", "summary": "addAdminUser", "description": "Creates an admin or auditor user. To learn more, see Adding Admins and Adding Auditors . \n", "input": [ { "name": "associateWithExistingAdmin", "type": "boolean", "info": "This field is set to true to update an admin user that already exists in other Zscaler services but does not exist in ZIA. For example, this field must be set to true whe...(description truncated): boolean", "required": false, "schema": { "title": "associateWithExistingAdmin", "type": "boolean" } }, { "name": "body", "type": "object", "info": ": {\"id\": 123, \"loginName\": \"string\", \"userName\": \"string\", \"email\": \"string\", \"role\": \"undefined\", \"comments\": \"string\", \"adminScope\": \"undefined\", \"isNonEditable\": \"boolean\", \"disabled\": \"boolean\", \"isAuditor\": \"boolean\", \"password\": \"string\", \"isPasswordLoginAllowed\": \"boolean\", \"isSecurityReportCommEnabled\": \"boolean\", \"isServiceUpdateCommEnabled\": \"boolean\", \"isProductUpdateCommEnabled\": \"boolean\", \"isPasswordExpired\": \"boolean\", \"isExecMobileAppEnabled\": \"boolean\", \"execMobileAppTokens\": [{\"cloud\": \"string\", \"orgId\": 123, \"name\": \"string\", \"tokenId\": \"string\", \"token\": \"string\", \"tokenExpiry\": 123, \"createTime\": 123, \"deviceId\": \"string\", \"deviceName\": \"string\"}]}", "required": false, "schema": { "title": "AdminUser", "required": [ "loginName", "userName", "email" ], "type": "object", "properties": { "id": { "type": "integer", "description": "Admin or auditor's user ID." }, "loginName": { "type": "string", "description": "

Admin or auditor's login name. loginName is in email format and uses the domain name associated to the Zscaler account.

" }, "userName": { "type": "string", "description": "Admin or auditor's username." }, "email": { "type": "string", "description": "Admin or auditor's email address." }, "role": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "Role of the admin. This is not required for an auditor." } ] }, "comments": { "type": "string", "description": "Additional information about the admin or auditor." }, "adminScope": { "allOf": [ { "title": "AdminScope", "type": "object", "properties": { "scopeGroupMemberEntities": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Only applicable for the LOCATION_GROUP admin scope type, in which case this attribute gives the list of ID/name pairs of locations within the location group. The attribute name is subject to change." }, "Type": { "allOf": [ { "title": "Type", "enum": [ "ORGANIZATION", "DEPARTMENT", "LOCATION", "LOCATION_GROUP" ], "type": "string", "description": "The admin scope type. The attribute name is subject to change." }, { "description": "The admin scope type. The attribute name is subject to change." } ] }, "ScopeEntities": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Based on the admin scope type, the entities can be the ID/name pair of departments, locations, or location groups. The attribute name is subject to change." } }, "description": "An admin's scope can be limited to certain resources, policies, or reports. An admin's scope can be limited by LOCATION, LOCATION GROUP, or DEPARTMENT. If this is not specified, then the admin has an ORGANIZATION scope by default." }, { "description": "The admin's scope. A scope is required for admins, but not applicable to auditors. This attribute is subject to change." } ] }, "isNonEditable": { "type": "boolean", "description": "Indicates whether or not the admin can be edited or deleted.", "default": false }, "disabled": { "type": "boolean", "description": "Indicates whether or not the admin account is disabled." }, "isAuditor": { "type": "boolean", "description": "Indicates whether the user is an auditor. This attribute is subject to change.", "default": false }, "password": { "type": "string", "description": "The admin's password. If admin single sign-on (SSO) is disabled, then this field is mandatory for POST requests. This information is not provided in a GET response.\"" }, "isPasswordLoginAllowed": { "type": "boolean", "description": "The default is true when SAML Authentication is disabled. When SAML Authentication is enabled, this can be set to false in order to force the admin to login via SSO only.", "default": false }, "isSecurityReportCommEnabled": { "type": "boolean", "description": "Communication for Security Report is enabled.", "default": false }, "isServiceUpdateCommEnabled": { "type": "boolean", "description": "Communication setting for Service Update.", "default": false }, "isProductUpdateCommEnabled": { "type": "boolean", "description": "Communication setting for Product Update.", "default": false }, "isPasswordExpired": { "type": "boolean", "description": "Indicates whether or not an admin's password has expired.", "default": false }, "isExecMobileAppEnabled": { "type": "boolean", "description": "Indicates whether or not Executive Insights App access is enabled for the admin.", "default": false }, "execMobileAppTokens": { "type": "array", "items": { "title": "MobileAppTokenInfo", "type": "object", "properties": { "cloud": { "type": "string" }, "orgId": { "type": "integer" }, "name": { "type": "string" }, "tokenId": { "type": "string" }, "token": { "type": "string" }, "tokenExpiry": { "type": "integer" }, "createTime": { "type": "integer" }, "deviceId": { "type": "string" }, "deviceName": { "type": "string" } }, "description": "Executive Insights App device token information." }, "description": "Read-only information about a Executive Insights App token, if it exists." } }, "description": "Admin and auditor information." } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/addAdminUser" }, "task": true }, { "name": "updateAdminUser", "summary": "updateAdminUser", "description": "Updates admin or auditor user for the specified ID. You can only disable/enable the default admin account using this endpoint, all other updates within the request are ignored for this admin account. \n", "input": [ { "name": "userId", "type": "number", "info": "The unique identifier for the admin/auditor user.: 123", "required": true, "schema": { "title": "userId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateAdminUser" }, "task": true }, { "name": "deleteAdminUser", "summary": "deleteAdminUser", "description": "Deletes an admin or auditor user using the specified ID Note : This request deletes an admin and removes them as a user from the ZIA Admin Portal. To delete the admin privileges for a user while retaining them as a regular user of your organization in the ZIA Admin Portal, use the POST /adminUsers/{userId}/convertToUser request. Sample Request (Python) import http.client import json conn = http.client.HTTPSConnection("HOSTNAME") headers = {  ...(description truncated)", "input": [ { "name": "userId", "type": "number", "info": "The unique identifier for the admin/auditor user.: 123", "required": true, "schema": { "title": "userId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteAdminUser" }, "task": true }, { "name": "convertAdminToEndUser", "summary": "convertAdminToEndUser", "description": "Removes admin privileges for a user while retaining them as a regular user of your organization in the ZIA Admin Portal. This can be used as an alternative to the DELETE /adminUsers/{userId} request, which deletes an admin and removes them as a user from the ZIA Admin Portal. To learn more, see Deleting ZIA Admins . Before you can delete the admin privileges for a user, you need to obtain the admin user's ID and other information by using the GET /users request and then send the admin use...(description truncated)", "input": [ { "name": "userId", "type": "number", "info": "The unique identifier of the admin user: 123", "required": true, "schema": { "title": "userId", "type": "number" } }, { "name": "body", "type": "object", "info": "Information about the user for whom the admin privileges must be removed. Group information is mandatory in the request Body. Optionally, you can include other field info...(description truncated): object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "Information about the user for whom the admin privileges must be removed. Group information is mandatory in the request Body. Optionally, you can include other field information to modify the values." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/convertAdminToEndUser" }, "task": true }, { "name": "getCloudBrowserIsolationProfiles", "summary": "getCloudBrowserIsolationProfiles", "description": "Gets a list of all the cloud browser isolation profiles in the Isolation Profile field for URL Filtering Policy and Cloud App Control Policy rules.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "BrowserIsolationProfile", "type": "object", "properties": { "id": { "type": "string", "description": "

The universally unique identifier (UUID) for the browser isolation profile

" }, "name": { "type": "string", "description": "

Name of the browser isolation profile

" }, "url": { "type": "string", "description": "

The browser isolation profile URL

" }, "defaultProfile": { "type": "boolean", "description": "

(Optional) Indicates whether this is a default browser isolation profile. Zscaler sets this field.

" } }, "description": "

Information about browser isolation profile. To learn more, see What Is Isolation? and Creating Isolation Profiles for ZIA.

" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getCloudBrowserIsolationProfiles" }, "task": true }, { "name": "getDlpDictionaries", "summary": "getDlpDictionaries", "description": "Gets information on all custom and predefined DLP dictionaries.", "input": [ { "name": "search", "type": "string", "info": "The search string used to match against a DLP dictionary's name or description attributes.: string", "required": false, "schema": { "title": "search", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "DlpDictionaryDom", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier for the DLP dictionary", "readOnly": true }, "name": { "type": "string", "description": "The DLP dictionary's name" }, "description": { "type": "string", "description": "The description of the DLP dictionary" }, "confidenceThreshold": { "allOf": [ { "title": "ConfidenceThreshold", "enum": [ "CONFIDENCE_LEVEL_LOW", "CONFIDENCE_LEVEL_MEDIUM", "CONFIDENCE_LEVEL_HIGH" ], "type": "string", "description": "The DLP confidence threshold" }, { "description": "The DLP confidence threshold" } ] }, "predefinedCountActionType": { "allOf": [ { "title": "PredefinedCountActionType", "enum": [ "PHRASE_COUNT_TYPE_UNIQUE", "PHRASE_COUNT_TYPE_ALL" ], "type": "string", "description": "

This field specifies whether duplicate matches of a phrase from a dictionary must be counted individually toward the match count or ignored, thereby maintaining a single count for multiple occurrences.

Note: This field is currently applicable only to the predefined Names dictionaries, such as Names (US), Names (Canada), and Names (Spain).

" }, { "description": "

This field specifies whether duplicate matches of a phrase from a dictionary must be counted individually toward the match count or ignored, thereby maintaining a single count for multiple occurrences.

Note: This field is currently applicable only to the predefined Names dictionaries, such as Names (US), Names (Canada), and Names (Spain).

" } ] }, "dictionaryCloningEnabled": { "type": "boolean", "description": "

A Boolean constant that indicates that the cloning option is supported for the DLP dictionary using the true value. This field is applicable only to predefined DLP dictionaries.

", "readOnly": true }, "proximityEnabledForCustomDictionary": { "type": "boolean", "description": "

A Boolean constant that indicates if proximity length is enabled or disabled for a custom DLP dictionary. A true value indicates that proximity length is enabled, whereas a false value indicates that it is disabled.

Note: This field is applicable only for specific custom DLP dictionaries configured with the Match Any Patterns And Any Phrases option. For predefined DLP dictionaries, this field value is always set to false.

" }, "phrases": { "type": "array", "items": { "title": "DictionaryPhraseActionString", "type": "object", "properties": { "action": { "allOf": [ { "title": "Action", "enum": [ "PHRASE_COUNT_TYPE_UNIQUE", "PHRASE_COUNT_TYPE_ALL" ], "type": "string", "description": "The action applied to a DLP dictionary using phrases" }, { "description": "The action applied to a DLP dictionary using phrases" } ] }, "phrase": { "type": "string", "description": "DLP dictionary phrase" } }, "description": "DLP dictionary phrase and action" }, "description": "List containing the phrases used within a custom DLP dictionary. This attribute is not applicable to predefined DLP dictionaries." }, "customPhraseMatchType": { "allOf": [ { "title": "CustomPhraseMatchType", "enum": [ "MATCH_ALL_CUSTOM_PHRASE_PATTERN_DICTIONARY", "MATCH_ANY_CUSTOM_PHRASE_PATTERN_DICTIONARY" ], "type": "string", "description": "The DLP custom phrase match type" }, { "description": "The DLP custom phrase match type" } ] }, "customPhraseSupported": { "type": "boolean", "description": "

A Boolean constant that indicates that custom phrases are supported for the DLP dictionary using the true value. This field is applicable only to predefined DLP dictionaries with a high confidence score threshold.

", "readOnly": true }, "patterns": { "type": "array", "items": { "title": "DictionaryPatternActionString", "type": "object", "properties": { "action": { "allOf": [ { "title": "Action1", "enum": [ "PATTERN_COUNT_TYPE_ALL", "PATTERN_COUNT_TYPE_UNIQUE" ], "type": "string", "description": "The action applied to a DLP dictionary using patterns" }, { "description": "The action applied to a DLP dictionary using patterns" } ] }, "pattern": { "type": "string", "description": "DLP dictionary pattern" } }, "description": "DLP dictionary pattern and action" }, "description": "List containing the patterns used within a custom DLP dictionary. This attribute is not applicable to predefined DLP dictionaries" }, "nameL10nTag": { "type": "boolean", "description": "Indicates whether the name is localized or not. This is always set to True for predefined DLP dictionaries.", "readOnly": true }, "thresholdType": { "allOf": [ { "title": "ThresholdType", "enum": [ "VIOLATION_COUNT_ONLY", "CONFIDENCE_SCORE_ONLY", "VIOLATION_AND_CONFIDENCE" ], "type": "string", "description": "DLP threshold type" }, { "description": "DLP threshold type" } ], "readOnly": true }, "dictionaryType": { "allOf": [ { "title": "DictionaryType", "enum": [ "PATTERNS_AND_PHRASES", "EXACT_DATA_MATCH", "INDEXED_DATA_MATCH" ], "type": "string", "description": "The DLP dictionary type." }, { "description": "The DLP dictionary type." } ] }, "exactDataMatchDetails": { "type": "array", "items": { "title": "ExactDataMatchDetail", "type": "object", "properties": { "dictionaryEdmMappingId": { "type": "integer", "description": "The unique identifier for the EDM mapping." }, "schemaId": { "type": "integer", "description": "The unique identifier for the EDM template (or schema)." }, "primaryField": { "type": "integer", "description": "The EDM template's primary field." }, "secondaryFields": { "type": "array", "items": { "type": "integer" }, "description": "The EDM template's secondary fields." }, "secondaryFieldMatchOn": { "allOf": [ { "title": "SecondaryFieldMatchOn", "type": "string", "description": "The EDM secondary field to match on." }, { "description": "The EDM secondary field to match on." } ] } }, "description": "Exact Data Match (EDM) details." }, "description": "Exact Data Match (EDM) related information for custom DLP dictionaries." }, "hierarchicalDictionary": { "type": "boolean", "description": "A true value indicates that the DLP dictionary is of hierarchical type that includes sub-dictionaries. A false value indicates that the dictionary is not hierarchical.", "readOnly": true }, "hierarchicalIdentifiers": { "type": "array", "items": { "title": "HierarchicalIdentifier", "type": "string" }, "description": "

The list of identifiers selected within a DLP dictionary of hierarchical type. Each identifier represents a sub-dictionary that consists of specific patterns. To retrieve the list of identifiers that are available for selection within a specific hierarchical dictionary, send a GET request to /dlpDictionaries/{dictId}/predefinedIdentifiers.

To learn about hierarchical dictionaries, see Configuring the URL Filtering Policy.

Note: This field is applicable to predefined hierarchical dictionaries, such as the Driver’s License (United States), Passport Number (European Union), and Credentials and Secrets dictionaries or their clones.

" }, "idmProfileMatchAccuracy": { "type": "array", "items": { "title": "IdmProfileMatchAccuracyDetail", "type": "object", "properties": { "adpIdmProfile": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The IDM template reference." } ] }, "matchAccuracy": { "allOf": [ { "title": "MatchAccuracy", "enum": [ "LOW", "MEDIUM", "HEAVY" ], "type": "string", "description": "The IDM template match accuracy." }, { "description": "The IDM template match accuracy." } ] } }, "description": "Indexed Document Match (IDM) template (or profile) match accuracy details." }, "description": "List of Indexed Document Match (IDM) profiles and their corresponding match accuracy for custom DLP dictionaries." }, "ignoreExactMatchIdmDict": { "type": "boolean", "description": "Indicates whether to exclude documents that are a 100% match to already-indexed documents from triggering an Indexed Document Match (IDM) Dictionary." }, "includeBinNumbers": { "type": "boolean", "description": "

A true value denotes that the specified Bank Identification Number (BIN) values are included in the Credit Cards dictionary. A false value denotes that the specified BIN values are excluded from the Credit Cards dictionary.

Note: This field is applicable only to the predefined Credit Cards dictionary and its clones.

" }, "binNumbers": { "type": "array", "items": { "type": "integer" }, "description": "

The list of Bank Identification Number (BIN) values that are included or excluded from the Credit Cards dictionary. BIN values can be specified only for Diners Club, Mastercard, RuPay, and Visa cards. Up to 512 BIN values can be configured in a dictionary.

Note: This field is applicable only to the predefined Credit Cards dictionary and its clones.

" }, "dictTemplateId": { "type": "integer", "description": "

ID of the predefined dictionary (original source dictionary) that is used for cloning. This field is applicable only to cloned dictionaries. Only a limited set of identification-based predefined dictionaries (e.g., Credit Cards, Social Security Numbers, National Identification Numbers, etc.) can be cloned. Up to 4 clones can be created from a predefined dictionary.

" }, "predefinedClone": { "type": "boolean", "description": "

This field is set to true if the dictionary is cloned from a predefined dictionary. Otherwise, it is set to false.

", "readOnly": true }, "proximity": { "type": "integer", "description": "

The DLP dictionary proximity length that defines how close a high confidence phrase must be to an instance of the pattern (that the dictionary detects) to count as a match.

Note: Proximity length is supported only for specific predefined DLP dictionaries with a high confidence score threshold and custom DLP dictionaries configured with the Match Any Patterns And Any Phrases option.

" }, "custom": { "type": "boolean", "description": "This value is set to true for custom DLP dictionaries.", "readOnly": true }, "proximityLengthEnabled": { "type": "boolean", "description": "

A Boolean constant that indicates whether the proximity length option is supported for a DLP dictionary or not. A true value indicates that the proximity length option is supported, whereas a false value indicates that it is not supported.

Note: Proximity length is supported only for specific predefined DLP dictionaries with a high confidence score threshold and custom DLP dictionaries configured with the Match Any Patterns And Any Phrases option.

", "readOnly": true } }, "description": "

A DLP dictionary contains a set of patented algorithms that are designed to detect specific kinds of information in user traffic. For a list of and information on all predefined dictionaries, see About DLP Dictionaries.

You can modify predefined DLP dictionaries or create custom dictionaries for content that is not properly covered by them. For example, using the cloud service API, you can create custom DLP dictionaries that trigger based on specific patterns and phrases. To learn more, see Adding Custom DLP Dictionaries, Defining Patterns for Custom DLP Dictionaries, and Defining Phrases for Custom DLP Dictionaries. You can also create custom DLP dictionaries based on Exact Data Match (EDM) or Indexed Document Match (IDM). To learn more, see About Exact Data Match and see About Indexed Document Match.

" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDlpDictionaries" }, "task": true }, { "name": "addCustomDLPDictionary", "summary": "addCustomDLPDictionary", "description": "Adds a new custom DLP dictionary.", "input": [ { "name": "body", "type": "object", "info": "The information for a custom DLP Dictionary that uses Patterns and Phrases, Exact Data Match (EDM), or Indexed Document Match (IDM). To learn more, see Adding Custom DLP...(description truncated): object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "The information for a custom DLP Dictionary that uses Patterns and Phrases, Exact Data Match (EDM), or Indexed Document Match (IDM). To learn more, see Adding Custom DLP Dictionaries." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/addCustomDLPDictionary" }, "task": true }, { "name": "getDLPDictionarySummary", "summary": "getDLPDictionarySummary", "description": "Gets a name and ID dictionary of all custom and predefined DLP dictionaries.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "DlpDictionaryDom", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier for the DLP dictionary", "readOnly": true }, "name": { "type": "string", "description": "The DLP dictionary's name" }, "description": { "type": "string", "description": "The description of the DLP dictionary" }, "confidenceThreshold": { "allOf": [ { "title": "ConfidenceThreshold", "enum": [ "CONFIDENCE_LEVEL_LOW", "CONFIDENCE_LEVEL_MEDIUM", "CONFIDENCE_LEVEL_HIGH" ], "type": "string", "description": "The DLP confidence threshold" }, { "description": "The DLP confidence threshold" } ] }, "predefinedCountActionType": { "allOf": [ { "title": "PredefinedCountActionType", "enum": [ "PHRASE_COUNT_TYPE_UNIQUE", "PHRASE_COUNT_TYPE_ALL" ], "type": "string", "description": "

This field specifies whether duplicate matches of a phrase from a dictionary must be counted individually toward the match count or ignored, thereby maintaining a single count for multiple occurrences.

Note: This field is currently applicable only to the predefined Names dictionaries, such as Names (US), Names (Canada), and Names (Spain).

" }, { "description": "

This field specifies whether duplicate matches of a phrase from a dictionary must be counted individually toward the match count or ignored, thereby maintaining a single count for multiple occurrences.

Note: This field is currently applicable only to the predefined Names dictionaries, such as Names (US), Names (Canada), and Names (Spain).

" } ] }, "dictionaryCloningEnabled": { "type": "boolean", "description": "

A Boolean constant that indicates that the cloning option is supported for the DLP dictionary using the true value. This field is applicable only to predefined DLP dictionaries.

", "readOnly": true }, "proximityEnabledForCustomDictionary": { "type": "boolean", "description": "

A Boolean constant that indicates if proximity length is enabled or disabled for a custom DLP dictionary. A true value indicates that proximity length is enabled, whereas a false value indicates that it is disabled.

Note: This field is applicable only for specific custom DLP dictionaries configured with the Match Any Patterns And Any Phrases option. For predefined DLP dictionaries, this field value is always set to false.

" }, "phrases": { "type": "array", "items": { "title": "DictionaryPhraseActionString", "type": "object", "properties": { "action": { "allOf": [ { "title": "Action", "enum": [ "PHRASE_COUNT_TYPE_UNIQUE", "PHRASE_COUNT_TYPE_ALL" ], "type": "string", "description": "The action applied to a DLP dictionary using phrases" }, { "description": "The action applied to a DLP dictionary using phrases" } ] }, "phrase": { "type": "string", "description": "DLP dictionary phrase" } }, "description": "DLP dictionary phrase and action" }, "description": "List containing the phrases used within a custom DLP dictionary. This attribute is not applicable to predefined DLP dictionaries." }, "customPhraseMatchType": { "allOf": [ { "title": "CustomPhraseMatchType", "enum": [ "MATCH_ALL_CUSTOM_PHRASE_PATTERN_DICTIONARY", "MATCH_ANY_CUSTOM_PHRASE_PATTERN_DICTIONARY" ], "type": "string", "description": "The DLP custom phrase match type" }, { "description": "The DLP custom phrase match type" } ] }, "customPhraseSupported": { "type": "boolean", "description": "

A Boolean constant that indicates that custom phrases are supported for the DLP dictionary using the true value. This field is applicable only to predefined DLP dictionaries with a high confidence score threshold.

", "readOnly": true }, "patterns": { "type": "array", "items": { "title": "DictionaryPatternActionString", "type": "object", "properties": { "action": { "allOf": [ { "title": "Action1", "enum": [ "PATTERN_COUNT_TYPE_ALL", "PATTERN_COUNT_TYPE_UNIQUE" ], "type": "string", "description": "The action applied to a DLP dictionary using patterns" }, { "description": "The action applied to a DLP dictionary using patterns" } ] }, "pattern": { "type": "string", "description": "DLP dictionary pattern" } }, "description": "DLP dictionary pattern and action" }, "description": "List containing the patterns used within a custom DLP dictionary. This attribute is not applicable to predefined DLP dictionaries" }, "nameL10nTag": { "type": "boolean", "description": "Indicates whether the name is localized or not. This is always set to True for predefined DLP dictionaries.", "readOnly": true }, "thresholdType": { "allOf": [ { "title": "ThresholdType", "enum": [ "VIOLATION_COUNT_ONLY", "CONFIDENCE_SCORE_ONLY", "VIOLATION_AND_CONFIDENCE" ], "type": "string", "description": "DLP threshold type" }, { "description": "DLP threshold type" } ], "readOnly": true }, "dictionaryType": { "allOf": [ { "title": "DictionaryType", "enum": [ "PATTERNS_AND_PHRASES", "EXACT_DATA_MATCH", "INDEXED_DATA_MATCH" ], "type": "string", "description": "The DLP dictionary type." }, { "description": "The DLP dictionary type." } ] }, "exactDataMatchDetails": { "type": "array", "items": { "title": "ExactDataMatchDetail", "type": "object", "properties": { "dictionaryEdmMappingId": { "type": "integer", "description": "The unique identifier for the EDM mapping." }, "schemaId": { "type": "integer", "description": "The unique identifier for the EDM template (or schema)." }, "primaryField": { "type": "integer", "description": "The EDM template's primary field." }, "secondaryFields": { "type": "array", "items": { "type": "integer" }, "description": "The EDM template's secondary fields." }, "secondaryFieldMatchOn": { "allOf": [ { "title": "SecondaryFieldMatchOn", "type": "string", "description": "The EDM secondary field to match on." }, { "description": "The EDM secondary field to match on." } ] } }, "description": "Exact Data Match (EDM) details." }, "description": "Exact Data Match (EDM) related information for custom DLP dictionaries." }, "hierarchicalDictionary": { "type": "boolean", "description": "A true value indicates that the DLP dictionary is of hierarchical type that includes sub-dictionaries. A false value indicates that the dictionary is not hierarchical.", "readOnly": true }, "hierarchicalIdentifiers": { "type": "array", "items": { "title": "HierarchicalIdentifier", "type": "string" }, "description": "

The list of identifiers selected within a DLP dictionary of hierarchical type. Each identifier represents a sub-dictionary that consists of specific patterns. To retrieve the list of identifiers that are available for selection within a specific hierarchical dictionary, send a GET request to /dlpDictionaries/{dictId}/predefinedIdentifiers.

To learn about hierarchical dictionaries, see Configuring the URL Filtering Policy.

Note: This field is applicable to predefined hierarchical dictionaries, such as the Driver’s License (United States), Passport Number (European Union), and Credentials and Secrets dictionaries or their clones.

" }, "idmProfileMatchAccuracy": { "type": "array", "items": { "title": "IdmProfileMatchAccuracyDetail", "type": "object", "properties": { "adpIdmProfile": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The IDM template reference." } ] }, "matchAccuracy": { "allOf": [ { "title": "MatchAccuracy", "enum": [ "LOW", "MEDIUM", "HEAVY" ], "type": "string", "description": "The IDM template match accuracy." }, { "description": "The IDM template match accuracy." } ] } }, "description": "Indexed Document Match (IDM) template (or profile) match accuracy details." }, "description": "List of Indexed Document Match (IDM) profiles and their corresponding match accuracy for custom DLP dictionaries." }, "ignoreExactMatchIdmDict": { "type": "boolean", "description": "Indicates whether to exclude documents that are a 100% match to already-indexed documents from triggering an Indexed Document Match (IDM) Dictionary." }, "includeBinNumbers": { "type": "boolean", "description": "

A true value denotes that the specified Bank Identification Number (BIN) values are included in the Credit Cards dictionary. A false value denotes that the specified BIN values are excluded from the Credit Cards dictionary.

Note: This field is applicable only to the predefined Credit Cards dictionary and its clones.

" }, "binNumbers": { "type": "array", "items": { "type": "integer" }, "description": "

The list of Bank Identification Number (BIN) values that are included or excluded from the Credit Cards dictionary. BIN values can be specified only for Diners Club, Mastercard, RuPay, and Visa cards. Up to 512 BIN values can be configured in a dictionary.

Note: This field is applicable only to the predefined Credit Cards dictionary and its clones.

" }, "dictTemplateId": { "type": "integer", "description": "

ID of the predefined dictionary (original source dictionary) that is used for cloning. This field is applicable only to cloned dictionaries. Only a limited set of identification-based predefined dictionaries (e.g., Credit Cards, Social Security Numbers, National Identification Numbers, etc.) can be cloned. Up to 4 clones can be created from a predefined dictionary.

" }, "predefinedClone": { "type": "boolean", "description": "

This field is set to true if the dictionary is cloned from a predefined dictionary. Otherwise, it is set to false.

", "readOnly": true }, "proximity": { "type": "integer", "description": "

The DLP dictionary proximity length that defines how close a high confidence phrase must be to an instance of the pattern (that the dictionary detects) to count as a match.

Note: Proximity length is supported only for specific predefined DLP dictionaries with a high confidence score threshold and custom DLP dictionaries configured with the Match Any Patterns And Any Phrases option.

" }, "custom": { "type": "boolean", "description": "This value is set to true for custom DLP dictionaries.", "readOnly": true }, "proximityLengthEnabled": { "type": "boolean", "description": "

A Boolean constant that indicates whether the proximity length option is supported for a DLP dictionary or not. A true value indicates that the proximity length option is supported, whereas a false value indicates that it is not supported.

Note: Proximity length is supported only for specific predefined DLP dictionaries with a high confidence score threshold and custom DLP dictionaries configured with the Match Any Patterns And Any Phrases option.

", "readOnly": true } }, "description": "

A DLP dictionary contains a set of patented algorithms that are designed to detect specific kinds of information in user traffic. For a list of and information on all predefined dictionaries, see About DLP Dictionaries.

You can modify predefined DLP dictionaries or create custom dictionaries for content that is not properly covered by them. For example, using the cloud service API, you can create custom DLP dictionaries that trigger based on specific patterns and phrases. To learn more, see Adding Custom DLP Dictionaries, Defining Patterns for Custom DLP Dictionaries, and Defining Phrases for Custom DLP Dictionaries. You can also create custom DLP dictionaries based on Exact Data Match (EDM) or Indexed Document Match (IDM). To learn more, see About Exact Data Match and see About Indexed Document Match.

" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getDLPDictionarySummary" }, "task": true }, { "name": "getDlpDictionaryById", "summary": "getDlpDictionaryById", "description": "Gets DLP dictionary information for the specified ID.", "input": [ { "name": "dlpDictId", "type": "number", "info": "The unique identifier for the DLP dictionary.: 123", "required": true, "schema": { "title": "dlpDictId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDlpDictionaryById" }, "task": true }, { "name": "updateDlpDictionary", "summary": "updateDlpDictionary", "description": "Updates a custom or predefined DLP dictionary.", "input": [ { "name": "dlpDictId", "type": "number", "info": "The unique identifier for the DLP dictionary.: 123", "required": true, "schema": { "title": "dlpDictId", "type": "number" } }, { "name": "body", "type": "object", "info": "The information for a custom or predefined DLP Dictionary that uses Patterns and Phrases, Exact Data Match (EDM), or Indexed Document Match (IDM). To learn more, see Edi...(description truncated): object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "The information for a custom or predefined DLP Dictionary that uses Patterns and Phrases, Exact Data Match (EDM), or Indexed Document Match (IDM). To learn more, see Editing Predefined DLP Dictionaries, and Adding Custom DLP Dictionaries which provides more information regarding defining phrases and patterns, as well as EDM fields and IDM accuracy." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateDlpDictionary" }, "task": true }, { "name": "deleteCustomDlpDictionary", "summary": "deleteCustomDlpDictionary", "description": "Deletes a custom DLP dictionary. You cannot delete predefined DLP dictionaries.", "input": [ { "name": "dlpDictId", "type": "number", "info": "The unique identifier for the DLP dictionary.: 123", "required": true, "schema": { "title": "dlpDictId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteCustomDlpDictionary" }, "task": true }, { "name": "getPredefinedHierarchicalIdentifiersByDictionaryId", "summary": "getPredefinedHierarchicalIdentifiersByDictionaryId", "description": "Retrieves the list of identifiers that are available for selection in the specified hierarchical DLP dictionary. This information can be obtained for predefined hierarchical dictionaries such as the Driver’s License (United States), Passport Number (European Union), and Credentials and Secrets dictionaries and their clones. Each identifier represents a sub-dictionary that consists of specific patterns. The Driver’s License (United States) dictionary includes one sub-dictionary for each state i...(description truncated)", "input": [ { "name": "dictId", "type": "number", "info": "The ID of the hierarchical DLP dictionary: 123", "required": true, "schema": { "title": "dictId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "getPredefinedHierarchicalIdentifiersByDictionaryIdResponse", "type": "string" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getPredefinedHierarchicalIdentifiersByDictionaryId" }, "task": true }, { "name": "validateDlpPattern", "summary": "validateDlpPattern", "description": "Validates the pattern used by a Pattern and Phrases DLP dictionary type, and provides error information if the pattern is invalid. To learn more about how to define valid patterns for custom DLP dictionaries, see Defining Patterns for Custom DLP Dictionaries .", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/validateDlpPattern" }, "task": true }, { "name": "getDLPEngines", "summary": "getDLPEngines", "description": "Get a list of DLP engines.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "DlpEngineDom", "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for the DLP engine." }, "name": { "type": "string", "description": "The DLP engine name as configured by the admin. This attribute is required in POST and PUT requests for custom DLP engines." }, "predefinedEngineName": { "type": "string", "description": "The name of the predefined DLP engine.", "readOnly": true }, "engineExpression": { "type": "string", "description": "

The logical expression that defines a DLP engine by combining DLP dictionaries using logical operators, namely All (AND), Any (OR), Exclude (NOT), and Sum (the total number of content matches). To learn more about DLP engine expressions, see Understanding DLP Engines.

Engine expression examples:

In the preceding examples, 63 represents the ID of the Credit Cards dictionary ID, 61 is the Financial Statements ID, and 38 is the ABA Bank Routing Numbers dictionary ID. Each dictionary ID is wrapped around by a prefix (D) and a suffix (.S).

" }, "customDlpEngine": { "type": "boolean", "description": "Indicates whether this is a custom DLP engine. If this value is set to true, the engine is custom." }, "description": { "type": "string", "description": "The DLP engine's description." } }, "description": "DLP engine information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getDLPEngines" }, "task": true }, { "name": "addCustomDLPEngine", "summary": "addCustomDLPEngine", "description": "Adds a new custom DLP engine. A DLP engine is a collection of one or more DLP Dictionaries , combined using logical operators. DLP engines can be used in DLP policies to detect specific content in the users' traffic. The Zscaler service provides predefined DLP engines and supports custom DLP engines. To learn more, see About DLP Engines and Understanding DLP Engines . Note : To enable /dlpEngines endpoints that use POST, PUT, and DELETE methods for your organization, contact Zscaler Su...(description truncated)", "input": [ { "name": "body", "type": "object", "info": "Details of a custom DLP engine formed by combining DLP dictionaries using logical operators. To learn how to add custom DLP engines, see Adding Custom DLP Engines .: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "

Details of a custom DLP engine formed by combining DLP dictionaries using logical operators. To learn how to add custom DLP engines, see Adding Custom DLP Engines.

" } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/addCustomDLPEngine" }, "task": true }, { "name": "getDLPEnginesSummary", "summary": "getDLPEnginesSummary", "description": "Gets a name and ID dictionary for all DLP engines.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "DlpEngineDom", "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for the DLP engine." }, "name": { "type": "string", "description": "The DLP engine name as configured by the admin. This attribute is required in POST and PUT requests for custom DLP engines." }, "predefinedEngineName": { "type": "string", "description": "The name of the predefined DLP engine.", "readOnly": true }, "engineExpression": { "type": "string", "description": "

The logical expression that defines a DLP engine by combining DLP dictionaries using logical operators, namely All (AND), Any (OR), Exclude (NOT), and Sum (the total number of content matches). To learn more about DLP engine expressions, see Understanding DLP Engines.

Engine expression examples:

In the preceding examples, 63 represents the ID of the Credit Cards dictionary ID, 61 is the Financial Statements ID, and 38 is the ABA Bank Routing Numbers dictionary ID. Each dictionary ID is wrapped around by a prefix (D) and a suffix (.S).

" }, "customDlpEngine": { "type": "boolean", "description": "Indicates whether this is a custom DLP engine. If this value is set to true, the engine is custom." }, "description": { "type": "string", "description": "The DLP engine's description." } }, "description": "DLP engine information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getDLPEnginesSummary" }, "task": true }, { "name": "postDlpEnginesValidateDlpExpr", "summary": "validateDlpPattern", "description": "Validates the logical expression within a DLP engine that is formed by combining DLP dictionaries and provides error information if the expression is invalid. To learn more about DLP engine expressions, see Understanding DLP Engines . Note : To enable /dlpEngines endpoints that use POST, PUT, and DELETE methods for your organization, contact Zscaler Support.", "input": [ { "name": "body", "type": "string", "info": "Logical expression within a DLP engine formed by combining DLP dictionaries using operators. This parameter requires the input in a certain format. For example, an expre...(description truncated): string", "required": false, "schema": { "type": "string", "description": "

Logical expression within a DLP engine formed by combining DLP dictionaries using operators. This parameter requires the input in a certain format. For example, an expression combining ABA Bank Routing Numbers and Credit Cards dictionaries using an AND operator with zero match count each would be ((D63.S > 0) AND (D38.S > 0)), where 63 is the ID of the Credit Cards dictionary and 38 is the ID of the ABA Bank Routing Numbers dictionary. The dictionary ID is wrapped around by a prefix (D) and a suffix (.S).

Engine expression examples:

In the preceding examples, 63 represents the ID of the Credit Cards dictionary, 61 is the Financial Statements dictionary ID, and 38 is the ABA Bank Routing Numbers dictionary ID.

Note: Zscaler recommends validating DLP engine expressions by sending a POST request to /dlpEngines/validateDlpExpr before configuring a DLP engine.

" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postDlpEnginesValidateDlpExpr" }, "task": true }, { "name": "getDLPEngineById", "summary": "getDLPEngineById", "description": "Gets DLP engine information for the specified ID.", "input": [ { "name": "dlpEngineId", "type": "number", "info": "The unique identifier for the DLP engine.: 123", "required": true, "schema": { "title": "dlpEngineId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDLPEngineById" }, "task": true }, { "name": "updateDlpEngine", "summary": "updateDlpEngine", "description": "Updates DLP engine information for the specified ID. To learn more, see About DLP Engines and Editing Predefined DLP Engines . Note : To enable /dlpEngines endpoints that use POST, PUT, and DELETE methods for your organization, contact Zscaler Support.", "input": [ { "name": "dlpEngineId", "type": "number", "info": "The unique identifier for the DLP engine.: 123", "required": true, "schema": { "title": "dlpEngineId", "type": "number" } }, { "name": "body", "type": "object", "info": ": {\"id\": 123, \"name\": \"string\", \"predefinedEngineName\": \"string\", \"engineExpression\": \"string\", \"customDlpEngine\": \"boolean\", \"description\": \"string\"}", "required": false, "schema": { "title": "DlpEngineDom", "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for the DLP engine." }, "name": { "type": "string", "description": "The DLP engine name as configured by the admin. This attribute is required in POST and PUT requests for custom DLP engines." }, "predefinedEngineName": { "type": "string", "description": "The name of the predefined DLP engine.", "readOnly": true }, "engineExpression": { "type": "string", "description": "

The logical expression that defines a DLP engine by combining DLP dictionaries using logical operators, namely All (AND), Any (OR), Exclude (NOT), and Sum (the total number of content matches). To learn more about DLP engine expressions, see Understanding DLP Engines.

Engine expression examples:

In the preceding examples, 63 represents the ID of the Credit Cards dictionary ID, 61 is the Financial Statements ID, and 38 is the ABA Bank Routing Numbers dictionary ID. Each dictionary ID is wrapped around by a prefix (D) and a suffix (.S).

" }, "customDlpEngine": { "type": "boolean", "description": "Indicates whether this is a custom DLP engine. If this value is set to true, the engine is custom." }, "description": { "type": "string", "description": "The DLP engine's description." } }, "description": "DLP engine information." } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateDlpEngine" }, "task": true }, { "name": "deleteCustomDlpEngine", "summary": "deleteCustomDlpEngine", "description": "Deletes the custom DLP engine with the specified ID. Note : To enable /dlpEngines endpoints that use POST, PUT, and DELETE methods for your organization, contact Zscaler Support.", "input": [ { "name": "dlpEngineId", "type": "number", "info": "The unique identifier for the DLP engine.: 123", "required": true, "schema": { "title": "dlpEngineId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteCustomDlpEngine" }, "task": true }, { "name": "getSchemas", "summary": "getSchemas", "description": "Exact Data Match (EDM) templates (or EDM schemas) allow the Zscaler service to identify a record from a structured data source that matches predefined criteria. Using the Index Tool, you can create an EDM template that allows you to define this criteria (i.e., define the tokens) for your data records by importing a CSV file. After the data is defined and submitted within the tool, you can then apply the EDM template to a custom DLP dictionary or engine. This endpoint gets the EDM templates for a...(description truncated)", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "AdvancedDataProtectionSchema", "type": "object", "properties": { "schemaId": { "type": "integer", "description": "The identifier (1-65519) for the EDM schema (i.e., EDM template) that is unique within the organization.", "readOnly": true }, "edmClient": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The unique identifer for the Index Tool that was used to create the EDM template. This attribute is ignored by PUT requests, but required for POST requests." } ] }, "projectName": { "type": "string", "description": "The EDM schema (i.e., EDM template) name. This attribute is ignored by PUT requests, but required for POST requests." }, "revision": { "type": "integer", "description": "The revision number of the CSV file upload to the Index Tool. This attribute is required by PUT requests." }, "filename": { "type": "string", "description": "The generated filename, excluding the extention.", "readOnly": true }, "originalFileName": { "type": "string", "description": "The name of the CSV file uploaded to the Index Tool. This attribute is required by PUT and POST requests." }, "fileUploadStatus": { "allOf": [ { "title": "FileUploadStatus", "enum": [ "ADP_SCHEMA_CREATED", "ADP_FILE_PROCESSING", "ADP_FILE_UPLOAD_COMPLETED", "ADP_FILE_VALIDATION_FAILURE", "ADP_FILE_DELETE_FAILURE", "ADP_MD5_CONVERSION_FAILURE", "ADP_FILE_UPLOAD_ERROR", "ADP_RESERVE_CELLS_ERROR", "ADP_GENERIC_ERROR", "ADP_CDSSDLP_COMM_FAIL", "ADP_CDSSDLP_REJECT", "ADP_FILE_UPLOAD_ABORTED", "FAIL", "ADP_FILE_UPLOAD_IN_PROGRESS", "ADP_FILE_BUCKET_COLLISION", "ADP_FILE_PRIM_KEY_DUPLICATE" ], "type": "string", "description": "The status of the EDM template's CSV file upload to the Index Tool. This attribute is required by PUT and POST requests." }, { "description": "The status of the EDM template's CSV file upload to the Index Tool. This attribute is required by PUT and POST requests." } ] }, "origColCount": { "type": "integer", "description": "The total count of actual columns selected from the CSV file. This attribute is required by PUT and POST requests." }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The admin that modified the EDM template's schema last." } ], "readOnly": true }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the EDM schema (i.e., EDM template) was last modified. Ignored if the request is PUT, POST, or DELETE.", "readOnly": true }, "createdBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The login name (or userid) the admin who created the EDM schema (i.e., EDM template). Ignored if the request is PUT, POST, or DELETE." } ], "readOnly": true }, "cellsUsed": { "type": "integer", "description": "The total number of cells used by the EDM schema (i.e., EDM template).", "readOnly": true }, "schemaActive": { "type": "boolean", "description": "Indicates the status of a specified EDM schema (i.e., EDM template). If this value is set to true, the schema is active and can be used by DLP dictionaries.", "readOnly": true }, "tokenList": { "type": "array", "items": { "title": "AdvancedDataProtectionSchemaToken", "type": "object", "properties": { "name": { "type": "string", "description": "The token (i.e., criteria) name. This attribute is required by PUT and POST requests." }, "type": { "allOf": [ { "title": "Type2", "type": "string", "description": "The token type. This attribute is required by PUT and POST requests." }, { "description": "The token type. This attribute is required by PUT and POST requests." } ] }, "primaryKey": { "type": "boolean", "description": "Indicates whether the token is a primary key." }, "originalColumn": { "type": "integer", "description": "The column position for the token in the original CSV file uploaded to the Index Tool, starting from 1. This attribue required by PUT and POST requests." }, "hashfileColumnOrder": { "type": "integer", "description": "The column position for the token in the hashed file, starting from 1.", "readOnly": true }, "colLengthBitmap": { "type": "integer", "description": "The length of the column bitmap in the hashed file.", "readOnly": true } }, "description": "Exact Data Match (EDM) template (i.e., schema) token (or criteria) information." }, "description": "The list of tokens (or criteria) to match against. Up to 16 tokens can be selected for data matching. This attribute is required by PUT and POST requests." }, "schedulePresent": { "type": "boolean", "description": "Indicates whether the EDM schema (i.e., the EDM template configured using the Index Tool) has a schedule.", "readOnly": true }, "schedule": { "allOf": [ { "title": "AdvancedDataProtectionSchemaSchedule", "type": "object", "properties": { "scheduleType": { "allOf": [ { "title": "ScheduleType", "enum": [ "NONE", "MONTHLY", "WEEKLY", "DAILY" ], "type": "string", "description": "The schedule type for the EDM schema (i.e., EDM template), Monthly, Weekly, Daily, or None. This attribute is required by PUT and POST requests." }, { "description": "The schedule type for the EDM schema (i.e., EDM template), Monthly, Weekly, Daily, or None. This attribute is required by PUT and POST requests." } ] }, "scheduleDayOfMonth": { "type": "array", "items": { "title": "ScheduleDayOfMonth", "type": "string" }, "description": "The day of the month the EDM schema (i.e., EDM template) is scheduled for. This attribute is required by PUT and POST requests, and if the scheduleType is set to MONTHLY." }, "scheduleDayOfWeek": { "type": "array", "items": { "title": "ScheduleDayOfWeek", "enum": [ "SUN", "MON", "TUE", "WED", "THU", "FRI", "SAT" ], "type": "string" }, "description": "The day of the week the EDM schema (i.e., EDM template) is scheduled for. This attribute is required by PUT and POST requests, and if the scheduleType is set to WEEKLY." }, "scheduleTime": { "type": "integer", "description": "The time of the day (in minutes) that the EDM schema (i.e., EDM template) is scheduled for. For example: at 3am= 180 mins. This attribute is required by PUT and POST requests." }, "scheduleDisabled": { "type": "boolean", "description": "If set to true, the schedule for the EDM schema (i.e., EDM template) is temporarily in a disabled state. This attribute is required by PUT requests in order to disable or enable a schedule." } }, "description": "Exact Data Match (EDM) template (i.e., schema) schedule information." }, { "description": "The schedule details, if present for the EDM schema (i.e., EDM template). Ignored if the request is PUT, POST, or DELETE." } ], "readOnly": true } }, "description": "Exact Data Match (EDM) template (i.e., schema) information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSchemas" }, "task": true }, { "name": "getSchemaLite", "summary": "getSchemaLite", "description": "Gets a list of active EDM templates (or EDM schemas) and their criteria (or token details), only.", "input": [ { "name": "schemaName", "type": "string", "info": "The EDM schema name.: string", "required": false, "schema": { "title": "schemaName", "type": "string" } }, { "name": "activeOnly", "type": "boolean", "info": "If set to true, only active EDM templates (or schemas) are returned in the response.: boolean", "required": false, "schema": { "title": "activeOnly", "type": "boolean" } }, { "name": "fetchTokens", "type": "boolean", "info": "If set to true, the criteria (i.e., token details) for the active templates are returned in the response.: boolean", "required": false, "schema": { "title": "fetchTokens", "type": "boolean" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "AdvancedDataProtectionSchemaLite", "type": "object", "properties": { "schema": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The identifier (1-65519) for the EDM schema (i.e., EDM template) that is unique within the organization." } ], "readOnly": true }, "tokens": { "uniqueItems": true, "type": "array", "items": { "title": "AdvancedDataProtectionSchemaToken", "type": "object", "properties": { "name": { "type": "string", "description": "The token (i.e., criteria) name. This attribute is required by PUT and POST requests." }, "type": { "allOf": [ { "title": "Type2", "type": "string", "description": "The token type. This attribute is required by PUT and POST requests." }, { "description": "The token type. This attribute is required by PUT and POST requests." } ] }, "primaryKey": { "type": "boolean", "description": "Indicates whether the token is a primary key." }, "originalColumn": { "type": "integer", "description": "The column position for the token in the original CSV file uploaded to the Index Tool, starting from 1. This attribue required by PUT and POST requests." }, "hashfileColumnOrder": { "type": "integer", "description": "The column position for the token in the hashed file, starting from 1.", "readOnly": true }, "colLengthBitmap": { "type": "integer", "description": "The length of the column bitmap in the hashed file.", "readOnly": true } }, "description": "Exact Data Match (EDM) template (i.e., schema) token (or criteria) information." }, "description": "The tokens (or criteria) used by the EDM schema (i.e., EDM template).", "readOnly": true } }, "description": "Exact Data Match (EDM) template (i.e., schema) information retrieved by /dlpExactDataMatchSchemas/lite." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getSchemaLite" }, "task": true }, { "name": "gettemplates", "summary": "gettemplates", "description": "Gets a list of DLP notification templates. To learn more, see About DLP Notification Templates .", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "DlpNotificationTemplate", "required": [ "name", "subject", "plainTextMessage", "htmlMessage" ], "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for a DLP notification template." }, "name": { "type": "string", "description": "The DLP notification template name." }, "subject": { "type": "string", "description": "The Subject line that is displayed within the DLP notification email." }, "attachContent": { "type": "boolean", "description": "If set to true, the content that is violation is attached to the DLP notification email." }, "plainTextMessage": { "type": "string", "description": "The template for the plain text UTF-8 message body that must be displayed in the DLP notification email." }, "htmlMessage": { "type": "string", "description": "The template for the HTML message body that must be displayed in the DLP notification email." } }, "description": "DLP notification template information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/gettemplates" }, "task": true }, { "name": "addtemplate", "summary": "addtemplate", "description": "Adds a new DLP notification template. To learn more, see Configuring DLP Notification Templates .", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/addtemplate" }, "task": true }, { "name": "getTemplateById", "summary": "getTemplateById", "description": "Gets DLP notification template information for the specified ID.", "input": [ { "name": "templateId", "type": "number", "info": "The unique identifer for the DLP notification template.: 123", "required": true, "schema": { "title": "templateId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getTemplateById" }, "task": true }, { "name": "updatetemplate", "summary": "updatetemplate", "description": "Updates a DLP notification template.", "input": [ { "name": "templateId", "type": "number", "info": "The unique identifer for the DLP notification template.: 123", "required": true, "schema": { "title": "templateId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updatetemplate" }, "task": true }, { "name": "deletetemplate", "summary": "deletetemplate", "description": "Deletes a DLP notification template.", "input": [ { "name": "templateId", "type": "number", "info": "The unique identifer for the DLP notification template.: 123", "required": true, "schema": { "title": "templateId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deletetemplate" }, "task": true }, { "name": "getICAPServers", "summary": "getICAPServers", "description": "Gets a the list of DLP servers using ICAP. To learn more, see About ICAP Communication Between Zscaler and DLP Servers , Enabling Secure ICAP , and Enabling Unencrypted ICAP .", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "ICAPServer", "required": [ "name", "url", "status" ], "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for a DLP server." }, "name": { "type": "string", "description": "The DLP server name." }, "url": { "type": "string", "description": "The DLP server URL." }, "status": { "allOf": [ { "title": "Status", "enum": [ "ENABLED", "DISABLED" ], "type": "string", "description": "The DLP server status" }, { "description": "The DLP server status" } ] } }, "description": "DLP server (i.e., servers using ICAP) information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getICAPServers" }, "task": true }, { "name": "getICAPServerSummary", "summary": "getICAPServerSummary", "description": "Gets a name and ID dictionary for all DLP servers using ICAP.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "ICAPServer", "required": [ "name", "url", "status" ], "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for a DLP server." }, "name": { "type": "string", "description": "The DLP server name." }, "url": { "type": "string", "description": "The DLP server URL." }, "status": { "allOf": [ { "title": "Status", "enum": [ "ENABLED", "DISABLED" ], "type": "string", "description": "The DLP server status" }, { "description": "The DLP server status" } ] } }, "description": "DLP server (i.e., servers using ICAP) information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getICAPServerSummary" }, "task": true }, { "name": "getICAPServer", "summary": "getICAPServer", "description": "Get DLP server (i.e., for servers using ICAP) information for the specified ID.", "input": [ { "name": "icapServerId", "type": "number", "info": "The unique identifier for the DLP server using ICAP.: 123", "required": true, "schema": { "title": "icapServerId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getICAPServer" }, "task": true }, { "name": "getProfiles", "summary": "getProfiles", "description": "Indexed Document Match (IDM) templates (or IDM profiles) allow you to fingerprint your organization’s critical documents that contain sensitive data. By fingerprinting and indexing your documents, you can create a document repository that the Zscaler service can use to identify completely or partially matching documents when evaluating outbound traffic against a DLP policy. Using the Index Tool, you can create an IDM template that allows you to upload and fingerprint your documents. After you c...(description truncated)", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IdmProfile", "type": "object", "properties": { "profileId": { "type": "integer", "description": "The identifier (1-64) for the IDM template (i.e., IDM profile) that is unique within the organization.", "readOnly": true }, "profileName": { "type": "string", "description": "The IDM template name, which is unique per Index Tool." }, "profileDesc": { "type": "string", "description": "The IDM template's description." }, "profileType": { "allOf": [ { "title": "ProfileType", "enum": [ "LOCAL", "REMOTECRON", "REMOTE" ], "type": "string", "description": "The IDM template's type." }, { "description": "The IDM template's type." } ] }, "host": { "type": "string", "description": "The fully qualified domain name (FQDN) of the IDM template's host machine." }, "port": { "type": "integer", "description": "The port number of the IDM template's host machine." }, "profileDirPath": { "type": "string", "description": "The IDM template's directory file path, where all files are present." }, "scheduleType": { "allOf": [ { "title": "ScheduleType1", "enum": [ "NONE", "MONTHLY", "WEEKLY", "DAILY" ], "type": "string", "description": "The schedule type for the IDM template's schedule (i.e., Monthly, Weekly, Daily, or None). This attribute is required by PUT and POST requests." }, { "description": "The schedule type for the IDM template's schedule (i.e., Monthly, Weekly, Daily, or None). This attribute is required by PUT and POST requests." } ] }, "scheduleDay": { "type": "integer", "description": "The day the IDM template is scheduled for. This attribute is required by PUT and POST requests." }, "scheduleDayOfMonth": { "type": "array", "items": { "title": "ScheduleDayOfMonth", "type": "string" }, "description": "The day of the month that the IDM template is scheduled for. This attribute is required by PUT and POST requests, and when scheduleType is set to MONTHLY." }, "scheduleDayOfWeek": { "type": "array", "items": { "title": "ScheduleDayOfWeek", "enum": [ "SUN", "MON", "TUE", "WED", "THU", "FRI", "SAT" ], "type": "string" }, "description": "The day of the week the IDM template is scheduled for. This attribute is required by PUT and POST requests, and when scheduleType is set to WEEKLY." }, "scheduleTime": { "type": "integer", "description": "The time of the day (in minutes) that the IDM template is scheduled for. For example: at 3am= 180 mins. This attribute is required by PUT and POST requests." }, "scheduleDisabled": { "type": "boolean", "description": "If set to true, the schedule for the IDM template is temporarily in a disabled state. This attribute is required by PUT requests in order to disable or enable a schedule." }, "uploadStatus": { "allOf": [ { "title": "UploadStatus", "enum": [ "IDM_PROF_CREATED", "IDM_PROF_PROCESSING", "IDM_PROF_UPLOAD_COMPLETED", "IDM_PROF_VALIDATION_FAILURE", "IDM_PROF_DEL_FAILURE", "IDM_PROF_MD5_CONVERSION_FAILURE", "IDM_PROF_UPLOAD_ERROR", "IDM_PROF_RESV_CRED_ERROR", "IDM_PROF_GENERIC_ERROR", "IDM_PROF_CDSSDLP_COMM_FAIL", "IDM_PROF_CDSSDLP_REJECT", "IDM_PROF_UPLOAD_ABORTED", "FAIL" ], "type": "string", "description": "The status of the file uploaded to the Index Tool for the IDM template." }, { "description": "The status of the file uploaded to the Index Tool for the IDM template." } ] }, "userName": { "type": "string", "description": "The username to be used on the IDM template's host machine." }, "version": { "type": "integer", "description": "The version number for the IDM template." }, "idmClient": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The unique identifer for the Index Tool that was used to create the IDM template. This attribute is required by POST requests, but ignored if provided in PUT requests." } ] }, "volumeOfDocuments": { "type": "integer", "description": "The total volume of all the documents associated to the IDM template." }, "numDocuments": { "type": "integer", "description": "The number of documents associated to the IDM template." }, "lastModifiedTime": { "type": "integer", "description": "The date and time the IDM template was last modified.", "readOnly": true }, "modifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The admin that modified the IDM template last." } ], "readOnly": true } }, "description": "Indexed Document Match (IDM) template (or profile) information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getProfiles" }, "task": true }, { "name": "getSummary", "summary": "getSummary", "description": "-> Gets a list of active IDM templates (or IDM profiles) and their criteria, only.", "input": [ { "name": "activeOnly", "type": "boolean", "info": "If set to true, only active IDM templates (or profiles) are returned in the response.: boolean", "required": false, "schema": { "title": "activeOnly", "type": "boolean" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IdmProfileSummary", "type": "object", "properties": { "profileId": { "type": "integer", "description": "The unique identifier for the IDM template (i.e., IDM profile)." }, "templateName": { "type": "string", "description": "The IDM template name." }, "clientVm": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The name of the Index Tool virtual machine (VM) that the IDM template belongs to." } ] }, "numDocuments": { "type": "integer", "description": "The number of documents." }, "lastModified": { "type": "integer", "description": "The timestamp the IDM template was last modified." }, "modifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The admin that modified the IDM template last." } ] } }, "description": "IDM template (i.e., IDM profile) summary information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getSummary" }, "task": true }, { "name": "getProfileById", "summary": "getProfileById", "description": "Get IDM template information for the specified ID.", "input": [ { "name": "profileId", "type": "number", "info": "The unique identifier for the IDM template (or profile).: 123", "required": true, "schema": { "title": "profileId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getProfileById" }, "task": true }, { "name": "getIncidentReceiverServers", "summary": "getIncidentReceiverServers", "description": "Gets a list of DLP Incident Receivers. To learn more, see About Zscaler Incident Receiver .", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IncidentReceiverServer", "required": [ "name", "url", "status" ], "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for the Incident Receiver." }, "name": { "type": "string", "description": "The Incident Receiver server name." }, "url": { "type": "string", "description": "The Incident Receiver server URL." }, "status": { "allOf": [ { "title": "Status1", "enum": [ "ENABLED", "DISABLED", "DISABLED_BY_SERVICE_PROVIDER", "NOT_PROVISIONED_IN_SERVICE_PROVIDER" ], "type": "string", "description": "The status of the Incident Receiver." }, { "description": "The status of the Incident Receiver." } ] }, "flags": { "type": "integer", "description": "The Incident Receiver server flag." } }, "description": "Zscaler Incident Receiver information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getIncidentReceiverServers" }, "task": true }, { "name": "getIncidentReceiverServerSummary", "summary": "getIncidentReceiverServerSummary", "description": "Gets a name and ID dictionary for all DLP Incident Receivers.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IncidentReceiverServer", "required": [ "name", "url", "status" ], "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for the Incident Receiver." }, "name": { "type": "string", "description": "The Incident Receiver server name." }, "url": { "type": "string", "description": "The Incident Receiver server URL." }, "status": { "allOf": [ { "title": "Status1", "enum": [ "ENABLED", "DISABLED", "DISABLED_BY_SERVICE_PROVIDER", "NOT_PROVISIONED_IN_SERVICE_PROVIDER" ], "type": "string", "description": "The status of the Incident Receiver." }, { "description": "The status of the Incident Receiver." } ] }, "flags": { "type": "integer", "description": "The Incident Receiver server flag." } }, "description": "Zscaler Incident Receiver information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getIncidentReceiverServerSummary" }, "task": true }, { "name": "getIncidentReceiverServer", "summary": "getIncidentReceiverServer", "description": "Gets DLP Incident Receiver information for the specified ID.", "input": [ { "name": "incidentReceiverServerId", "type": "number", "info": "The unique identifier for the Incident Receiver.: 123", "required": true, "schema": { "title": "incidentReceiverServerId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getIncidentReceiverServer" }, "task": true }, { "name": "getRules", "summary": "getRules", "description": "Gets a list of DLP policy rules, excluding SaaS Security API DLP policy rules. To learn more, see Configuring DLP Policy Rules with Content Inspection and Configuring DLP Policy Rules without Content Inspection .", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "WebDlpRule", "type": "object", "properties": { "accessControl": { "allOf": [ { "title": "AccessControl", "enum": [ "NONE", "READ_ONLY", "READ_WRITE" ], "type": "string", "description": "The access privilege for this DLP policy rule based on the admin's state." }, { "description": "The access privilege for this DLP policy rule based on the admin's state." } ], "readOnly": true }, "id": { "type": "integer", "description": "The unique identifier for the DLP policy rule." }, "order": { "type": "integer", "description": "The rule order of execution for the DLP policy rule with respect to other rules." }, "protocols": { "type": "array", "items": { "title": "Protocol", "enum": [ "ANY_RULE", "FTP_RULE", "HTTPS_RULE", "HTTP_RULE" ], "type": "string" }, "description": "The protocol criteria specified for the DLP policy rule." }, "rank": { "type": "integer", "description": "The admin rank of the admin who created the DLP policy rule." }, "description": { "type": "string", "description": "The description of the DLP policy rule." }, "locations": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of locations to which the DLP policy rule must be applied." }, "locationGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of locations groups to which the DLP policy rule must be applied." }, "groups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of groups to which the DLP policy rule must be applied." }, "departments": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of departments to which the DLP policy rule must be applied." }, "users": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of users to which the DLP policy rule must be applied." }, "workloadGroups": { "type": "array", "items": { "title": "WorkloadGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier assigned to the workload group" }, "name": { "type": "string", "description": "The name of the workload group" }, "description": { "type": "string", "description": "The description of the workload group" }, "expressionJson": { "title": "WorkloadTagExpression", "type": "object", "properties": { "expressionContainers": { "type": "array", "items": { "title": "ExpressionContainer", "type": "object", "properties": { "tagType": { "allOf": [ { "title": "TagType", "enum": [ "ANY", "VPC", "SUBNET", "VM", "ENI", "ATTR" ], "type": "string", "description": "The tag type selected from a predefined list" }, { "description": "The tag type selected from a predefined list" } ] }, "operator": { "allOf": [ { "title": "Operator", "enum": [ "AND", "OR", "OPEN_PARENTHESES", "CLOSE_PARENTHESES" ], "type": "string", "description": "The operator (either AND or OR) used to create logical relationships among tag types" }, { "description": "The operator (either AND or OR) used to create logical relationships among tag types" } ] }, "tagContainer": { "allOf": [ { "title": "TagContainer", "type": "object", "properties": { "tags": { "type": "array", "items": { "title": "Tag", "type": "object", "properties": { "key": { "type": "string", "description": "The key component present in the key-value pair contained in a tag" }, "value": { "type": "string", "description": "The value component present in the key-value pair contained in a tag" } }, "description": "The list of tags (key-value pairs) selected within a tag type" }, "description": "

One or more tags, each consisting of a key-value pair, selected within a tag type. If multiple tags are present within a tag type, they are combined using a logical operator.

Note: A maximum of 8 tags can be added to a workload group, irrespective of the number of tag types present.

" }, "operator": { "allOf": [ { "title": "Operator1", "enum": [ "AND", "OR", "OPEN_PARENTHESES", "CLOSE_PARENTHESES" ], "type": "string", "description": "The logical operator (either AND or OR) used to combine the tags within a tag type" }, { "description": "The logical operator (either AND or OR) used to combine the tags within a tag type" } ] } }, "description": "One or more tags combined using logical operators within a tag type" }, { "description": "One or more tags combined using logical operators within a tag type" } ] } }, "description": "One or more tag types (and associated tags) combined using logical operators within a workload group" }, "description": "Contains one or more tag types (and associated tags) combined using logical operators within a workload group" } } }, "expression": { "type": "string", "description": "The workload group expression containing tag types, tags, and their relationships." }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the workload group was last modified" }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] } }, "description": "Workload group information" }, "description": "The list of preconfigured workload groups to which the policy must be applied. To learn more, see About Workload Groups and Configuring Workload Groups." }, "urlCategories": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The list of URL categories to which the DLP policy rule must be applied." }, "dlpEngines": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The list of DLP engines to which the DLP policy rule must be applied." }, "includedDomainProfiles": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The list of domain profiles that must be added to the DLP rule criteria in order to apply the DLP rules only to domains that are part of the specified profiles. A maximum of 8 profiles can be selected." }, "excludedDomainProfiles": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The list of domain profiles that must be added to the DLP rule criteria in order to apply the DLP rules to all domains excluding the domains that are part of the specified profiles. A maximum of 8 profiles can be selected." }, "severity": { "allOf": [ { "title": "Severity", "enum": [ "RULE_SEVERITY_HIGH", "RULE_SEVERITY_MEDIUM", "RULE_SEVERITY_LOW", "RULE_SEVERITY_INFO" ], "type": "string", "description": "Indicates the severity selected for the DLP rule violation" }, { "description": "Indicates the severity selected for the DLP rule violation" } ] }, "parentRule": { "type": "integer", "description": "

The unique identifier of the parent rule under which an exception rule is added.

Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings. To learn more, see Configuring DLP Advanced Settings.

" }, "subRules": { "type": "array", "items": { "type": "object" }, "description": "

The list of exception rules added to a parent rule.

Note:

" }, "fileTypes": { "type": "array", "items": { "title": "FileType", "type": "string" }, "description": "

The list of file types for which the DLP policy rule must be applied.

Note:

" }, "cloudApplications": { "type": "array", "items": { "title": "CloudApplication2", "type": "string" }, "description": "The list of cloud applications to which the DLP policy rule must be applied." }, "minSize": { "type": "integer", "description": "The minimum file size (in KB) used for evaluation of the DLP policy rule." }, "action": { "allOf": [ { "title": "Action2", "enum": [ "ANY", "NONE", "BLOCK", "ALLOW", "ICAP_RESPONSE" ], "type": "string", "description": "The action taken when traffic matches the DLP policy rule criteria." }, { "description": "The action taken when traffic matches the DLP policy rule criteria." } ] }, "state": { "allOf": [ { "title": "State", "enum": [ "DISABLED", "ENABLED" ], "type": "string", "description": "Enables or disables the DLP policy rule." }, { "description": "Enables or disables the DLP policy rule." } ] }, "timeWindows": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of time windows to which the DLP policy rule must be applied." }, "auditor": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The auditor to which the DLP policy rule must be applied." } ] }, "externalAuditorEmail": { "type": "string", "description": "The email address of an external auditor to whom DLP email notifications are sent." }, "notificationTemplate": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The template used for DLP notification emails." } ] }, "matchOnly": { "type": "boolean", "description": "The match only criteria for DLP engines." }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the DLP policy rule was last modified." }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The admin that modified the DLP policy rule last." } ] }, "icapServer": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The DLP server, using ICAP, to which the transaction content is forwarded." } ] }, "withoutContentInspection": { "type": "boolean", "description": "Indicates a DLP policy rule without content inspection, when the value is set to true." }, "name": { "type": "string", "description": "The DLP policy rule name." }, "labels": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of rule labels associated to the DLP policy rule." }, "excludedGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The name-ID pairs of the groups that are excluded from the DLP policy rule." }, "excludedDepartments": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The name-ID pairs of the departments that are excluded from the DLP policy rule." }, "excludedUsers": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The name-ID pairs of the users that are excluded from the DLP policy rule." }, "dlpDownloadScanEnabled": { "type": "boolean", "description": "If this field is set to true, DLP scan is enabled for file downloads from cloud applications configured in the rule. If this field is set to false, DLP scan is disabled for downloads from the cloud applications." }, "zscalerIncidentReceiver": { "type": "boolean", "description": "Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule." }, "zccNotificationsEnabled": { "type": "boolean", "description": "

If this field is set to true, Zscaler Client Connector notification is enabled for the block action triggered by the web DLP rule. If this field is set to false, Zscaler Client Connector notification is disabled.

Note: This field can be configured only if the Web DLP Violation end user notification is enabled.

" } }, "description": "DLP policy rule information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getRules" }, "task": true }, { "name": "addRule", "summary": "addRule", "description": "Adds a new DLP policy rule. To learn more, see Configuring DLP Policy Rules with Content Inspection and Configuring DLP Policy Rules without Content Inspection .", "input": [ { "name": "body", "type": "object", "info": "The DLP policy rule information.: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "The DLP policy rule information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/addRule" }, "task": true }, { "name": "getWebDlpRulesLite", "summary": "getSummary", "description": "Gets name and ID dictionary for all DLP policy rules, excluding SaaS Security API DLP policy rules.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "WebDlpRule", "type": "object", "properties": { "accessControl": { "allOf": [ { "title": "AccessControl", "enum": [ "NONE", "READ_ONLY", "READ_WRITE" ], "type": "string", "description": "The access privilege for this DLP policy rule based on the admin's state." }, { "description": "The access privilege for this DLP policy rule based on the admin's state." } ], "readOnly": true }, "id": { "type": "integer", "description": "The unique identifier for the DLP policy rule." }, "order": { "type": "integer", "description": "The rule order of execution for the DLP policy rule with respect to other rules." }, "protocols": { "type": "array", "items": { "title": "Protocol", "enum": [ "ANY_RULE", "FTP_RULE", "HTTPS_RULE", "HTTP_RULE" ], "type": "string" }, "description": "The protocol criteria specified for the DLP policy rule." }, "rank": { "type": "integer", "description": "The admin rank of the admin who created the DLP policy rule." }, "description": { "type": "string", "description": "The description of the DLP policy rule." }, "locations": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of locations to which the DLP policy rule must be applied." }, "locationGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of locations groups to which the DLP policy rule must be applied." }, "groups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of groups to which the DLP policy rule must be applied." }, "departments": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of departments to which the DLP policy rule must be applied." }, "users": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of users to which the DLP policy rule must be applied." }, "workloadGroups": { "type": "array", "items": { "title": "WorkloadGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier assigned to the workload group" }, "name": { "type": "string", "description": "The name of the workload group" }, "description": { "type": "string", "description": "The description of the workload group" }, "expressionJson": { "title": "WorkloadTagExpression", "type": "object", "properties": { "expressionContainers": { "type": "array", "items": { "title": "ExpressionContainer", "type": "object", "properties": { "tagType": { "allOf": [ { "title": "TagType", "enum": [ "ANY", "VPC", "SUBNET", "VM", "ENI", "ATTR" ], "type": "string", "description": "The tag type selected from a predefined list" }, { "description": "The tag type selected from a predefined list" } ] }, "operator": { "allOf": [ { "title": "Operator", "enum": [ "AND", "OR", "OPEN_PARENTHESES", "CLOSE_PARENTHESES" ], "type": "string", "description": "The operator (either AND or OR) used to create logical relationships among tag types" }, { "description": "The operator (either AND or OR) used to create logical relationships among tag types" } ] }, "tagContainer": { "allOf": [ { "title": "TagContainer", "type": "object", "properties": { "tags": { "type": "array", "items": { "title": "Tag", "type": "object", "properties": { "key": { "type": "string", "description": "The key component present in the key-value pair contained in a tag" }, "value": { "type": "string", "description": "The value component present in the key-value pair contained in a tag" } }, "description": "The list of tags (key-value pairs) selected within a tag type" }, "description": "

One or more tags, each consisting of a key-value pair, selected within a tag type. If multiple tags are present within a tag type, they are combined using a logical operator.

Note: A maximum of 8 tags can be added to a workload group, irrespective of the number of tag types present.

" }, "operator": { "allOf": [ { "title": "Operator1", "enum": [ "AND", "OR", "OPEN_PARENTHESES", "CLOSE_PARENTHESES" ], "type": "string", "description": "The logical operator (either AND or OR) used to combine the tags within a tag type" }, { "description": "The logical operator (either AND or OR) used to combine the tags within a tag type" } ] } }, "description": "One or more tags combined using logical operators within a tag type" }, { "description": "One or more tags combined using logical operators within a tag type" } ] } }, "description": "One or more tag types (and associated tags) combined using logical operators within a workload group" }, "description": "Contains one or more tag types (and associated tags) combined using logical operators within a workload group" } } }, "expression": { "type": "string", "description": "The workload group expression containing tag types, tags, and their relationships." }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the workload group was last modified" }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] } }, "description": "Workload group information" }, "description": "The list of preconfigured workload groups to which the policy must be applied. To learn more, see About Workload Groups and Configuring Workload Groups." }, "urlCategories": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The list of URL categories to which the DLP policy rule must be applied." }, "dlpEngines": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The list of DLP engines to which the DLP policy rule must be applied." }, "includedDomainProfiles": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The list of domain profiles that must be added to the DLP rule criteria in order to apply the DLP rules only to domains that are part of the specified profiles. A maximum of 8 profiles can be selected." }, "excludedDomainProfiles": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The list of domain profiles that must be added to the DLP rule criteria in order to apply the DLP rules to all domains excluding the domains that are part of the specified profiles. A maximum of 8 profiles can be selected." }, "severity": { "allOf": [ { "title": "Severity", "enum": [ "RULE_SEVERITY_HIGH", "RULE_SEVERITY_MEDIUM", "RULE_SEVERITY_LOW", "RULE_SEVERITY_INFO" ], "type": "string", "description": "Indicates the severity selected for the DLP rule violation" }, { "description": "Indicates the severity selected for the DLP rule violation" } ] }, "parentRule": { "type": "integer", "description": "

The unique identifier of the parent rule under which an exception rule is added.

Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings. To learn more, see Configuring DLP Advanced Settings.

" }, "subRules": { "type": "array", "items": { "type": "object" }, "description": "

The list of exception rules added to a parent rule.

Note:

" }, "fileTypes": { "type": "array", "items": { "title": "FileType", "type": "string" }, "description": "

The list of file types for which the DLP policy rule must be applied.

Note:

" }, "cloudApplications": { "type": "array", "items": { "title": "CloudApplication2", "type": "string" }, "description": "The list of cloud applications to which the DLP policy rule must be applied." }, "minSize": { "type": "integer", "description": "The minimum file size (in KB) used for evaluation of the DLP policy rule." }, "action": { "allOf": [ { "title": "Action2", "enum": [ "ANY", "NONE", "BLOCK", "ALLOW", "ICAP_RESPONSE" ], "type": "string", "description": "The action taken when traffic matches the DLP policy rule criteria." }, { "description": "The action taken when traffic matches the DLP policy rule criteria." } ] }, "state": { "allOf": [ { "title": "State", "enum": [ "DISABLED", "ENABLED" ], "type": "string", "description": "Enables or disables the DLP policy rule." }, { "description": "Enables or disables the DLP policy rule." } ] }, "timeWindows": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of time windows to which the DLP policy rule must be applied." }, "auditor": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The auditor to which the DLP policy rule must be applied." } ] }, "externalAuditorEmail": { "type": "string", "description": "The email address of an external auditor to whom DLP email notifications are sent." }, "notificationTemplate": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The template used for DLP notification emails." } ] }, "matchOnly": { "type": "boolean", "description": "The match only criteria for DLP engines." }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the DLP policy rule was last modified." }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The admin that modified the DLP policy rule last." } ] }, "icapServer": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The DLP server, using ICAP, to which the transaction content is forwarded." } ] }, "withoutContentInspection": { "type": "boolean", "description": "Indicates a DLP policy rule without content inspection, when the value is set to true." }, "name": { "type": "string", "description": "The DLP policy rule name." }, "labels": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of rule labels associated to the DLP policy rule." }, "excludedGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The name-ID pairs of the groups that are excluded from the DLP policy rule." }, "excludedDepartments": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The name-ID pairs of the departments that are excluded from the DLP policy rule." }, "excludedUsers": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The name-ID pairs of the users that are excluded from the DLP policy rule." }, "dlpDownloadScanEnabled": { "type": "boolean", "description": "If this field is set to true, DLP scan is enabled for file downloads from cloud applications configured in the rule. If this field is set to false, DLP scan is disabled for downloads from the cloud applications." }, "zscalerIncidentReceiver": { "type": "boolean", "description": "Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule." }, "zccNotificationsEnabled": { "type": "boolean", "description": "

If this field is set to true, Zscaler Client Connector notification is enabled for the block action triggered by the web DLP rule. If this field is set to false, Zscaler Client Connector notification is disabled.

Note: This field can be configured only if the Web DLP Violation end user notification is enabled.

" } }, "description": "DLP policy rule information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getWebDlpRulesLite" }, "task": true }, { "name": "getRuleById", "summary": "getRuleById", "description": "Gets DLP policy rule information for the specified ID.", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the DLP policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getRuleById" }, "task": true }, { "name": "updateRule", "summary": "updateRule", "description": "Updates a DLP policy rule. This endpoint is not applicable to SaaS Security API DLP policy rules.", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the DLP policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "body", "type": "object", "info": "The DLP policy rule information.: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "The DLP policy rule information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateRule" }, "task": true }, { "name": "deleteRule", "summary": "deleteRule", "description": "Deletes a DLP policy rule. This endpoint is not applicable to SaaS Security API DLP policy rules.", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the DLP policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteRule" }, "task": true }, { "name": "getDeviceGroups", "summary": "getDeviceGroups", "description": "Gets a list of device groups.", "input": [ { "name": "includeDeviceInfo", "type": "boolean", "info": "Include or exclude device information.: boolean", "required": false, "schema": { "title": "includeDeviceInfo", "type": "boolean" } }, { "name": "includePseudoGroups", "type": "boolean", "info": "Include or exclude Zscaler Client Connector and Cloud Browser Isolation-related device groups.: boolean", "required": false, "schema": { "title": "includePseudoGroups", "type": "boolean" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "DeviceGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifer for the device group." }, "name": { "type": "string", "description": "The device group name." }, "groupType": { "allOf": [ { "title": "GroupType", "enum": [ "ZCC_OS", "NON_ZCC", "CBI" ], "type": "string", "description": "The device group type." }, { "description": "The device group type." } ] }, "description": { "type": "string", "description": "The device group's description." }, "osType": { "type": "string", "description": "The operating system (OS)." }, "predefined": { "type": "boolean", "description": "Indicates whether this is a predefined device group. If this value is set to true, the group is predefined.", "readOnly": true }, "deviceCount": { "type": "integer", "description": "The number of devices within the group." } }, "description": "Device group information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDeviceGroups" }, "task": true }, { "name": "getDevices", "summary": "getDevices", "description": "Gets a list of devices. Any given search parameters are applied during device search. Search parameters are based on device name, model, owner, OS type, and OS version. The devices listed can also be restricted to return information only for ones belonging to specific users.", "input": [ { "name": "name", "type": "string", "info": "The device group name.: string", "required": false, "schema": { "title": "name", "type": "string" } }, { "name": "model", "type": "string", "info": "The device models.: string", "required": false, "schema": { "title": "model", "type": "string" } }, { "name": "owner", "type": "string", "info": "The device owners.: string", "required": false, "schema": { "title": "owner", "type": "string" } }, { "name": "osType", "type": "string", "info": "The device's operating system.: ", "required": false, "schema": { "title": "osType", "type": "string" } }, { "name": "osVersion", "type": "string", "info": "The device's operating system version.: string", "required": false, "schema": { "title": "osVersion", "type": "string" } }, { "name": "deviceGroupId", "type": "number", "info": "The unique identifier for the device group.: 123", "required": false, "schema": { "title": "deviceGroupId", "type": "number" } }, { "name": "userIds", "type": "array", "info": "Used to list devices for specific users.: array", "required": false, "schema": { "title": "userIds", "type": "array" } }, { "name": "searchAll", "type": "string", "info": "Used to match against all device attribute information.: string", "required": false, "schema": { "title": "searchAll", "type": "string" } }, { "name": "includeAll", "type": "boolean", "info": "Used to include or exclude Cloud Browser Isolation devices.: boolean", "required": false, "schema": { "title": "includeAll", "type": "boolean" } }, { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 100, but the maximum size is 1000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "Device", "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for the device." }, "name": { "type": "string", "description": "The device name." }, "deviceGroupType": { "allOf": [ { "title": "DeviceGroupType", "enum": [ "ZCC_OS", "NON_ZCC", "CBI" ], "type": "string", "description": "The device group type." }, { "description": "The device group type." } ] }, "deviceModel": { "type": "string", "description": "The device model." }, "osType": { "allOf": [ { "title": "OsType", "enum": [ "ANY", "OTHER_OS", "IOS", "ANDROID_OS", "WINDOWS_OS", "MAC_OS", "LINUX" ], "type": "string", "description": "The operating system (OS)." }, { "description": "The operating system (OS)." } ] }, "osVersion": { "type": "string", "description": "The operating system version." }, "description": { "type": "string", "description": "The device's description." }, "ownerUserId": { "type": "integer", "description": "The unique identifier of the device owner (i.e., user)." }, "ownerName": { "type": "string", "description": "The device owner's user name." }, "hostName": { "type": "string", "description": "The hostname of the device." } }, "description": "Device information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDevices" }, "task": true }, { "name": "getDevicesLite", "summary": "getDevicesLite", "description": "Gets a list of devices that includes device ID, name, and owner name. Any given search parameters are applied during device search. Search parameters are based on device or user name and owner. The devices listed can also be restricted to return information only for ones belonging to specific users.", "input": [ { "name": "name", "type": "string", "info": "The device group name.: string", "required": false, "schema": { "title": "name", "type": "string" } }, { "name": "userIds", "type": "array", "info": "Used to list devices for specific users.: array", "required": false, "schema": { "title": "userIds", "type": "array" } }, { "name": "includeAll", "type": "boolean", "info": "Used to include or exclude Cloud Browser Isolation devices.: boolean", "required": false, "schema": { "title": "includeAll", "type": "boolean" } }, { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 100, but the maximum size is 1000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "Device", "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for the device." }, "name": { "type": "string", "description": "The device name." }, "deviceGroupType": { "allOf": [ { "title": "DeviceGroupType", "enum": [ "ZCC_OS", "NON_ZCC", "CBI" ], "type": "string", "description": "The device group type." }, { "description": "The device group type." } ] }, "deviceModel": { "type": "string", "description": "The device model." }, "osType": { "allOf": [ { "title": "OsType", "enum": [ "ANY", "OTHER_OS", "IOS", "ANDROID_OS", "WINDOWS_OS", "MAC_OS", "LINUX" ], "type": "string", "description": "The operating system (OS)." }, { "description": "The operating system (OS)." } ] }, "osVersion": { "type": "string", "description": "The operating system version." }, "description": { "type": "string", "description": "The device's description." }, "ownerUserId": { "type": "integer", "description": "The unique identifier of the device owner (i.e., user)." }, "ownerName": { "type": "string", "description": "The device owner's user name." }, "hostName": { "type": "string", "description": "The hostname of the device." } }, "description": "Device information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDevicesLite" }, "task": true }, { "name": "getEventReportEntryCsvExportStatus", "summary": "getEventReportEntryCsvExportStatus", "description": "Gets the status of the request to generate an event log report. Following a request to generate a report via the POST /eventlogEntryReport endpoint, you can call GET /eventlogEntryReport to check the current status of report generation. If the status is COMPLETE , you can send a GET request to /eventlogEntryReport/download to download the report as a CSV file.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getEventReportEntryCsvExportStatus" }, "task": true }, { "name": "startEventReportEntryCsvExport", "summary": "startEventReportEntryCsvExport", "description": "Creates an event log report for the specified time period and saves it as a CSV file. The report includes event log information for every call made to the ZIA API during the specified time period. Creating a new event log report overwrites the previously-generated report.", "input": [ { "name": "body", "type": "object", "info": "Event log report request, which includes the following information: startTime: The start time in the time range used to generate the event log report. endTime: The en...(description truncated): object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "

Event log report request, which includes the following information:

" } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/startEventReportEntryCsvExport" }, "task": true }, { "name": "cancelEventReportEntryCsvExport", "summary": "cancelEventReportEntryCsvExport", "description": "Cancels the request to generate an event log report.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/cancelEventReportEntryCsvExport" }, "task": true }, { "name": "getEventReportEntryCsvData", "summary": "getEventReportEntryCsvData", "description": "Downloads the most recently generated event log report. Calling this endpoint downloads the file only if the report generation status is COMPLETE . Use the GET /eventlogEntryReport endpoint to verify the status before calling this endpoint for downloading the file.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getEventReportEntryCsvData" }, "task": true }, { "name": "getFirewallFilteringRules", "summary": "getFirewallFilteringRules", "description": "Gets all rules in the Firewall Filtering policy. \n", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "FirewallFilteringRule", "required": [ "name" ], "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier for the Firewall Filtering policy rule" }, "name": { "type": "string", "description": "Name of the Firewall Filtering policy rule" }, "order": { "type": "integer", "description": "Rule order number of the Firewall Filtering policy rule" }, "rank": { "type": "integer", "description": "Admin rank of the Firewall Filtering policy rule" }, "locations": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The locations to which the Firewall Filtering policy rule applies" }, "locationGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The location groups to which the Firewall Filtering policy rule applies" }, "departments": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The departments to which the Firewall Filtering policy rule applies" }, "groups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The groups to which the Firewall Filtering policy rule applies" }, "users": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The users to which the Firewall Filtering policy rule applies" }, "timeWindows": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The time interval in which the Firewall Filtering policy rule applies" }, "workloadGroups": { "type": "array", "items": { "title": "WorkloadGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier assigned to the workload group" }, "name": { "type": "string", "description": "The name of the workload group" }, "description": { "type": "string", "description": "The description of the workload group" }, "expressionJson": { "title": "WorkloadTagExpression", "type": "object", "properties": { "expressionContainers": { "type": "array", "items": { "title": "ExpressionContainer", "type": "object", "properties": { "tagType": { "allOf": [ { "title": "TagType", "enum": [ "ANY", "VPC", "SUBNET", "VM", "ENI", "ATTR" ], "type": "string", "description": "The tag type selected from a predefined list" }, { "description": "The tag type selected from a predefined list" } ] }, "operator": { "allOf": [ { "title": "Operator", "enum": [ "AND", "OR", "OPEN_PARENTHESES", "CLOSE_PARENTHESES" ], "type": "string", "description": "The operator (either AND or OR) used to create logical relationships among tag types" }, { "description": "The operator (either AND or OR) used to create logical relationships among tag types" } ] }, "tagContainer": { "allOf": [ { "title": "TagContainer", "type": "object", "properties": { "tags": { "type": "array", "items": { "title": "Tag", "type": "object", "properties": { "key": { "type": "string", "description": "The key component present in the key-value pair contained in a tag" }, "value": { "type": "string", "description": "The value component present in the key-value pair contained in a tag" } }, "description": "The list of tags (key-value pairs) selected within a tag type" }, "description": "

One or more tags, each consisting of a key-value pair, selected within a tag type. If multiple tags are present within a tag type, they are combined using a logical operator.

Note: A maximum of 8 tags can be added to a workload group, irrespective of the number of tag types present.

" }, "operator": { "allOf": [ { "title": "Operator1", "enum": [ "AND", "OR", "OPEN_PARENTHESES", "CLOSE_PARENTHESES" ], "type": "string", "description": "The logical operator (either AND or OR) used to combine the tags within a tag type" }, { "description": "The logical operator (either AND or OR) used to combine the tags within a tag type" } ] } }, "description": "One or more tags combined using logical operators within a tag type" }, { "description": "One or more tags combined using logical operators within a tag type" } ] } }, "description": "One or more tag types (and associated tags) combined using logical operators within a workload group" }, "description": "Contains one or more tag types (and associated tags) combined using logical operators within a workload group" } } }, "expression": { "type": "string", "description": "The workload group expression containing tag types, tags, and their relationships." }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the workload group was last modified" }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] } }, "description": "Workload group information" }, "description": "The list of preconfigured workload groups to which the policy must be applied. To learn more, see About Workload Groups and Configuring Workload Groups." }, "action": { "allOf": [ { "title": "Action3", "enum": [ "ALLOW", "BLOCK_DROP", "BLOCK_RESET", "BLOCK_ICMP", "EVAL_NWAPP" ], "type": "string", "description": "The action the Firewall Filtering policy rule takes when packets match the rule" }, { "description": "The action the Firewall Filtering policy rule takes when packets match the rule" } ] }, "state": { "allOf": [ { "title": "State1", "enum": [ "DISABLED", "ENABLED" ], "type": "string", "description": "Determines whether the Firewall Filtering policy rule is enabled or disabled" }, { "description": "Determines whether the Firewall Filtering policy rule is enabled or disabled" } ] }, "description": { "type": "string", "description": "Additional information about the rule" }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the rule was last modified. Ignored if the request is POST or PUT. For GET, ignored if or the rule is current version." }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] }, "srcIps": { "type": "array", "items": { "type": "string" }, "description": "User-defined source IP addresses for which the rule is applicable. If not set, the rule is not restricted to a specific source IP address." }, "srcIpGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

Source IP address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IP address group.

Note: For organizations that have enabled IPv6, the srcIpv6Groups field lists the IPv6 source address groups for which the rule is applicable.

" }, "srcIpv6Groups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

Source IPv6 address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IPv6 address group.

Note: User-defined groups for IPv6 addresses are currently not supported.

" }, "sourceCountries": { "type": "array", "items": { "title": "SourceCountry", "type": "string" }, "description": "The list of source countries that must be included or excluded from the rule based on the excludeSrcCountries field value. If no value is set, this field is ignored during policy evaluation and the rule is applied to all source countries." }, "excludeSrcCountries": { "type": "boolean", "description": "Indicates whether the countries specified in the sourceCountries field are included or excluded from the rule. A true value denotes that the specified source countries are excluded from the rule. A false value denotes that the rule is applied to the source countries if there is a match." }, "destAddresses": { "type": "array", "items": { "type": "string" }, "description": "List of destination IP addresses for which the rule is applicable. CIDR notation can be used for destination IP addresses. If not set, the rule is not restricted to a specific destination addresses unless specified by destCountries, destIpGroups or destIpCategories." }, "destIpCategories": { "type": "array", "items": { "title": "DestIpCategory", "type": "string" }, "description": "IP address categories of destination for which the DNAT rule is applicable. If not set, the rule is not restricted to specific destination IP categories." }, "destCountries": { "type": "array", "items": { "title": "DestCountry", "type": "string" }, "description": "Destination countries for which the rule is applicable. If not set, the rule is not restricted to specific destination countries." }, "destIpGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

User-defined destination IP address groups to which the rule is applied. If not set, the rule is not restricted to a specific destination IP address group.

Note: For organizations that have enabled IPv6, the destIpv6Groups field lists the IPv6 source address groups for which the rule is applicable.

" }, "destIpv6Groups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

Destination IPv6 address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IPv6 address group.

Note: User-defined groups for IPv6 addresses are currently not supported.

" }, "nwServices": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "User-defined network services to which the rule is applied. If not set, the rule is not restricted to a specific network service." }, "nwServiceGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "User-defined network service group to which the rule is applied. If not set, the rule is not restricted to a specific network service group." }, "nwApplications": { "type": "array", "items": { "title": "NwApplication", "type": "string" }, "description": "User-defined network service applications to which the rule is applied. If not set, the rule is not restricted to a specific network service application." }, "nwApplicationGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "User-defined network service application group to which the rule is applied. If not set, the rule is not restricted to a specific network service application group." }, "appServices": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Application services on which this rule is applied" }, "appServiceGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Application service groups on which this rule is applied" }, "devices": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

Name-ID pairs of devices for which rule must be applied. Specifies devices that are managed using Zscaler Client Connector. If no value is set, this field is ignored during the policy evaluation.

" }, "deviceGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

Name-ID pairs of device groups for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. If no value is set, this field is ignored during the policy evaluation.

" }, "deviceTrustLevels": { "type": "array", "items": { "title": "DeviceTrustLevel", "enum": [ "ANY", "UNKNOWN_DEVICETRUSTLEVEL", "LOW_TRUST", "MEDIUM_TRUST", "HIGH_TRUST" ], "type": "string" }, "description": "

List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation.

" }, "labels": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Labels that are applicable to the rule." }, "defaultRule": { "type": "boolean", "description": "If set to true, the default rule is applied", "default": false }, "predefined": { "type": "boolean", "description": "If set to true, a predefined rule is applied", "default": false } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getFirewallFilteringRules" }, "task": true }, { "name": "createFirewallFilteringRule", "summary": "createFirewallFilteringRule", "description": "Adds a new Firewall Filtering policy rule.", "input": [ { "name": "body", "type": "object", "info": "The Firewall Filtering policy rule information.: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "The Firewall Filtering policy rule information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/createFirewallFilteringRule" }, "task": true }, { "name": "getFirewallFilteringRule", "summary": "getFirewallFilteringRule", "description": "Gets the Firewall Filtering policy rule information for the specified ID. \n", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getFirewallFilteringRule" }, "task": true }, { "name": "updateFirewallFilteringRule", "summary": "updateFirewallFilteringRule", "description": "Updates Firewall Filtering policy rule information for the specified ID.", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "body", "type": "object", "info": "The Firewall Filtering policy rule information.: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "The Firewall Filtering policy rule information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateFirewallFilteringRule" }, "task": true }, { "name": "deleteFirewallFilteringRule", "summary": "deleteFirewallFilteringRule", "description": "Deletes a Firewall Filtering policy rule for the specified ID.", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteFirewallFilteringRule" }, "task": true }, { "name": "getDestinationIpGroups", "summary": "getDestinationIpGroups", "description": "Gets a list of all IP destination groups. Note : This endpoint retrieves only IPv4 destination address groups. Organizations that have enabled IPv6 can use GET /ipSourceGroups/ipv6SourceGroups to retrieve IPv6 destination address groups. \n", "input": [ { "name": "excludeType", "type": "string", "info": "Filter based on the IP destination group's type.: ", "required": false, "schema": { "title": "excludeType", "enum": [ "DSTN_IP", "DSTN_FQDN", "DSTN_DOMAIN", "DSTN_OTHER" ], "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "DestinationIpGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifer for the destination IP group" }, "name": { "type": "string", "description": "Destination IP group name" }, "type": { "allOf": [ { "title": "Type3", "enum": [ "DSTN_IP", "DSTN_FQDN", "DSTN_DOMAIN", "DSTN_OTHER" ], "type": "string", "description": "Destination IP group type (i.e., the group can contain destination IP addresses or FQDNs)" }, { "description": "Destination IP group type (i.e., the group can contain destination IP addresses or FQDNs)" } ] }, "addresses": { "type": "array", "items": { "type": "string" }, "description": "Destination IP addresses, FQDNs, or wildcard FQDNs added to the group." }, "description": { "type": "string", "description": "Additional information about the destination IP group" }, "ipCategories": { "type": "array", "items": { "title": "IpCategory", "type": "string" }, "description": "Destination IP address URL categories. You can identify destinations based on the URL category of the domain." }, "countries": { "type": "array", "items": { "title": "Country", "type": "string" }, "description": "Destination IP address counties. You can identify destinations based on the location of a server." }, "isNonEditable": { "type": "boolean", "description": "

If set to true, the destination IP address group is non-editable. This field is applicable only to predefined IP address groups, which cannot be modified.

" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDestinationIpGroups" }, "task": true }, { "name": "addDestinationIpGroup", "summary": "addDestinationIpGroup", "description": "Adds a new IP Destination group. Note : This endpoint can only add an IPv4 destination address group. User-defined groups for IPv6 addresses are currently not supported.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/addDestinationIpGroup" }, "task": true }, { "name": "getDestinationIpv6Groups", "summary": "getDestinationIpv6Groups", "description": "Gets the list of destination IPv6 address groups. Note : User-defined groups for IPv6 addresses are currently not supported, so this endpoint retrieves only the predefined group that includes all IPv6 addresses.", "input": [ { "name": "excludeType", "type": "string", "info": "Specifies a destination group type to exclude the corresponding groups from the list.: ", "required": false, "schema": { "title": "excludeType", "enum": [ "DSTN_IP", "DSTN_FQDN", "DSTN_DOMAIN", "DSTN_OTHER" ], "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "DestinationIpGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifer for the destination IP group" }, "name": { "type": "string", "description": "Destination IP group name" }, "type": { "allOf": [ { "title": "Type3", "enum": [ "DSTN_IP", "DSTN_FQDN", "DSTN_DOMAIN", "DSTN_OTHER" ], "type": "string", "description": "Destination IP group type (i.e., the group can contain destination IP addresses or FQDNs)" }, { "description": "Destination IP group type (i.e., the group can contain destination IP addresses or FQDNs)" } ] }, "addresses": { "type": "array", "items": { "type": "string" }, "description": "Destination IP addresses, FQDNs, or wildcard FQDNs added to the group." }, "description": { "type": "string", "description": "Additional information about the destination IP group" }, "ipCategories": { "type": "array", "items": { "title": "IpCategory", "type": "string" }, "description": "Destination IP address URL categories. You can identify destinations based on the URL category of the domain." }, "countries": { "type": "array", "items": { "title": "Country", "type": "string" }, "description": "Destination IP address counties. You can identify destinations based on the location of a server." }, "isNonEditable": { "type": "boolean", "description": "

If set to true, the destination IP address group is non-editable. This field is applicable only to predefined IP address groups, which cannot be modified.

" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDestinationIpv6Groups" }, "task": true }, { "name": "getDestinationIpv6GroupsLite", "summary": "getDestinationIpv6GroupsLite", "description": "Gets a name and ID dictionary for destination IPv6 address groups. Note : User-defined groups for IPv6 addresses are currently not supported, so this endpoint retrieves only the predefined group that includes all IPv6 addresses.", "input": [ { "name": "type", "type": "array", "info": "Filters the list based on the destination group type.: array", "required": false, "schema": { "title": "type", "type": "array" } }, { "name": "excludeType", "type": "string", "info": "Specifies a destination group type to exclude the corresponding groups from the list type.: ", "required": false, "schema": { "title": "excludeType", "enum": [ "DSTN_IP", "DSTN_FQDN", "DSTN_DOMAIN", "DSTN_OTHER" ], "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDestinationIpv6GroupsLite" }, "task": true }, { "name": "getDestinationIpGroupsLite", "summary": "getDestinationIpGroupsLite", "description": "Gets a name and ID dictionary of all IP destination groups. Note : This endpoint retrieves only IPv4 destination address groups. Organizations that have enabled IPv6 can use GET /ipDestinationGroups/ipv6DestinationGroups/lite to retrieve IPv6 destination address groups. \n", "input": [ { "name": "type", "type": "array", "info": "Filter based on the IP destination group's type.: array", "required": false, "schema": { "title": "type", "type": "array" } }, { "name": "excludeType", "type": "string", "info": "Exclude from list based on the IP destination group's type.: ", "required": false, "schema": { "title": "excludeType", "enum": [ "DSTN_IP", "DSTN_FQDN", "DSTN_DOMAIN", "DSTN_OTHER" ], "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "DestinationIpGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifer for the destination IP group" }, "name": { "type": "string", "description": "Destination IP group name" }, "type": { "allOf": [ { "title": "Type3", "enum": [ "DSTN_IP", "DSTN_FQDN", "DSTN_DOMAIN", "DSTN_OTHER" ], "type": "string", "description": "Destination IP group type (i.e., the group can contain destination IP addresses or FQDNs)" }, { "description": "Destination IP group type (i.e., the group can contain destination IP addresses or FQDNs)" } ] }, "addresses": { "type": "array", "items": { "type": "string" }, "description": "Destination IP addresses, FQDNs, or wildcard FQDNs added to the group." }, "description": { "type": "string", "description": "Additional information about the destination IP group" }, "ipCategories": { "type": "array", "items": { "title": "IpCategory", "type": "string" }, "description": "Destination IP address URL categories. You can identify destinations based on the URL category of the domain." }, "countries": { "type": "array", "items": { "title": "Country", "type": "string" }, "description": "Destination IP address counties. You can identify destinations based on the location of a server." }, "isNonEditable": { "type": "boolean", "description": "

If set to true, the destination IP address group is non-editable. This field is applicable only to predefined IP address groups, which cannot be modified.

" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDestinationIpGroupsLite" }, "task": true }, { "name": "getDestinationIpGroupById", "summary": "getDestinationIpGroupById", "description": "Gets the IP destination group information for the specified ID.", "input": [ { "name": "ipGroupId", "type": "number", "info": "The unique identifier for the IP destination group.: 123", "required": true, "schema": { "title": "ipGroupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDestinationIpGroupById" }, "task": true }, { "name": "editDestinationIpGroup", "summary": "editDestinationIpGroup", "description": "Updates the IP destination group information for the specified ID. Note : Only user-defined IP groups can be updated.", "input": [ { "name": "ipGroupId", "type": "number", "info": "The unique identifier for the IP destination group.: 123", "required": true, "schema": { "title": "ipGroupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/editDestinationIpGroup" }, "task": true }, { "name": "deleteDestinationIpGroup", "summary": "deleteDestinationIpGroup", "description": "Deletes the IP destination group for the specified ID. Note : Only user-defined IP groups can be deleted.", "input": [ { "name": "ipGroupId", "type": "number", "info": ": 123", "required": true, "schema": { "title": "ipGroupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteDestinationIpGroup" }, "task": true }, { "name": "getSourceIpGroups", "summary": "getSourceIpGroups", "description": "Gets a list of all IP source groups. The search parameters find matching values within the name or description attributes. Note : This endpoint retrieves only IPv4 source address groups. Organizations that have enabled IPv6 can use GET /ipSourceGroups/ipv6SourceGroups to retrieve IPv6 source address groups.", "input": [ { "name": "search", "type": "string", "info": "The search string used to match against a group's name or description attributes.: string", "required": false, "schema": { "title": "search", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IpGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier of the source IP address group." }, "name": { "type": "string", "description": "The name of the source IP address group." }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "Source IP addresses added to the group." }, "description": { "type": "string", "description": "The description of the source IP address group." }, "isNonEditable": { "type": "boolean", "description": "

If set to true, the source IP address group is non-editable. This field is applicable only to predefined IP address groups, which cannot be modified.

" } }, "description": "IP group information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getSourceIpGroups" }, "task": true }, { "name": "addSourceIpGroup", "summary": "addSourceIpGroup", "description": "Adds a new IP source group. Note : This endpoint can only add an IPv4 source address group. User-defined groups for IPv6 addresses are currently not supported.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/addSourceIpGroup" }, "task": true }, { "name": "getSourceIpv6Groups", "summary": "getSourceIpv6Groups", "description": "Gets the list of source IPv6 address groups. Note : User-defined groups for IPv6 addresses are currently not supported, so this endpoint retrieves only the predefined group that includes all IPv6 addresses.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IpGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier of the source IP address group." }, "name": { "type": "string", "description": "The name of the source IP address group." }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "Source IP addresses added to the group." }, "description": { "type": "string", "description": "The description of the source IP address group." }, "isNonEditable": { "type": "boolean", "description": "

If set to true, the source IP address group is non-editable. This field is applicable only to predefined IP address groups, which cannot be modified.

" } }, "description": "IP group information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSourceIpv6Groups" }, "task": true }, { "name": "getSourceIpv6GroupsLite", "summary": "getSourceIpv6GroupsLite", "description": "Gets a name and ID dictionary for source IPv6 address groups. Note : User-defined groups for IPv6 addresses are currently not supported, so this endpoint retrieves only the predefined group that includes all IPv6 addresses.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IpGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier of the source IP address group." }, "name": { "type": "string", "description": "The name of the source IP address group." }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "Source IP addresses added to the group." }, "description": { "type": "string", "description": "The description of the source IP address group." }, "isNonEditable": { "type": "boolean", "description": "

If set to true, the source IP address group is non-editable. This field is applicable only to predefined IP address groups, which cannot be modified.

" } }, "description": "IP group information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSourceIpv6GroupsLite" }, "task": true }, { "name": "getSourceIpGroupsLite", "summary": "getSourceIpGroupsLite", "description": "Gets a name and ID dictionary of all IP source groups. Note : This endpoint retrieves only IPv4 source address groups. Organizations that have enabled IPv6 can use GET /ipSourceGroups/ipv6SourceGroups/lite to retrieve IPv6 source address groups. \n", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IpGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier of the source IP address group." }, "name": { "type": "string", "description": "The name of the source IP address group." }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "Source IP addresses added to the group." }, "description": { "type": "string", "description": "The description of the source IP address group." }, "isNonEditable": { "type": "boolean", "description": "

If set to true, the source IP address group is non-editable. This field is applicable only to predefined IP address groups, which cannot be modified.

" } }, "description": "IP group information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSourceIpGroupsLite" }, "task": true }, { "name": "getSourceIpGroupById", "summary": "getSourceIpGroupById", "description": "Gets the IP source group information for the specified ID. \n", "input": [ { "name": "ipGroupId", "type": "number", "info": "The unique identifier for the IP source group.: 123", "required": true, "schema": { "title": "ipGroupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getSourceIpGroupById" }, "task": true }, { "name": "editSourceIpGroup", "summary": "editSourceIpGroup", "description": "Updates the IP source group information for the specified ID. Note : Only user-defined IP groups can be updated.", "input": [ { "name": "ipGroupId", "type": "number", "info": "The unique identifier for the IP source group.: 123", "required": true, "schema": { "title": "ipGroupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/editSourceIpGroup" }, "task": true }, { "name": "deleteSourceIpGroup", "summary": "deleteSourceIpGroup", "description": "Deletes the IP source group for the specified ID. Note : Only user-defined IP groups can be deleted.", "input": [ { "name": "ipGroupId", "type": "number", "info": "The unique identifier for the IP source group.: 123", "required": true, "schema": { "title": "ipGroupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteSourceIpGroup" }, "task": true }, { "name": "getNetowrkApplicationGroups", "summary": "getNetowrkApplicationGroups", "description": "Gets a list of all network application groups. The search parameters find matching values within the name or description attributes. \n", "input": [ { "name": "search", "type": "string", "info": "The search string used to match against a group's name or description attributes.: string", "required": false, "schema": { "title": "search", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "NetworkApplicationGroup", "type": "object", "properties": { "id": { "type": "integer" }, "name": { "type": "string" }, "networkApplications": { "type": "array", "items": { "title": "NetworkApplication", "type": "string" }, "description": "" }, "description": { "type": "string" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNetowrkApplicationGroups" }, "task": true }, { "name": "createNetworkApplicationGroup", "summary": "createNetworkApplicationGroup", "description": "Creates a new custom network application group.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/createNetworkApplicationGroup" }, "task": true }, { "name": "getNetowrkApplicationGroupsLite", "summary": "getNetowrkApplicationGroupsLite", "description": "Gets a name and ID dictionary of all network application groups. \n", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "NetworkApplicationGroup", "type": "object", "properties": { "id": { "type": "integer" }, "name": { "type": "string" }, "networkApplications": { "type": "array", "items": { "title": "NetworkApplication", "type": "string" }, "description": "" }, "description": { "type": "string" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getNetowrkApplicationGroupsLite" }, "task": true }, { "name": "getNetworkApplicationGroupById", "summary": "getNetworkApplicationGroupById", "description": "Gets the network application group information for the specified ID. \n", "input": [ { "name": "groupId", "type": "number", "info": "The unique identifier for the network application group.: 123", "required": true, "schema": { "title": "groupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNetworkApplicationGroupById" }, "task": true }, { "name": "updateNetworkApplicationGroup", "summary": "updateNetworkApplicationGroup", "description": "Updates the customer network application group for the specified ID.", "input": [ { "name": "groupId", "type": "number", "info": "The unique identifier for the network application group.: 123", "required": true, "schema": { "title": "groupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateNetworkApplicationGroup" }, "task": true }, { "name": "deleteNetworkApplicationGroup", "summary": "deleteNetworkApplicationGroup", "description": "Deletes the custom network application group for the specified ID.", "input": [ { "name": "groupId", "type": "number", "info": "The unique identifier for the network application group.: 123", "required": true, "schema": { "title": "groupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteNetworkApplicationGroup" }, "task": true }, { "name": "getNetworkApplications", "summary": "getNetworkApplications", "description": "Gets a list of all predefined network applications. The search parameters find matching values within the description attribute. \n", "input": [ { "name": "search", "type": "string", "info": "The search string used to match against a network application's description attribute.: string", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "locale", "type": "string", "info": "When set to one of the supported locales (i.e., en-US, de-DE, es-ES, fr-FR, ja-JP, zh-CN), the network application's description is localized into the requested language...(description truncated): string", "required": false, "schema": { "title": "locale", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "NetworkApplicationDom", "type": "object", "properties": { "id": { "title": "Id", "type": "string" }, "parentCategory": { "title": "ParentCategory", "type": "string" }, "description": { "type": "string" }, "deprecated": { "type": "boolean", "default": false } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNetworkApplications" }, "task": true }, { "name": "getNetworkApplicationById", "summary": "getNetworkApplicationById", "description": "Gets the network application information for the specified ID. \n", "input": [ { "name": "appId", "type": "string", "info": "The unique identifier for the network application.: ", "required": true, "schema": { "title": "appId", "type": "string" } }, { "name": "locale", "type": "string", "info": "When set to one of the supported locales (i.e., en-US, de-DE, es-ES, fr-FR, ja-JP, zh-CN), the network application's description is localized into the requested language...(description truncated): string", "required": false, "schema": { "title": "locale", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNetworkApplicationById" }, "task": true }, { "name": "getNetworkServiceGroups", "summary": "getNetworkServiceGroups", "description": "Gets a list of all network service groups. The search parameters find matching values within the name or description attributes. \n", "input": [ { "name": "search", "type": "string", "info": "The search string used to match against a group's name or description attributes.: string", "required": false, "schema": { "title": "search", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "NetworkServiceGroup", "type": "object", "properties": { "id": { "type": "integer" }, "name": { "type": "string" }, "services": { "type": "array", "items": { "title": "NetworkService", "type": "object", "properties": { "id": { "type": "integer" }, "name": { "type": "string" }, "tag": { "title": "Tag1", "type": "string" }, "srcTcpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "destTcpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "srcUdpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "destUdpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "type": { "title": "Type5", "enum": [ "STANDARD", "PREDEFINED", "CUSTOM" ], "type": "string" }, "description": { "type": "string" }, "isNameL10nTag": { "type": "boolean", "default": false } } }, "description": "" }, "description": { "type": "string" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNetworkServiceGroups" }, "task": true }, { "name": "addCustomNetworkServiceGroup", "summary": "addCustomNetworkServiceGroup", "description": "Adds a new network service group.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/addCustomNetworkServiceGroup" }, "task": true }, { "name": "getNetworkServiceGroupsLite", "summary": "getNetworkServiceGroupsLite", "description": "Gets a name and ID dictionary of all network service groups. \n", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "NetworkServiceGroup", "type": "object", "properties": { "id": { "type": "integer" }, "name": { "type": "string" }, "services": { "type": "array", "items": { "title": "NetworkService", "type": "object", "properties": { "id": { "type": "integer" }, "name": { "type": "string" }, "tag": { "title": "Tag1", "type": "string" }, "srcTcpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "destTcpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "srcUdpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "destUdpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "type": { "title": "Type5", "enum": [ "STANDARD", "PREDEFINED", "CUSTOM" ], "type": "string" }, "description": { "type": "string" }, "isNameL10nTag": { "type": "boolean", "default": false } } }, "description": "" }, "description": { "type": "string" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getNetworkServiceGroupsLite" }, "task": true }, { "name": "getNetworkServiceGroupById", "summary": "getNetworkServiceGroupById", "description": "Gets the network service group information for the specified ID. \n", "input": [ { "name": "serviceGroupId", "type": "number", "info": "The unique identifier for the network service group.: 123", "required": true, "schema": { "title": "serviceGroupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNetworkServiceGroupById" }, "task": true }, { "name": "editNetworkServiceGroup", "summary": "editNetworkServiceGroup", "description": "Updates the network service group information for the specified ID.", "input": [ { "name": "serviceGroupId", "type": "number", "info": "The unique identifier for the network service group.: 123", "required": true, "schema": { "title": "serviceGroupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/editNetworkServiceGroup" }, "task": true }, { "name": "deleteCustomNetowrkServiceGroup", "summary": "deleteCustomNetowrkServiceGroup", "description": "Deletes the network service group for the specified ID.", "input": [ { "name": "serviceGroupId", "type": "number", "info": "The unique identifier for the network service group.: 123", "required": true, "schema": { "title": "serviceGroupId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteCustomNetowrkServiceGroup" }, "task": true }, { "name": "getNetworkServices", "summary": "getNetworkServices", "description": "Gets a list of all network services. The search parameters find matching values within the name or description attributes. \n", "input": [ { "name": "search", "type": "string", "info": "The search string used to match against a service's name or description attributes.: string", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "protocol", "type": "string", "info": "Filter based on the network service protocol.: ", "required": false, "schema": { "title": "protocol", "enum": [ "ICMP", "TCP", "UDP", "GRE", "ESP", "OTHER" ], "type": "string" } }, { "name": "locale", "type": "string", "info": "When set to one of the supported locales (i.e., en-US, de-DE, es-ES, fr-FR, ja-JP, zh-CN), the network service's description is localized into the requested language.: string", "required": false, "schema": { "title": "locale", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "NetworkService", "type": "object", "properties": { "id": { "type": "integer" }, "name": { "type": "string" }, "tag": { "title": "Tag1", "type": "string" }, "srcTcpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "destTcpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "srcUdpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "destUdpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "type": { "title": "Type5", "enum": [ "STANDARD", "PREDEFINED", "CUSTOM" ], "type": "string" }, "description": { "type": "string" }, "isNameL10nTag": { "type": "boolean", "default": false } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNetworkServices" }, "task": true }, { "name": "addCustomNetworkService", "summary": "addCustomNetworkService", "description": "Adds a new network service.", "input": [ { "name": "body", "type": "object", "info": "The network service information.: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "The network service information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/addCustomNetworkService" }, "task": true }, { "name": "getNetworkServicesLite", "summary": "getNetworkServicesLite", "description": "Gets a name and ID dictionary of all network services. \n", "input": [ { "name": "locale", "type": "string", "info": ": string", "required": false, "schema": { "title": "locale", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "NetworkService", "type": "object", "properties": { "id": { "type": "integer" }, "name": { "type": "string" }, "tag": { "title": "Tag1", "type": "string" }, "srcTcpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "destTcpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "srcUdpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "destUdpPorts": { "type": "array", "items": { "title": "PortRange", "type": "object", "properties": { "start": { "type": "integer" }, "end": { "type": "integer" } } }, "description": "" }, "type": { "title": "Type5", "enum": [ "STANDARD", "PREDEFINED", "CUSTOM" ], "type": "string" }, "description": { "type": "string" }, "isNameL10nTag": { "type": "boolean", "default": false } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNetworkServicesLite" }, "task": true }, { "name": "getNetworkServiceById", "summary": "getNetworkServiceById", "description": "Gets the network service for the specified ID. \n", "input": [ { "name": "serviceId", "type": "number", "info": "The unique identifier for the network service.: 123", "required": true, "schema": { "title": "serviceId", "type": "number" } }, { "name": "locale", "type": "string", "info": "When set to one of the supported locales (i.e., en-US, de-DE, es-ES, fr-FR, ja-JP, zh-CN), the network service's description is localized into the requested language.: string", "required": false, "schema": { "title": "locale", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNetworkServiceById" }, "task": true }, { "name": "editNetworkService", "summary": "editNetworkService", "description": "Updates the network service information for the specified ID.", "input": [ { "name": "serviceId", "type": "number", "info": "The unique identifier for the network service.: 123", "required": true, "schema": { "title": "serviceId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/editNetworkService" }, "task": true }, { "name": "deleteCustomNetworkService", "summary": "deleteCustomNetworkService", "description": "Deletes the network service for the specified ID.", "input": [ { "name": "serviceId", "type": "number", "info": "The unique identifier for the network service.: 123", "required": true, "schema": { "title": "serviceId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteCustomNetworkService" }, "task": true }, { "name": "getTimeWindows", "summary": "getTimeWindows", "description": "Gets a list of time intervals used for by the Firewall policy or the URL Filtering policy. \n", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "TimeWindow", "type": "object", "properties": { "id": { "type": "integer" }, "name": { "type": "string" }, "startTime": { "type": "integer" }, "endTime": { "type": "integer" }, "dayOfWeek": { "type": "array", "items": { "title": "DayOfWeek", "enum": [ "ANY", "NONE", "EVERYDAY", "SUN", "MON", "TUE", "WED", "THU", "FRI", "SAT" ], "type": "string" }, "description": "" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getTimeWindows" }, "task": true }, { "name": "getTimeWindowSummary", "summary": "getTimeWindowSummary", "description": "Gets a name and ID dictionary of time intervals used by the Firewall policy or the URL Filtering policy. \n", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "TimeWindow", "type": "object", "properties": { "id": { "type": "integer" }, "name": { "type": "string" }, "startTime": { "type": "integer" }, "endTime": { "type": "integer" }, "dayOfWeek": { "type": "array", "items": { "title": "DayOfWeek", "enum": [ "ANY", "NONE", "EVERYDAY", "SUN", "MON", "TUE", "WED", "THU", "FRI", "SAT" ], "type": "string" }, "description": "" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getTimeWindowSummary" }, "task": true }, { "name": "getUrlFilteringRules", "summary": "getRules", "description": "Gets a list of all of URL Filtering Policy rules.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "UrlFilteringRule", "required": [ "name" ], "type": "object", "properties": { "id": { "type": "integer", "description": "URL Filtering Rule ID" }, "name": { "type": "string", "description": "Rule Name" }, "order": { "type": "integer", "description": "Order of execution of rule with respect to other URL Filtering rules" }, "protocols": { "type": "array", "items": { "title": "Protocol1", "enum": [ "SMRULEF_ZPA_BROKERS_RULE", "ANY_RULE", "TCP_RULE", "UDP_RULE", "DOHTTPS_RULE", "TUNNELSSL_RULE", "HTTP_PROXY", "FOHTTP_RULE", "FTP_RULE", "HTTPS_RULE", "HTTP_RULE", "SSL_RULE", "TUNNEL_RULE" ], "type": "string" }, "description": "Protocol criteria" }, "locations": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of locations for which rule must be applied" }, "groups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of groups for which rule must be applied" }, "departments": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of departments for which rule must be applied" }, "users": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of users for which rule must be applied" }, "urlCategories": { "type": "array", "items": { "title": "UrlCategory1", "type": "string" }, "description": "List of URL categories for which rule must be applied" }, "state": { "allOf": [ { "title": "State3", "enum": [ "DISABLED", "ENABLED" ], "type": "string", "description": "Rule State" }, { "description": "Rule State" } ] }, "timeWindows": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of time interval during which rule must be enforced." }, "workloadGroups": { "type": "array", "items": { "title": "WorkloadGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier assigned to the workload group" }, "name": { "type": "string", "description": "The name of the workload group" }, "description": { "type": "string", "description": "The description of the workload group" }, "expressionJson": { "title": "WorkloadTagExpression", "type": "object", "properties": { "expressionContainers": { "type": "array", "items": { "title": "ExpressionContainer", "type": "object", "properties": { "tagType": { "allOf": [ { "title": "TagType", "enum": [ "ANY", "VPC", "SUBNET", "VM", "ENI", "ATTR" ], "type": "string", "description": "The tag type selected from a predefined list" }, { "description": "The tag type selected from a predefined list" } ] }, "operator": { "allOf": [ { "title": "Operator", "enum": [ "AND", "OR", "OPEN_PARENTHESES", "CLOSE_PARENTHESES" ], "type": "string", "description": "The operator (either AND or OR) used to create logical relationships among tag types" }, { "description": "The operator (either AND or OR) used to create logical relationships among tag types" } ] }, "tagContainer": { "allOf": [ { "title": "TagContainer", "type": "object", "properties": { "tags": { "type": "array", "items": { "title": "Tag", "type": "object", "properties": { "key": { "type": "string", "description": "The key component present in the key-value pair contained in a tag" }, "value": { "type": "string", "description": "The value component present in the key-value pair contained in a tag" } }, "description": "The list of tags (key-value pairs) selected within a tag type" }, "description": "

One or more tags, each consisting of a key-value pair, selected within a tag type. If multiple tags are present within a tag type, they are combined using a logical operator.

Note: A maximum of 8 tags can be added to a workload group, irrespective of the number of tag types present.

" }, "operator": { "allOf": [ { "title": "Operator1", "enum": [ "AND", "OR", "OPEN_PARENTHESES", "CLOSE_PARENTHESES" ], "type": "string", "description": "The logical operator (either AND or OR) used to combine the tags within a tag type" }, { "description": "The logical operator (either AND or OR) used to combine the tags within a tag type" } ] } }, "description": "One or more tags combined using logical operators within a tag type" }, { "description": "One or more tags combined using logical operators within a tag type" } ] } }, "description": "One or more tag types (and associated tags) combined using logical operators within a workload group" }, "description": "Contains one or more tag types (and associated tags) combined using logical operators within a workload group" } } }, "expression": { "type": "string", "description": "The workload group expression containing tag types, tags, and their relationships." }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the workload group was last modified" }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] } }, "description": "Workload group information" }, "description": "The list of preconfigured workload groups to which the policy must be applied. To learn more, see About Workload Groups and Configuring Workload Groups." }, "rank": { "type": "integer", "description": "Admin rank of the admin who creates this rule" }, "requestMethods": { "type": "array", "items": { "title": "RequestMethod", "enum": [ "OPTIONS", "GET", "HEAD", "POST", "PUT", "DELETE", "TRACE", "CONNECT", "OTHER" ], "type": "string" }, "description": "Request method for which the rule must be applied. If not set, rule is applied to all methods" }, "endUserNotificationUrl": { "type": "string", "description": "URL of end user notification page to be displayed when the rule is matched. Not applicable if either 'overrideUsers' or 'overrideGroups' is specified." }, "overrideUsers": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of users for which this rule can be overridden. Applicable only if blockOverride is set to 'true', action is 'BLOCK' and overrideGroups is not set.If this overrideUsers is not set, 'BLOCK' action can be overridden for any user." }, "overrideGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of groups for which this rule can be overridden. Applicable only if blockOverride is set to 'true' and action is 'BLOCK'. If this overrideGroups is not set, 'BLOCK' action can be overridden for any group." }, "blockOverride": { "type": "boolean", "description": "When set to true, a 'BLOCK' action triggered by the rule could be overridden. If true and both overrideGroup and overrideUsers are not set, the BLOCK triggered by this rule could be overridden for any users. If blockOverride is not set, 'BLOCK' action cannot be overridden.", "default": false }, "timeQuota": { "type": "integer", "description": "Time quota in minutes, after which the URL Filtering rule is applied. If not set, no quota is enforced. If a policy rule action is set to 'BLOCK', this field is not applicable." }, "sizeQuota": { "type": "integer", "description": "Size quota in KB beyond which the URL Filtering rule is applied. If not set, no quota is enforced. If a policy rule action is set to 'BLOCK', this field is not applicable." }, "description": { "type": "string", "description": "Additional information about the URL Filtering rule" }, "locationGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of the location groups to which the rule must be applied." }, "labels": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The URL Filtering rule's label. Rule labels allow you to logically group your organization's policy rules. Policy rules that are not associated with a rule label are grouped under the Untagged label." }, "validityStartTime": { "type": "integer", "description": "If enforceTimeValidity is set to true, the URL Filtering rule is valid starting on this date and time." }, "validityEndTime": { "type": "integer", "description": "If enforceTimeValidity is set to true, the URL Filtering rule ceases to be valid on this end date and time." }, "validityTimeZoneId": { "type": "string", "description": "If enforceTimeValidity is set to true, the URL Filtering rule date and time is valid based on this time zone ID." }, "lastModifiedTime": { "type": "integer", "description": "When the rule was last modified" }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "Who modified the rule last" } ] }, "enforceTimeValidity": { "type": "boolean", "description": "Enforce a set a validity time period for the URL Filtering rule. To learn more, see Configuring the URL Filtering Policy." }, "devices": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

Name-ID pairs of devices for which rule must be applied. Specifies devices that are managed using Zscaler Client Connector. If no value is set, this field is ignored during the policy evaluation.

" }, "deviceGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

This field is applicable for devices that are managed using Zscaler Client Connector. If no value is set, this field is ignored during the policy evaluation.

" }, "deviceTrustLevels": { "type": "array", "items": { "title": "DeviceTrustLevel", "enum": [ "ANY", "UNKNOWN_DEVICETRUSTLEVEL", "LOW_TRUST", "MEDIUM_TRUST", "HIGH_TRUST" ], "type": "string" }, "description": "

List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation.

" }, "action": { "allOf": [ { "title": "Action4", "enum": [ "BLOCK", "CAUTION", "ALLOW", "ISOLATE", "ICAP_RESPONSE" ], "type": "string", "description": "

Action taken when traffic matches rule criteria.

Note: The ISOLATE action is available only if Cloud Browser Isolation is enabled for your organization. To learn more, see Configuring the URL Filtering Policy.

" }, { "description": "

Action taken when traffic matches rule criteria.

Note: The ISOLATE action is available only if Cloud Browser Isolation is enabled for your organization. To learn more, see Configuring the URL Filtering Policy.

" } ] }, "cbiProfile": { "allOf": [ { "title": "BrowserIsolationProfile", "type": "object", "properties": { "id": { "type": "string", "description": "

The universally unique identifier (UUID) for the browser isolation profile

" }, "name": { "type": "string", "description": "

Name of the browser isolation profile

" }, "url": { "type": "string", "description": "

The browser isolation profile URL

" }, "defaultProfile": { "type": "boolean", "description": "

(Optional) Indicates whether this is a default browser isolation profile. Zscaler sets this field.

" } }, "description": "

Information about browser isolation profile. To learn more, see What Is Isolation? and Creating Isolation Profiles for ZIA.

" }, { "description": "

The cloud browser isolation profile to which the ISOLATE action is applied in the URL Filtering Policy rules.

Note: This parameter is required for the ISOLATE action and is not applicable to other actions.

" } ] }, "ciparule": { "type": "boolean", "description": "If set to true, the CIPA Compliance rule is enabled", "default": false } }, "description": "URL Filtering Rule" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getUrlFilteringRules" }, "task": true }, { "name": "postUrlFilteringRules", "summary": "addRule", "description": "Adds a URL Filtering Policy rule. If you are using the Admin Rank feature, refer to About Admin Rank to determine which value to provide for rank when adding a policy rule. If you are not using Admin Rank, the rank value must be 7.", "input": [ { "name": "body", "type": "object", "info": "The URL filtering rule information.: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "The URL filtering rule information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postUrlFilteringRules" }, "task": true }, { "name": "getUrlFilteringRulesRuleId", "summary": "getRuleById", "description": "Gets the URL Filtering Policy rule for the specified ID.", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the URL Filtering Policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getUrlFilteringRulesRuleId" }, "task": true }, { "name": "putUrlFilteringRulesRuleId", "summary": "updateRule", "description": "Updates the URL Filtering Policy rule for the specified ID. If you are using the Admin Rank feature, refer to About Admin Rank to determine which value to provide for rank when adding a policy rule. If you are not using Admin Rank, the rank value must be 7.", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the URL Filtering Policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "body", "type": "object", "info": "The URL filering rule information.: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "The URL filering rule information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putUrlFilteringRulesRuleId" }, "task": true }, { "name": "deleteUrlFilteringRulesRuleId", "summary": "deleteRule", "description": "Deletes the URL Filtering Policy rule for the specified ID.", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the URL Filtering Policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteUrlFilteringRulesRuleId" }, "task": true }, { "name": "getForwardingRules", "summary": "getForwardingRules", "description": "Gets the list of forwarding rules configured in the ZIA Admin Portal. To learn about forwarding control, see About Forwarding Control .", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "ForwardingRule", "required": [ "name", "rank", "forwardMethod" ], "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier assigned to the forwarding rule", "readOnly": true }, "name": { "type": "string", "description": "The name of the forwarding rule" }, "type": { "allOf": [ { "title": "Type6", "enum": [ "FIREWALL", "DNS", "DNAT", "SNAT", "FORWARDING", "INTRUSION_PREVENTION", "EC_DNS", "EC_RDR", "EC_SELF", "DNS_RESPONSE" ], "type": "string", "description": "The rule type selected from the available options" }, { "description": "The rule type selected from the available options" } ] }, "order": { "type": "integer", "description": "The order of execution for the forwarding rule order" }, "rank": { "type": "integer", "description": "Admin rank assigned to the forwarding rule" }, "locations": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of the locations to which the forwarding rule applies. If not set, the rule is applied to all locations." }, "locationGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of the location groups to which the forwarding rule applies" }, "ecGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of the Zscaler Cloud Connector groups to which the forwarding rule applies" }, "departments": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of the departments to which the forwarding rule applies. If not set, the rule applies to all departments." }, "groups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of the user groups to which the forwarding rule applies. If not set, the rule applies to all groups." }, "users": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of the users to which the forwarding rule applies. If not set, user criteria is ignored during policy enforcement." }, "forwardMethod": { "allOf": [ { "title": "ForwardMethod", "enum": [ "INVALID", "DIRECT", "PROXYCHAIN", "ZIA", "ZPA", "ECZPA", "ECSELF", "DROP" ], "type": "string", "description": "The type of traffic forwarding method selected from the available options" }, { "description": "The type of traffic forwarding method selected from the available options" } ] }, "state": { "allOf": [ { "title": "State2", "enum": [ "DISABLED", "ENABLED" ], "type": "string", "description": "Indicates whether the forwarding rule is enabled or disabled" }, { "description": "Indicates whether the forwarding rule is enabled or disabled" } ] }, "description": { "type": "string", "description": "Additional information about the forwarding rule" }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the rule was last modified. This field is not applicable for POST or PUT request.", "readOnly": true }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] }, "srcIps": { "type": "array", "items": { "type": "string" }, "description": "User-defined source IP addresses for which the rule is applicable. If not set, the rule is not restricted to a specific source IP address." }, "srcIpGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

Source IP address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IP address group.

Note: For organizations that have enabled IPv6, the srcIpv6Groups field lists the IPv6 source address groups for which the rule is applicable.

" }, "srcIpv6Groups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

Source IPv6 address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IPv6 address group.

Note: User-defined groups for IPv6 addresses are currently not supported.

" }, "destAddresses": { "type": "array", "items": { "type": "string" }, "description": "List of destination IP addresses or FQDNs for which the rule is applicable. CIDR notation can be used for destination IP addresses. If not set, the rule is not restricted to a specific destination addresses unless specified by destCountries, destIpGroups, or destIpCategories." }, "destIpCategories": { "type": "array", "items": { "title": "DestIpCategory1", "type": "string" }, "description": "List of destination IP categories to which the rule applies. If not set, the rule is not restricted to specific destination IP categories." }, "resCategories": { "type": "array", "items": { "title": "ResCategory", "type": "string" }, "description": "List of destination domain categories to which the rule applies" }, "destCountries": { "type": "array", "items": { "title": "DestCountry1", "type": "string" }, "description": "Destination countries for which the rule is applicable. If not set, the rule is not restricted to specific destination countries." }, "destIpGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

User-defined destination IP address groups to which the rule is applied. If not set, the rule is not restricted to a specific destination IP address group.

Note: For organizations that have enabled IPv6, the destIpv6Groups field lists the IPv6 source address groups for which the rule is applicable.

" }, "destIpv6Groups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

Destination IPv6 address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IPv6 address group.

Note: User-defined groups for IPv6 addresses are currently not supported.

" }, "nwServices": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

User-defined network services to which the rule applies. If not set, the rule is not restricted to a specific network service.

Note: When the forwarding method is Proxy Chaining, only TCP-based network services are considered for policy match .

" }, "nwServiceGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "User-defined network service group to which the rule applies. If not set, the rule is not restricted to a specific network service group." }, "proxyGateway": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] }, "zpaAppSegments": { "type": "array", "items": { "title": "AppSegment", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier assigned to the Application Segment" }, "name": { "type": "string", "description": "The name of the Application Segment" }, "externalId": { "type": "integer", "description": "Indicates the external ID. Applicable only when this reference is of an external entity." }, "zpaTenantId": { "type": "integer", "description": "ID of the ZPA tenant where the Application Segment is configured" } }, "description": "Application Segment information" }, "description": "The list of ZPA Application Segments for which this rule is applicable. This field is applicable only for the ZPA Gateway forwarding method." }, "zpaApplicationSegments": { "type": "array", "items": { "title": "ZpaApplicationSegment", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier assigned to the Application Segment" }, "name": { "type": "string", "description": "The name of the Application Segment" }, "description": { "type": "string", "description": "Additional information about the Application Segment" }, "zpaId": { "type": "integer", "description": "ID of the ZPA tenant where the Application Segment is configured" }, "deleted": { "type": "boolean", "description": "Indicates whether the ZPA Application Segment has been deleted", "readOnly": true } }, "description": "Information about the ZPA Application Segment" }, "description": "List of ZPA Application Segments for which this rule is applicable. This field is applicable only for the ECZPA forwarding method (used for Zscaler Cloud Connector)." }, "zpaApplicationSegmentGroups": { "type": "array", "items": { "title": "ZpaApplicationSegmentGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier assigned to the Application Segment Group" }, "name": { "type": "string", "description": "The name of the Application Segment Group" }, "zpaId": { "type": "integer", "description": "ID of the ZPA tenant where the Application Segment is configured" }, "deleted": { "type": "boolean", "description": "Indicates whether the ZPA Application Segment Group has been deleted", "readOnly": true }, "zpaAppSegmentsCount": { "type": "integer", "description": "The number of ZPA Application Segments in the group" } }, "description": "Information about the Application Segment Group" }, "description": "List of ZPA Application Segment Groups for which this rule is applicable. This field is applicable only for the ECZPA forwarding method (used for Zscaler Cloud Connector)." }, "zpaGateway": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] }, "zpaBrokerRule": { "type": "boolean", "description": "The predefined ZPA Broker Rule generated by Zscaler", "readOnly": true }, "devices": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of devices for which the rule must be applied. Specifies devices that are managed using Zscaler Client Connector. If no value is set, this field is ignored during the policy evaluation." }, "deviceGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Name-ID pairs of device groups for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. If no value is set, this field is ignored during the policy evaluation." }, "labels": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "Labels that are applicable to the rule" }, "nwApplications": { "type": "array", "items": { "title": "NwApplication1", "type": "string" }, "description": "User-defined network service applications to which the rule applies. If not set, the rule is not restricted to a specific network service application." }, "nwApplicationGroups": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "User-defined network service application groups to which the rule applied. If not set, the rule is not restricted to a specific network service application group." }, "timeWindows": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The time interval at which the forwarding rule applies" } }, "description": "Forwarding rule information" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getForwardingRules" }, "task": true }, { "name": "createForwardingRule", "summary": "createForwardingRule", "description": "Adds a new forwarding rule. To learn more, see Configuring Forwarding Policy .", "input": [ { "name": "body", "type": "object", "info": "Forwarding rule information: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "Forwarding rule information" } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/createForwardingRule" }, "task": true }, { "name": "getForwardingRule", "summary": "getForwardingRule", "description": "Gets information for a forwarding rule using the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "The ID of the forwarding rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getForwardingRule" }, "task": true }, { "name": "updateForwardingRule", "summary": "updateForwardingRule", "description": "Updates information for a forwarding rule using the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "The ID of the forwarding rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "body", "type": "object", "info": "Forwarding rule infomration: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "Forwarding rule infomration" } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateForwardingRule" }, "task": true }, { "name": "deleteForwardingRule", "summary": "deleteForwardingRule", "description": "Deletes a forwarding rule using the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "The ID of the forwarding rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteForwardingRule" }, "task": true }, { "name": "getZpaGateways", "summary": "getZpaGateways", "description": "Gets the list of Zscaler Private Access (ZPA) gateways configured in the ZIA Admin Portal. To learn about ZPA gateways, see About Zscaler Private Access Gateway .", "input": [ { "name": "search", "type": "string", "info": "The search string used to match against a ZPA gateway name or an associated Server Group name: string", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "appSegment", "type": "array", "info": "Filters the list by Application Segment: array", "required": false, "schema": { "title": "appSegment", "type": "array" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "ZpaGateway", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier assigned to the ZPA gateway" }, "name": { "type": "string", "description": "The name of the ZPA gateway" }, "zpaServerGroup": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] }, "zpaAppSegments": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "All the Application Segments that are associated with the selected ZPA Server Group for which Source IP Anchoring is enabled" }, "zpaTenantId": { "type": "integer", "description": "The ID of the ZPA tenant where Source IP Anchoring is configured" }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the ZPA gateway was last modified" }, "type": { "allOf": [ { "title": "Type7", "enum": [ "ZPA", "ECZPA" ], "type": "string", "description": "Indicates whether the ZPA gateway is configured for Zscaler Internet Access (using option ZPA) or Zscaler Cloud Connector (using option ECZPA)" }, { "description": "Indicates whether the ZPA gateway is configured for Zscaler Internet Access (using option ZPA) or Zscaler Cloud Connector (using option ECZPA)" } ] }, "description": { "type": "string", "description": "Additional details about the ZPA gateway" } }, "description": "ZPA gateway information" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getZpaGateways" }, "task": true }, { "name": "addZpaGateway", "summary": "addZpaGateway", "description": "Adds a new custom ZPA gateway. The ZPA gateway can be used in a forwarding control policy to forward traffic to ZPA for Source IP Anchoring . To learn more, see Configuring ZPA Gateway .", "input": [ { "name": "body", "type": "object", "info": ": {\"id\": 123, \"name\": \"string\", \"zpaServerGroup\": \"undefined\", \"zpaAppSegments\": [{\"id\": 123, \"name\": \"string\", \"externalId\": \"string\", \"extensions\": \"object\"}], \"zpaTenantId\": 123, \"lastModifiedBy\": \"undefined\", \"lastModifiedTime\": 123, \"type\": \"undefined\", \"description\": \"string\"}", "required": false, "schema": { "title": "ZpaGateway", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier assigned to the ZPA gateway" }, "name": { "type": "string", "description": "The name of the ZPA gateway" }, "zpaServerGroup": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] }, "zpaAppSegments": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "All the Application Segments that are associated with the selected ZPA Server Group for which Source IP Anchoring is enabled" }, "zpaTenantId": { "type": "integer", "description": "The ID of the ZPA tenant where Source IP Anchoring is configured" }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the ZPA gateway was last modified" }, "type": { "allOf": [ { "title": "Type7", "enum": [ "ZPA", "ECZPA" ], "type": "string", "description": "Indicates whether the ZPA gateway is configured for Zscaler Internet Access (using option ZPA) or Zscaler Cloud Connector (using option ECZPA)" }, { "description": "Indicates whether the ZPA gateway is configured for Zscaler Internet Access (using option ZPA) or Zscaler Cloud Connector (using option ECZPA)" } ] }, "description": { "type": "string", "description": "Additional details about the ZPA gateway" } }, "description": "ZPA gateway information" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/addZpaGateway" }, "task": true }, { "name": "getZpaGatewayById", "summary": "getZpaGatewayById", "description": "Gets information for a ZPA gateway using the specified ID", "input": [ { "name": "gatewayId", "type": "number", "info": "The ID of the ZPA gateway: 123", "required": true, "schema": { "title": "gatewayId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getZpaGatewayById" }, "task": true }, { "name": "editZpaGateway", "summary": "editZpaGateway", "description": "Updates information for a ZPA gateway using the specified ID", "input": [ { "name": "gatewayId", "type": "number", "info": "The ID of the ZPA gateway: 123", "required": true, "schema": { "title": "gatewayId", "type": "number" } }, { "name": "body", "type": "object", "info": "ZPA gateway information: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "ZPA gateway information" } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/editZpaGateway" }, "task": true }, { "name": "deleteZpaGateway", "summary": "deleteZpaGateway", "description": "Deletes a ZPA gateway using the specified ID", "input": [ { "name": "gatewayId", "type": "number", "info": "The ID of the ZPA gateway: 123", "required": true, "schema": { "title": "gatewayId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteZpaGateway" }, "task": true }, { "name": "getIntermediateCaCertificates", "summary": "getIntermediateCaCertificates", "description": "Gets the list of intermediate CA certificates added for SSL inspection.", "input": [ { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IntermediateCaCertificate", "required": [ "name", "type" ], "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier for the intermediate CA certificate", "readOnly": true }, "name": { "type": "string", "description": "Name of the intermediate CA certificate" }, "type": { "allOf": [ { "title": "Type8", "enum": [ "ZSCALER", "CUSTOM_SW", "CUSTOM_HSM" ], "type": "string", "description": "

Type of the intermediate CA certificate. Available types: Zscaler’s intermediate CA certificate (provided by Zscaler), custom intermediate certificate with software protection, and custom intermediate certificate with cloud HSM protection.

" }, { "description": "

Type of the intermediate CA certificate. Available types: Zscaler’s intermediate CA certificate (provided by Zscaler), custom intermediate certificate with software protection, and custom intermediate certificate with cloud HSM protection.

" } ] }, "region": { "allOf": [ { "title": "Region", "enum": [ "GLOBAL", "ASIA", "EUROPE", "US" ], "type": "string", "description": "

Location of the HSM resources. Required for custom intermediate CA certificates with cloud HSM protection.

" }, { "description": "

Location of the HSM resources. Required for custom intermediate CA certificates with cloud HSM protection.

" } ] }, "status": { "allOf": [ { "title": "Status3", "enum": [ "ENABLED", "DISABLED" ], "type": "string", "description": "

Determines whether the intermediate CA certificate is enabled or disabled for SSL inspection. Subscription to cloud HSM protection allows a maximum of four active certificates for SSL inspection at a time, whereas software protection subscription allows only one active certificate.

" }, { "description": "

Determines whether the intermediate CA certificate is enabled or disabled for SSL inspection. Subscription to cloud HSM protection allows a maximum of four active certificates for SSL inspection at a time, whereas software protection subscription allows only one active certificate.

" } ] }, "defaultCertificate": { "type": "boolean", "description": "

If set to true, the intermediate CA certificate is the default intermediate certificate. Only one certificate can be marked as the default intermediate certificate at a time.

" }, "certStartDate": { "type": "integer", "description": "Start date of the intermediate CA certificate’s validity period", "readOnly": true }, "certExpDate": { "type": "integer", "description": "Expiration date of the intermediate CA certificate’s validity period", "readOnly": true }, "description": { "type": "string", "description": "Description for the intermediate CA certificate" }, "currentState": { "allOf": [ { "title": "CurrentState", "enum": [ "GENERAL_DONE", "KEYGEN_DONE", "PUBKEY_DONE", "ATTESTATION_DONE", "ATTESTATION_VERIFY_DONE", "CSRGEN_DONE", "INTCERT_UPLOAD_DONE", "CERTCHAIN_UPLOAD_DONE", "CERT_READY" ], "type": "string", "description": "

Tracks the progress of the intermediate CA certificate in the configuration workflow

" }, { "description": "

Tracks the progress of the intermediate CA certificate in the configuration workflow

" } ] }, "publicKey": { "type": "string", "description": "

Public key in the HSM key pair generated for the intermediate CA certificate

", "readOnly": true }, "keyGenerationTime": { "type": "integer", "description": "Timestamp when the HSM key was generated", "readOnly": true }, "hsmAttestationVerifiedTime": { "type": "integer", "description": "Timestamp when the attestation for the HSM key was verified", "readOnly": true }, "csrFileName": { "type": "string", "description": "Certificate Signing Request (CSR) file name", "readOnly": true }, "csrGenerationTime": { "type": "integer", "description": "Timestamp when the Certificate Signing Request (CSR) was generated", "readOnly": true } }, "description": "Intermediate CA certificate information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getIntermediateCaCertificates" }, "task": true }, { "name": "addIntermediateCaCertificate", "summary": "addIntermediateCaCertificate", "description": "Adds a custom intermediate CA certificate that can be used for SSL inspection. Custom intermediate certificates can be added with software protection or cloud HSM based on your subscriptions. In cloud HSM protection, your certificate private keys are stored in a cloud hardware security module (HSM) located in a region of your choice. With cloud HSM protection subscription, you can add up to eight custom intermediate certificates using either cloud HSM or software protection and only four ce...(description truncated)", "input": [ { "name": "body", "type": "object", "info": "Intermediate CA certificate information.: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "Intermediate CA certificate information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/addIntermediateCaCertificate" }, "task": true }, { "name": "downloadAttestationStmt", "summary": "downloadAttestationStmt", "description": "Downloads the attestation bundle produced by the HSM solution for the specified intermediate CA certificate ID. The attestation bundle can be used to verify the HSM key attributes and the validity of the certificate.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/downloadAttestationStmt" }, "task": true }, { "name": "downloadCSR", "summary": "downloadCSR", "description": "Downloads a Certificate Signing Request (CSR) for the specified ID. To perform this operation, a CSR must have already been generated.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/downloadCSR" }, "task": true }, { "name": "downloadHsmPublicKey", "summary": "downloadHsmPublicKey", "description": "Downloads the public key in the HSM key pair for the intermediate CA certificate with the specified ID. To perform this operation, a HSM key pair must have already been generated.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/downloadHsmPublicKey" }, "task": true }, { "name": "finalizeCert", "summary": "finalizeCert", "description": "Finalizes the intermediate CA certificate with the specified ID.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/finalizeCert" }, "task": true }, { "name": "generateCsr", "summary": "generateCsr", "description": "Generates a Certificate Signing Request (CSR) for the custom intermediate CA certificate with the specified ID. You can send the generated CSR to your Certificate Authority (CA) to sign as a subordinate CA certificate or intermediate CA certificate. The subordinate CA can be an intermediate or an issuing CA.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } }, { "name": "body", "type": "object", "info": "Certificate Signing Request (CSR) information.: object", "required": true, "schema": { "allOf": [ { "type": "object" }, { "description": "Certificate Signing Request (CSR) information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/generateCsr" }, "task": true }, { "name": "generateHsmKeyPair", "summary": "generateHsmKeyPair", "description": "Generates a HSM key pair for the custom intermediate CA certificate with the specified ID.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/generateHsmKeyPair" }, "task": true }, { "name": "getIntermediateCaCertificatesLite", "summary": "getIntermediateCaCertificatesLite", "description": "Gets the list of intermediate CA certificates added for SSL inspection.", "input": [ { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IntermediateCaCertificate", "required": [ "name", "type" ], "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier for the intermediate CA certificate", "readOnly": true }, "name": { "type": "string", "description": "Name of the intermediate CA certificate" }, "type": { "allOf": [ { "title": "Type8", "enum": [ "ZSCALER", "CUSTOM_SW", "CUSTOM_HSM" ], "type": "string", "description": "

Type of the intermediate CA certificate. Available types: Zscaler’s intermediate CA certificate (provided by Zscaler), custom intermediate certificate with software protection, and custom intermediate certificate with cloud HSM protection.

" }, { "description": "

Type of the intermediate CA certificate. Available types: Zscaler’s intermediate CA certificate (provided by Zscaler), custom intermediate certificate with software protection, and custom intermediate certificate with cloud HSM protection.

" } ] }, "region": { "allOf": [ { "title": "Region", "enum": [ "GLOBAL", "ASIA", "EUROPE", "US" ], "type": "string", "description": "

Location of the HSM resources. Required for custom intermediate CA certificates with cloud HSM protection.

" }, { "description": "

Location of the HSM resources. Required for custom intermediate CA certificates with cloud HSM protection.

" } ] }, "status": { "allOf": [ { "title": "Status3", "enum": [ "ENABLED", "DISABLED" ], "type": "string", "description": "

Determines whether the intermediate CA certificate is enabled or disabled for SSL inspection. Subscription to cloud HSM protection allows a maximum of four active certificates for SSL inspection at a time, whereas software protection subscription allows only one active certificate.

" }, { "description": "

Determines whether the intermediate CA certificate is enabled or disabled for SSL inspection. Subscription to cloud HSM protection allows a maximum of four active certificates for SSL inspection at a time, whereas software protection subscription allows only one active certificate.

" } ] }, "defaultCertificate": { "type": "boolean", "description": "

If set to true, the intermediate CA certificate is the default intermediate certificate. Only one certificate can be marked as the default intermediate certificate at a time.

" }, "certStartDate": { "type": "integer", "description": "Start date of the intermediate CA certificate’s validity period", "readOnly": true }, "certExpDate": { "type": "integer", "description": "Expiration date of the intermediate CA certificate’s validity period", "readOnly": true }, "description": { "type": "string", "description": "Description for the intermediate CA certificate" }, "currentState": { "allOf": [ { "title": "CurrentState", "enum": [ "GENERAL_DONE", "KEYGEN_DONE", "PUBKEY_DONE", "ATTESTATION_DONE", "ATTESTATION_VERIFY_DONE", "CSRGEN_DONE", "INTCERT_UPLOAD_DONE", "CERTCHAIN_UPLOAD_DONE", "CERT_READY" ], "type": "string", "description": "

Tracks the progress of the intermediate CA certificate in the configuration workflow

" }, { "description": "

Tracks the progress of the intermediate CA certificate in the configuration workflow

" } ] }, "publicKey": { "type": "string", "description": "

Public key in the HSM key pair generated for the intermediate CA certificate

", "readOnly": true }, "keyGenerationTime": { "type": "integer", "description": "Timestamp when the HSM key was generated", "readOnly": true }, "hsmAttestationVerifiedTime": { "type": "integer", "description": "Timestamp when the attestation for the HSM key was verified", "readOnly": true }, "csrFileName": { "type": "string", "description": "Certificate Signing Request (CSR) file name", "readOnly": true }, "csrGenerationTime": { "type": "integer", "description": "Timestamp when the Certificate Signing Request (CSR) was generated", "readOnly": true } }, "description": "Intermediate CA certificate information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getIntermediateCaCertificatesLite" }, "task": true }, { "name": "getIntermediateCaCertificateLite", "summary": "getIntermediateCaCertificateLite", "description": "Gets information about the intermediate CA certificate with the specified ID.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getIntermediateCaCertificateLite" }, "task": true }, { "name": "makeDefaultCertificate", "summary": "makeDefaultCertificate", "description": "Updates the intermediate CA certificate information for the specified ID to mark it as the default intermediate certificate. Only one intermediate certificate can be marked as the default certificate at a time.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/makeDefaultCertificate" }, "task": true }, { "name": "getCertificatesInReadyToUseState", "summary": "getCertificatesInReadyToUseState", "description": "Gets the list of intermediate CA certificates that are ready to use for SSL inspection.", "input": [ { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IntermediateCaCertificate", "required": [ "name", "type" ], "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier for the intermediate CA certificate", "readOnly": true }, "name": { "type": "string", "description": "Name of the intermediate CA certificate" }, "type": { "allOf": [ { "title": "Type8", "enum": [ "ZSCALER", "CUSTOM_SW", "CUSTOM_HSM" ], "type": "string", "description": "

Type of the intermediate CA certificate. Available types: Zscaler’s intermediate CA certificate (provided by Zscaler), custom intermediate certificate with software protection, and custom intermediate certificate with cloud HSM protection.

" }, { "description": "

Type of the intermediate CA certificate. Available types: Zscaler’s intermediate CA certificate (provided by Zscaler), custom intermediate certificate with software protection, and custom intermediate certificate with cloud HSM protection.

" } ] }, "region": { "allOf": [ { "title": "Region", "enum": [ "GLOBAL", "ASIA", "EUROPE", "US" ], "type": "string", "description": "

Location of the HSM resources. Required for custom intermediate CA certificates with cloud HSM protection.

" }, { "description": "

Location of the HSM resources. Required for custom intermediate CA certificates with cloud HSM protection.

" } ] }, "status": { "allOf": [ { "title": "Status3", "enum": [ "ENABLED", "DISABLED" ], "type": "string", "description": "

Determines whether the intermediate CA certificate is enabled or disabled for SSL inspection. Subscription to cloud HSM protection allows a maximum of four active certificates for SSL inspection at a time, whereas software protection subscription allows only one active certificate.

" }, { "description": "

Determines whether the intermediate CA certificate is enabled or disabled for SSL inspection. Subscription to cloud HSM protection allows a maximum of four active certificates for SSL inspection at a time, whereas software protection subscription allows only one active certificate.

" } ] }, "defaultCertificate": { "type": "boolean", "description": "

If set to true, the intermediate CA certificate is the default intermediate certificate. Only one certificate can be marked as the default intermediate certificate at a time.

" }, "certStartDate": { "type": "integer", "description": "Start date of the intermediate CA certificate’s validity period", "readOnly": true }, "certExpDate": { "type": "integer", "description": "Expiration date of the intermediate CA certificate’s validity period", "readOnly": true }, "description": { "type": "string", "description": "Description for the intermediate CA certificate" }, "currentState": { "allOf": [ { "title": "CurrentState", "enum": [ "GENERAL_DONE", "KEYGEN_DONE", "PUBKEY_DONE", "ATTESTATION_DONE", "ATTESTATION_VERIFY_DONE", "CSRGEN_DONE", "INTCERT_UPLOAD_DONE", "CERTCHAIN_UPLOAD_DONE", "CERT_READY" ], "type": "string", "description": "

Tracks the progress of the intermediate CA certificate in the configuration workflow

" }, { "description": "

Tracks the progress of the intermediate CA certificate in the configuration workflow

" } ] }, "publicKey": { "type": "string", "description": "

Public key in the HSM key pair generated for the intermediate CA certificate

", "readOnly": true }, "keyGenerationTime": { "type": "integer", "description": "Timestamp when the HSM key was generated", "readOnly": true }, "hsmAttestationVerifiedTime": { "type": "integer", "description": "Timestamp when the attestation for the HSM key was verified", "readOnly": true }, "csrFileName": { "type": "string", "description": "Certificate Signing Request (CSR) file name", "readOnly": true }, "csrGenerationTime": { "type": "integer", "description": "Timestamp when the Certificate Signing Request (CSR) was generated", "readOnly": true } }, "description": "Intermediate CA certificate information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getCertificatesInReadyToUseState" }, "task": true }, { "name": "showCert", "summary": "showCert", "description": "Shows information about the signed intermediate CA certificate with the specified ID.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/showCert" }, "task": true }, { "name": "showCsr", "summary": "showCsr", "description": "Shows information about the Certificate Signing Request (CSR) for the specified ID.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/showCsr" }, "task": true }, { "name": "uploadCert", "summary": "uploadCert", "description": "Uploads a custom intermediate CA certificate signed by your Certificate Authority (CA) for SSL inspection. To enable users' browsers to trust this new intermediate certificate and any certificate signed by it, install this certificate on users' browsers. If you also want to upload a certificate chain, upload the signed intermediate certificate before uploading the certificate chain.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } }, { "name": "body", "type": "object", "info": "Uploads the signed intermediate CA certificate.: object", "required": false, "schema": { "type": "object", "description": "Uploads the signed intermediate CA certificate." } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/uploadCert" }, "task": true }, { "name": "uploadCertChain", "summary": "uploadCertChain", "description": "Uploads the intermediate certificate chain (PEM file). Upload the certificate chain that includes any other intermediate certificates that complete the chain to the intermediate root certificate you want to upload. When you upload a certificate chain, the Zscaler service sends the intermediate certificate along with this key chain and the signed server certificate to your users’ machines during SSL inspection. If you do not upload the certificate chain, the Zscaler service sends only your o...(description truncated)", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } }, { "name": "body", "type": "object", "info": "Uploads the intermediate certificate chain (PEM).: object", "required": false, "schema": { "type": "object", "description": "Uploads the intermediate certificate chain (PEM)." } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/uploadCertChain" }, "task": true }, { "name": "verifyKeyAttestation", "summary": "verifyKeyAttestation", "description": "Verifies the attestation for the HSM keys generated for the specified ID.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/verifyKeyAttestation" }, "task": true }, { "name": "getIntermediateCaCertificate", "summary": "getIntermediateCaCertificate", "description": "Gets intermediate CA certificate information for the specified ID.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getIntermediateCaCertificate" }, "task": true }, { "name": "updateIntermediateCaCertificate", "summary": "updateIntermediateCaCertificate", "description": "Updates intermediate CA certificate information for the specified ID.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } }, { "name": "body", "type": "object", "info": "Intermediate CA certificate information.: object", "required": false, "schema": { "allOf": [ { "type": "object" }, { "description": "Intermediate CA certificate information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateIntermediateCaCertificate" }, "task": true }, { "name": "deleteIntermediateCaCertificate", "summary": "deleteIntermediateCaCertificate", "description": "Deletes the intermediate CA certificate with the specified ID. The default intermediate certificate cannot be deleted.", "input": [ { "name": "certId", "type": "number", "info": "The unique identifier for the intermediate CA certificate.: 123", "required": true, "schema": { "title": "certId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteIntermediateCaCertificate" }, "task": true }, { "name": "getSslExemptedUrls", "summary": "getSslExemptedUrls", "description": "Gets a list of URLs that were exempted from SSL Inpection and policy evaluation.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSslExemptedUrls" }, "task": true }, { "name": "updateSslExemptedUrls", "summary": "updateSslExemptedUrls", "description": "Adds URLs to the exempted from SSL Inspection and policy evaluation list or removes URLs from the list. To add a URL to the list, set the action parameter to ADD_TO_LIST . To remove a URL, set action to REMOVE_FROM_LIST .", "input": [ { "name": "action", "type": "string", "info": "The action applied to the exempted URLs list (i.e., adding a URL or removing a URL).: ", "required": true, "schema": { "title": "action", "enum": [ "BLOCK", "CAUTION", "ALLOW", "ISOLATE", "ICAP_RESPONSE" ], "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateSslExemptedUrls" }, "task": true }, { "name": "getDeviceTypes", "summary": "getDeviceTypes", "description": "Retrieve the mapping between device type universally unique identifier (UUID) values and the device type names for all the device types supported by the Zscaler AI/ML.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IotItemInfo", "type": "object", "properties": { "uuid": { "type": "string", "description": "

The universally unique identifier (UUID) of the item.

" }, "name": { "type": "string", "description": "

The name of the item.

" }, "parent_uuid": { "type": "string", "description": "

The parent UUID of the item.

Note: This field is not applicable for the device types endpoint.

" } }, "description": "

Information about the items.

" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getDeviceTypes" }, "task": true }, { "name": "getCategories", "summary": "getCategories", "description": "Retrieve the mapping between the device category universally unique identifier (UUID) values and the category names for all the device categories supported by the Zscaler AI/ML. The parent of device category is device type.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IotItemInfo", "type": "object", "properties": { "uuid": { "type": "string", "description": "

The universally unique identifier (UUID) of the item.

" }, "name": { "type": "string", "description": "

The name of the item.

" }, "parent_uuid": { "type": "string", "description": "

The parent UUID of the item.

Note: This field is not applicable for the device types endpoint.

" } }, "description": "

Information about the items.

" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getCategories" }, "task": true }, { "name": "getClassifications", "summary": "getClassifications", "description": "Retrieve the mapping between the device classification universally unique identifier (UUID) values and the classification names for all the device classifications supported by Zscaler AI/ML. The parent of device classification is device category.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IotItemInfo", "type": "object", "properties": { "uuid": { "type": "string", "description": "

The universally unique identifier (UUID) of the item.

" }, "name": { "type": "string", "description": "

The name of the item.

" }, "parent_uuid": { "type": "string", "description": "

The parent UUID of the item.

Note: This field is not applicable for the device types endpoint.

" } }, "description": "

Information about the items.

" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getClassifications" }, "task": true }, { "name": "getDeviceList", "summary": "getDeviceList", "description": "Retrieve a list of discovered devices with the following key contexts, IP address, location, ML auto-label, classification, category, and type.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getDeviceList" }, "task": true }, { "name": "getSubLocations", "summary": "getSubLocations", "description": "Gets the sub-location information for the location with the specified ID. These are the sublocations associated to the parent location.", "input": [ { "name": "locationId", "type": "number", "info": "The unique identifier for the location. The sub-location information given is based on the parent location's ID.: 123", "required": true, "schema": { "title": "locationId", "type": "number" } }, { "name": "search", "type": "string", "info": "The search string used to partially match against a sub-location's name and port attributes.: string", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "sslScanEnabled", "type": "boolean", "info": "This parameter was deprecated and no longer has an effect on SSL policy. It remains supported in the API payload in order to maintain backwards compatibility with existi...(description truncated): boolean", "required": false, "schema": { "title": "sslScanEnabled", "type": "boolean" } }, { "name": "xffEnabled", "type": "boolean", "info": "Filter based on whether the Enforce XFF Forwarding setting is enabled or disabled for a sub-location.: boolean", "required": false, "schema": { "title": "xffEnabled", "type": "boolean" } }, { "name": "authRequired", "type": "boolean", "info": "Filter based on whether the Enforce Authentication setting is enabled or disabled for a sub-location.: boolean", "required": false, "schema": { "title": "authRequired", "type": "boolean" } }, { "name": "bwEnforced", "type": "boolean", "info": "Filter based on whether Bandwith Control is being enforced for a sub-location.: boolean", "required": false, "schema": { "title": "bwEnforced", "type": "boolean" } }, { "name": "enforceAup", "type": "boolean", "info": "Filter based on whether Enforce AUP setting is enabled or disabled for a sub-location.: boolean", "required": false, "schema": { "title": "enforceAup", "type": "boolean" } }, { "name": "enableFirewall", "type": "boolean", "info": "Filter based on whether Enable Firewall setting is enabled or disabled for a sub-location.: boolean", "required": false, "schema": { "title": "enableFirewall", "type": "boolean" } }, { "name": "enableIOT", "type": "boolean", "info": "If set to true, the city field (containing IoT-enabled location IDs, names, latitudes, and longitudes) and the iotDiscoveryEnabled filter are included in the response. O...(description truncated): boolean", "required": false, "schema": { "title": "enableIOT", "type": "boolean" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "Location", "required": [ "name" ], "type": "object", "properties": { "id": { "type": "integer", "description": "Location ID.", "readOnly": true }, "name": { "type": "string", "description": "Location Name." }, "parentId": { "type": "integer", "description": "Parent Location ID. If this ID does not exist or is 0, it is implied that it is a parent location. Otherwise, it is a sub-location whose parent has this ID. x-applicableTo: SUB" }, "upBandwidth": { "type": "integer", "description": "Upload bandwidth in kbps. The value 0 implies no Bandwidth Control enforcement." }, "dnBandwidth": { "type": "integer", "description": "Download bandwidth in kbps. The value 0 implies no Bandwidth Control enforcement." }, "country": { "allOf": [ { "title": "Country4", "type": "string", "description": "Country" }, { "description": "Country" } ] }, "tz": { "allOf": [ { "title": "Tz", "type": "string", "description": "Timezone of the location. If not specified, it defaults to GMT." }, { "description": "Timezone of the location. If not specified, it defaults to GMT." } ] }, "city": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

Geolocation of the IoT device. It displays the name-ID pair for the location (\"city\" : { \"id\":\"0\", \"name\":\"string\" }).

For example, \"city\" : { \"id\":\"2077963\", \"name\":\"Albany, Western Australia, Australia\"}.

" }, "geoOverride": { "type": "boolean", "description": "

If this field is set to true, the latitude and longitude values must be provided. By default, it's set to false.

" }, "latitude": { "type": "number", "description": "

The value of latitude must be set to 7-digit precision after decimal point, ranging between -90 and 90 degrees.

Note: This field is mandatory if geoOverride is set to true.

" }, "longitude": { "type": "number", "description": "

The value of longitude must be set to 7-digit precision after decimal point, ranging between -180 and 180 degrees.

Note: This field is mandatory if geoOverride is set to true.

" }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "

For locations: IP addresses of the egress points that are provisioned in the Zscaler Cloud. Each entry is a single IP address (e.g., 238.10.33.9).

For sublocations: Egress, internal, or GRE tunnel IP addresses. Each entry is either a single IP address, CIDR (e.g., 10.10.33.0/24), or range (e.g., 10.10.33.1-10.10.33.10)).

" }, "ports": { "type": "array", "items": { "type": "integer" }, "description": "IP ports that are associated with the location." }, "vpnCredentials": { "type": "array", "items": { "title": "VPNCredential", "required": [ "type" ], "type": "object", "properties": { "id": { "type": "integer", "description": "VPN credential id", "readOnly": true }, "type": { "allOf": [ { "title": "Type9", "enum": [ "CN", "IP", "UFQDN", "XAUTH" ], "type": "string", "description": "

VPN authentication type (i.e., how the VPN credential is sent to the server). It is not modifiable after VpnCredential is created.

Note: Zscaler no longer supports adding a new XAUTH VPN credential, but existing entries can be edited or deleted using the respective endpoints.

" }, { "description": "

VPN authentication type (i.e., how the VPN credential is sent to the server). It is not modifiable after VpnCredential is created.

Note: Zscaler no longer supports adding a new XAUTH VPN credential, but existing entries can be edited or deleted using the respective endpoints.

" } ] }, "fqdn": { "type": "string", "description": "Fully Qualified Domain Name. Applicable only to UFQDN or XAUTH (or HOSTED_MOBILE_USERS) auth type." }, "ipAddress": { "type": "string", "description": "

Static IP address for VPN that is self-provisioned or provisioned by Zscaler. This is a required field for IP auth type and is not applicable to other auth types.

Note: If you want Zscaler to provision static IP addresses for your organization, contact Zscaler Support.

" }, "preSharedKey": { "type": "string", "description": "Pre-shared key. This is a required field for UFQDN and IP auth type." }, "comments": { "type": "string", "description": "Additional information about this VPN credential." }, "location": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "Location that is associated to this VPN credential. Non-existence means not associated to any location." } ], "readOnly": true }, "managedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "

SD-WAN Partner that manages the location. If a partner does not manage the location, this is set to Self.

" } ], "readOnly": true } }, "description": "VPN is one way to route traffic from customer locations to the cloud. Site-to-site IPSec VPN credentials can be identified by the cloud through one of the following methods:\n\n 1. Common Name (CN) of IPSec Certificate\n\n 2. VPN User FQDN - requires VPN_SITE_TO_SITE subscription\n\n 3. VPN IP Address - requires VPN_SITE_TO_SITE subscription\n\n 4. Extended Authentication (XAUTH) or hosted mobile UserID - requires VPN_MOBILE subscription\n\n Notes:\n\n IPs must be created in Static IP first\n\n CN type (certificate) is created automatically, when a CN is provisioned by Zscaler.\n\n The 'psk' field is not applicable for this VPN type.\n\n The most common type is UFQDN." }, "description": "VPN User Credentials that are associated with the location." }, "authRequired": { "type": "boolean", "description": "

Enforce Authentication. Required when ports are enabled, IP Surrogate is enabled, or Kerberos Authentication is enabled.

", "default": false }, "sslScanEnabled": { "type": "boolean", "description": "

This parameter was deprecated and no longer has an effect on SSL policy. It remains supported in the API payload in order to maintain backwards compatibility with existing scripts, but it will be removed in future.

Enable SSL Inspection. Set to true in order to apply your SSL Inspection policy to HTTPS traffic in the location and inspect HTTPS transactions for data leakage, malicious content, and viruses. To learn more, see Deploying SSL Inspection

", "default": false }, "zappSSLScanEnabled": { "type": "boolean", "description": "

This parameter was deprecated and no longer has an effect on SSL policy. It remains supported in the API payload in order to maintain backwards compatibility with existing scripts, but it will be removed in future.

Enable Zscaler App SSL Setting. When set to true, the Zscaler App SSL Scan Setting takes effect, irrespective of the SSL policy that is configured for the location. To learn more, see Configuring SSL Inspection for Zscaler App

", "default": false }, "xffForwardEnabled": { "type": "boolean", "description": "

Enable XFF Forwarding for a location. When set to true, traffic is passed to Zscaler Cloud via the X-Forwarded-For (XFF) header.

Note: For sublocations, this attribute is a read-only field as the value is inherited from the parent location.

", "default": false }, "otherSubLocation": { "type": "boolean", "description": "If set to true, indicates that this is a default sub-location created by the Zscaler service to accommodate IPv4 addresses that are not part of any user-defined sublocations. The default sub-location is created with the name Other and it can be renamed, if required." }, "other6SubLocation": { "type": "boolean", "description": "If set to true, indicates that this is a default sub-location created by the Zscaler service to accommodate IPv6 addresses that are not part of any user-defined sublocations. The default sub-location is created with the name Other6 and it can be renamed, if required. This field is applicable only if ipv6Enabled is set is true." }, "surrogateIP": { "type": "boolean", "description": "

Enable Surrogate IP. When set to true, users are mapped to internal device IP addresses. To learn more, see About Surrogate IP.

", "default": false }, "idleTimeInMinutes": { "type": "integer", "description": "

Idle Time to Disassociation. The user mapping idle time (in minutes) is required if a Surrogate IP is enabled.

" }, "displayTimeUnit": { "allOf": [ { "title": "DisplayTimeUnit", "enum": [ "MINUTE", "HOUR", "DAY" ], "type": "string", "description": "

Display Time Unit. The time unit to display for IP Surrogate idle time to disassociation.

" }, { "description": "

Display Time Unit. The time unit to display for IP Surrogate idle time to disassociation.

" } ] }, "surrogateIPEnforcedForKnownBrowsers": { "type": "boolean", "description": "

Enforce Surrogate IP for Known Browsers. When set to true, IP Surrogate is enforced for all known browsers. To learn more, see About Surrogate IP

", "default": false }, "surrogateRefreshTimeInMinutes": { "type": "integer", "description": "

Refresh Time for re-validation of Surrogacy. The surrogate refresh time (in minutes) to re-validate the IP surrogates.

" }, "surrogateRefreshTimeUnit": { "allOf": [ { "title": "SurrogateRefreshTimeUnit", "enum": [ "MINUTE", "HOUR", "DAY" ], "type": "string", "description": "

Display Refresh Time Unit. The time unit to display for refresh time for re-validation of surrogacy.

" }, { "description": "

Display Refresh Time Unit. The time unit to display for refresh time for re-validation of surrogacy.

" } ] }, "ofwEnabled": { "type": "boolean", "description": "

Enable Firewall. When set to true, Firewall is enabled for the location.

", "default": false }, "ipsControl": { "type": "boolean", "description": "

Enable IPS Control. When set to true, IPS Control is enabled for the location if Firewall is enabled.

", "default": false }, "aupEnabled": { "type": "boolean", "description": "

Enable AUP. When set to true, AUP is enabled for the location. To learn more, see About End User Notifications

", "default": false }, "cautionEnabled": { "type": "boolean", "description": "

Enable Caution. When set to true, a caution notifcation is enabled for the location. To learn more, see Configuring the Caution Notification

", "default": false }, "aupBlockInternetUntilAccepted": { "type": "boolean", "description": "

For First Time AUP Behavior, Block Internet Access. When set, all internet access (including non-HTTP traffic) is disabled until the user accepts the AUP.

", "default": false }, "aupForceSslInspection": { "type": "boolean", "description": "

For First Time AUP Behavior, Force SSL Inspection. When set, Zscaler forces SSL Inspection in order to enforce AUP for HTTPS traffic.

", "default": false }, "ipv6Enabled": { "type": "boolean", "description": "If set to true, IPv6 is enabled for the location and IPv6 traffic from the location can be forwarded to the Zscaler service to enforce security policies." }, "ipv6Dns64Prefix": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "

(Optional) Name-ID pair of the NAT64 prefix configured as the DNS64 prefix for the location. If specified, the DNS64 prefix is used for the IP addresses that reside in this location. If not specified, a prefix is selected from the set of supported prefixes. This field is applicable only if ipv6Enabled is set is true. To learn more, see About the DNS64 Prefix.

Before you can configure a DNS64 prefix, you must send a GET request to /ipv6config/nat64prefix to retrieve the IDs of NAT64 prefixes, which can be configured as the DNS64 prefix.

" }, "iotDiscoveryEnabled": { "type": "boolean", "description": "

If this field is set to true, IoT discovery is enabled for this location.

" }, "aupTimeoutInDays": { "type": "integer", "description": "

Custom AUP Frequency. Refresh time (in days) to re-validate the AUP.

" }, "managedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "

SD-WAN Partner that manages the location. If a partner does not manage the location, this is set to Self.

" } ], "readOnly": true }, "profile": { "allOf": [ { "title": "Profile", "enum": [ "NONE", "CORPORATE", "SERVER", "GUESTWIFI", "IOT" ], "type": "string", "description": "

(Optional) Profile tag that specifies the location traffic type. If not specified, this tag is automatically set to best possible value using certain criteria.

The criteria used for setting best possible value is as follows:

\n " }, { "description": "

(Optional) Profile tag that specifies the location traffic type. If not specified, this tag is automatically set to best possible value using certain criteria.

The criteria used for setting best possible value is as follows:

\n " } ] }, "description": { "type": "string", "description": "

Additional notes or information regarding the location or sub-location. The description cannot exceed 1024 characters.

" } }, "description": "Location and sub-location information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getSubLocations" }, "task": true }, { "name": "getGroupsCount", "summary": "getGroupsCount", "description": "Gets the list of location groups for your organization.", "input": [ { "name": "lastModUser", "type": "string", "info": "The admin who modified the location group last.: string", "required": false, "schema": { "title": "lastModUser", "type": "string" } }, { "name": "version", "type": "number", "info": "The version parameter is for Zscaler internal use only. The version is used by the service for backup operations.: 123", "required": false, "schema": { "title": "version", "type": "number" } }, { "name": "name", "type": "string", "info": "The location group's name.: string", "required": false, "schema": { "title": "name", "type": "string" } }, { "name": "groupType", "type": "string", "info": "The location group's type (i.e., Static or Dynamic).: string", "required": false, "schema": { "title": "groupType", "type": "string" } }, { "name": "comments", "type": "string", "info": "Additional comments or information about the location group.: string", "required": false, "schema": { "title": "comments", "type": "string" } }, { "name": "locationId", "type": "number", "info": "The unique identifier for a location within a location group.: 123", "required": false, "schema": { "title": "locationId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getGroupsCount" }, "task": true }, { "name": "getGroupsSummary", "summary": "getGroupsSummary", "description": "Gets the name and ID dictionary of location groups.", "input": [ { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 100, but the maximum size is 1000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getGroupsSummary" }, "task": true }, { "name": "getGroupSummary", "summary": "getGroupSummary", "description": "Gets the name and ID dictionary for the specified location group ID. The response only provides id , name , and deleted information.", "input": [ { "name": "id", "type": "number", "info": "The unique identifier for the location group.: 123", "required": true, "schema": { "title": "id", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getGroupSummary" }, "task": true }, { "name": "getGroupById", "summary": "getGroupById", "description": "Gets the location group for the specified ID.", "input": [ { "name": "id", "type": "number", "info": "The unique identifier for the location group.: 123", "required": true, "schema": { "title": "id", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getGroupById" }, "task": true }, { "name": "getRuleLabels", "summary": "getRuleLabels", "description": "Gets a list of rule labels. To learn more, see About Rule Labels .", "input": [ { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 100, but the maximum size is 1000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "RuleLabel", "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for the rule label." }, "name": { "type": "string", "description": "The rule label name." }, "description": { "type": "string", "description": "The rule label description." }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the rule lable was last modified. This is a read-only field. Ignored by PUT and DELETE requests." }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The admin that modified the rule label last. This is a read-only field. Ignored by PUT requests." } ] }, "createdBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "The admin that created the rule label. This is a read-only field. Ignored by PUT requests." } ] }, "referencedRuleCount": { "type": "integer", "description": "The number of rules that reference the label." } }, "description": "Rule label information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getRuleLabels" }, "task": true }, { "name": "addRuleLabel", "summary": "addRuleLabel", "description": "Adds a rule label.", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/addRuleLabel" }, "task": true }, { "name": "getRuleLabelById", "summary": "getRuleLabelById", "description": "Gets rule label information for the specified ID.", "input": [ { "name": "ruleLabelId", "type": "number", "info": "The unique identifier for the rule label.: 123", "required": true, "schema": { "title": "ruleLabelId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getRuleLabelById" }, "task": true }, { "name": "updateRuleLabel", "summary": "updateRuleLabel", "description": "Updates rule label information for the specified ID.", "input": [ { "name": "ruleLabelId", "type": "number", "info": "The unique identifier for the rule label.: 123", "required": true, "schema": { "title": "ruleLabelId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateRuleLabel" }, "task": true }, { "name": "deleteRuleLabel", "summary": "deleteRuleLabel", "description": "Deletes the rule label for the specified ID.", "input": [ { "name": "ruleLabelId", "type": "number", "info": "The unique identifier for the rule label.: 123", "required": true, "schema": { "title": "ruleLabelId", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteRuleLabel" }, "task": true }, { "name": "getCustomFileHash", "summary": "getCustomFileHash", "description": "Gets the custom list of MD5 file hashes that are blocked by Sandbox", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getCustomFileHash" }, "task": true }, { "name": "updateCustomFileHash", "summary": "updateCustomFileHash", "description": "Updates the custom list of MD5 file hashes that are blocked by Sandbox. This overwrites a previously generated blocklist. If you need to completely erase the blocklist, submit an empty list. Note: Only the file types that are supported by Sandbox analysis can be blocked using MD5 hashes.", "input": [ { "name": "body", "type": "object", "info": ": {\"fileHashesToBeBlocked\": \"array\"}", "required": false, "schema": { "title": "BaAdvancedSettings", "type": "object", "properties": { "fileHashesToBeBlocked": { "type": "array", "items": { "type": "string" }, "description": "A custom list of unique MD5 file hashes that must be blocked by Sandbox. A maximum of 10000 MD5 file hashes can be blocked." } }, "description": "Advanced Sandbox Settings" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateCustomFileHash" }, "task": true }, { "name": "getCustomFileHashQuota", "summary": "getCustomFileHashQuota", "description": "Gets the used and unused quota for blocking MD5 file hashes with Sandbox", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getCustomFileHashQuota" }, "task": true }, { "name": "bulkUpdateCloudApplication", "summary": "bulkUpdateCloudApplication", "description": "Updates application status and tag information for predefined or custom cloud applications based on the IDs specified", "input": [ { "name": "body", "type": "object", "info": ": {\"sanctionedState\": \"undefined\", \"applicationIds\": \"array\", \"customTags\": [{\"id\": 123, \"name\": \"string\"}]}", "required": true, "schema": { "title": "CloudApplication", "type": "object", "properties": { "sanctionedState": { "allOf": [ { "title": "SanctionedState", "enum": [ "UN_SANCTIONED", "SANCTIONED", "ANY" ], "type": "string", "description": "The cloud application status that indicates whether it is sanctioned or unsanctioned" }, { "description": "The cloud application status that indicates whether it is sanctioned or unsanctioned" } ] }, "applicationIds": { "type": "array", "items": { "type": "integer" }, "description": "The list of cloud application IDs for which the status (sanctioned or unsanctioned) and tags have to be updated" }, "customTags": { "type": "array", "items": { "title": "CustomTag", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier of the custom tag" }, "name": { "type": "string", "description": "The name of the custom tag" } }, "description": "Name-ID information of custom tags" }, "description": "The list of custom tags that must be assigned to the cloud applications" } }, "description": "Cloud application information" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/bulkUpdateCloudApplication" }, "task": true }, { "name": "getCloudApplicationsLite", "summary": "getCloudApplicationsLite", "description": "Gets the list of predefined and custom cloud applications", "input": [ { "name": "pageNumber", "type": "number", "info": "Specifies the page number. The numbering starts at 0.: 123", "required": false, "schema": { "title": "pageNumber", "type": "number" } }, { "name": "limit", "type": "number", "info": "Specifies the maximum number of cloud applications that must be retrieved in a page: 123", "required": false, "schema": { "title": "limit", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "NamedItem", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier of the cloud application" }, "name": { "type": "string", "description": "The name of the cloud application" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getCloudApplicationsLite" }, "task": true }, { "name": "getAllCustomTags", "summary": "getAllCustomTags", "description": "Gets the list of custom tags available to assign to cloud applications", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "CustomTag", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier of the custom tag" }, "name": { "type": "string", "description": "The name of the custom tag" } }, "description": "Name-ID information of custom tags" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAllCustomTags" }, "task": true }, { "name": "getReportDataApplicationsExport", "summary": "getReportDataApplicationsExport", "description": "Export the Shadow IT Report (in CSV format) for the cloud applications recognized by Zscaler based on their usage in your organization. This report lists cloud applications along with a number of parameters including the sanction status for each application, the risk index assigned for the application, application usage details, application hosting information, and application security-related information, such as SSL certificate validity, data encryption (in transit), security certifications...(description truncated)", "input": [ { "name": "body", "type": "object", "info": "Information used to generate the Shadow IT Report for the cloud applications recognized by Zscaler based on their usage in your organization. The list of fields is as ...(description truncated): object", "required": true, "schema": { "allOf": [ { "type": "object" }, { "description": "

Information used to generate the Shadow IT Report for the cloud applications recognized by Zscaler based on their usage in your organization. The list of fields is as follows:

Note: The duration parameter is required in the request body.

" } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getReportDataApplicationsExport" }, "task": true }, { "name": "getReportTransactionsExport", "summary": "getReportTransactionsExport", "description": "Export the Shadow IT Report (in CSV format) for the list of users or known locations identified with using the cloud applications specified in the request. This report includes information about each user who has interacted with the application or the known location from where the application is accessed, application category, application usage details, the number of transactions made, last accessed time, etc. You can customize the report per your requirements by using various filters. To...(description truncated)", "input": [ { "name": "entity", "type": "string", "info": "Indicates whether the Shadow IT Report must be generated to retrieve the list of users who have interacted with a cloud application or the known locations where the cl...(description truncated): ", "required": true, "schema": { "title": "entity", "enum": [ "USER", "LOCATION" ], "type": "string" } }, { "name": "body", "type": "object", "info": "Information used to generate the Shadow IT Report for the list of users that have interacted with a specific cloud application or the known locations where the cloud...(description truncated): object", "required": true, "schema": { "allOf": [ { "type": "object" }, { "description": "

Information used to generate the Shadow IT Report for the list of users that have interacted with a specific cloud application or the known locations where the cloud application is accessed. The list of fields is as follows:

Note: The duration and application parameters are required in the request body.

" } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getReportTransactionsExport" }, "task": true }, { "name": "getAllGreTunnels", "summary": "getAllGreTunnels", "description": "Gets all provisioned GRE tunnel information.", "input": [ { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 100, but the maximum size is 1000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "GreTunnel", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier of the static IP address that is associated to a GRE tunnel", "readOnly": true }, "sourceIp": { "type": "string", "description": "The source IP address of the GRE tunnel. This is typically a static IP address in the organization or SD-WAN. This IP address must be provisioned within the Zscaler service using the /staticIP endpoint." }, "primaryDestVip": { "allOf": [ { "title": "GreVirtualIp", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifer of the GRE virtual IP address (VIP)" }, "virtualIp": { "type": "string", "description": "GRE cluster virtual IP address (VIP)" }, "privateServiceEdge": { "type": "boolean", "description": "Set to true if the virtual IP address (VIP) is a ZIA Private Service Edge", "readOnly": true }, "datacenter": { "type": "string", "description": "Data center information", "readOnly": true } }, "description": "GRE cluster virtual IP address (VIP) and data center information" }, { "description": "The primary destination data center and virtual IP address (VIP) of the GRE tunnel" } ] }, "secondaryDestVip": { "allOf": [ { "title": "GreVirtualIp", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifer of the GRE virtual IP address (VIP)" }, "virtualIp": { "type": "string", "description": "GRE cluster virtual IP address (VIP)" }, "privateServiceEdge": { "type": "boolean", "description": "Set to true if the virtual IP address (VIP) is a ZIA Private Service Edge", "readOnly": true }, "datacenter": { "type": "string", "description": "Data center information", "readOnly": true } }, "description": "GRE cluster virtual IP address (VIP) and data center information" }, { "description": "The secondary destination data center and virtual IP address (VIP) of the GRE tunnel" } ] }, "internalIpRange": { "type": "string", "description": "The start of the internal IP address in /29 CIDR range" }, "managedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "

SD-WAN Partner that manages the location. If a partner does not manage the location, this is set to Self.

" } ], "readOnly": true }, "lastModificationTime": { "type": "integer", "description": "When the GRE tunnel information was last modified" }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "Who modified the GRE tunnel information last" } ] }, "withinCountry": { "type": "boolean", "description": "Restrict the data center virtual IP addresses (VIPs) only to those within the same country as the source IP address" }, "comment": { "type": "string", "description": "Additional information about this GRE tunnel" }, "ipUnnumbered": { "type": "boolean", "description": "This is required to support the automated SD-WAN provisioning of GRE tunnels, when set to true gre_tun_ip and gre_tun_id are set to null" }, "subcloud": { "type": "string", "description": "

Restrict the data center virtual IP addresses (VIPs) only to those part of the subcloud

" } }, "description": "GRE tunnel information" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getAllGreTunnels" }, "task": true }, { "name": "addGreTunnel", "summary": "addGreTunnel", "description": "Adds a GRE tunnel configuration. Note: Specifying withinCountryOnly or subcloud parameter is mandatory if this endpoint uses a virtual IP address (VIP) retrieved by passing either of these parameters in GET /vips/recommendedList .", "input": [ { "name": "body", "type": "object", "info": ": {\"id\": 123, \"sourceIp\": \"string\", \"primaryDestVip\": \"undefined\", \"secondaryDestVip\": \"undefined\", \"internalIpRange\": \"string\", \"managedBy\": \"undefined\", \"lastModificationTime\": 123, \"lastModifiedBy\": \"undefined\", \"withinCountry\": \"boolean\", \"comment\": \"string\", \"ipUnnumbered\": \"boolean\", \"subcloud\": \"string\"}", "required": true, "schema": { "title": "GreTunnel", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier of the static IP address that is associated to a GRE tunnel", "readOnly": true }, "sourceIp": { "type": "string", "description": "The source IP address of the GRE tunnel. This is typically a static IP address in the organization or SD-WAN. This IP address must be provisioned within the Zscaler service using the /staticIP endpoint." }, "primaryDestVip": { "allOf": [ { "title": "GreVirtualIp", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifer of the GRE virtual IP address (VIP)" }, "virtualIp": { "type": "string", "description": "GRE cluster virtual IP address (VIP)" }, "privateServiceEdge": { "type": "boolean", "description": "Set to true if the virtual IP address (VIP) is a ZIA Private Service Edge", "readOnly": true }, "datacenter": { "type": "string", "description": "Data center information", "readOnly": true } }, "description": "GRE cluster virtual IP address (VIP) and data center information" }, { "description": "The primary destination data center and virtual IP address (VIP) of the GRE tunnel" } ] }, "secondaryDestVip": { "allOf": [ { "title": "GreVirtualIp", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifer of the GRE virtual IP address (VIP)" }, "virtualIp": { "type": "string", "description": "GRE cluster virtual IP address (VIP)" }, "privateServiceEdge": { "type": "boolean", "description": "Set to true if the virtual IP address (VIP) is a ZIA Private Service Edge", "readOnly": true }, "datacenter": { "type": "string", "description": "Data center information", "readOnly": true } }, "description": "GRE cluster virtual IP address (VIP) and data center information" }, { "description": "The secondary destination data center and virtual IP address (VIP) of the GRE tunnel" } ] }, "internalIpRange": { "type": "string", "description": "The start of the internal IP address in /29 CIDR range" }, "managedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "

SD-WAN Partner that manages the location. If a partner does not manage the location, this is set to Self.

" } ], "readOnly": true }, "lastModificationTime": { "type": "integer", "description": "When the GRE tunnel information was last modified" }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "Who modified the GRE tunnel information last" } ] }, "withinCountry": { "type": "boolean", "description": "Restrict the data center virtual IP addresses (VIPs) only to those within the same country as the source IP address" }, "comment": { "type": "string", "description": "Additional information about this GRE tunnel" }, "ipUnnumbered": { "type": "boolean", "description": "This is required to support the automated SD-WAN provisioning of GRE tunnels, when set to true gre_tun_ip and gre_tun_id are set to null" }, "subcloud": { "type": "string", "description": "

Restrict the data center virtual IP addresses (VIPs) only to those part of the subcloud

" } }, "description": "GRE tunnel information" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/addGreTunnel" }, "task": true }, { "name": "validateAndGetAvailableInternalIpRanges", "summary": "validateAndGetAvailableInternalIpRanges", "description": "Gets the next available GRE tunnel internal IP address ranges.", "input": [ { "name": "internalIpRange", "type": "string", "info": "Internal IP range information.: string", "required": false, "schema": { "title": "internalIpRange", "type": "string" } }, { "name": "staticIp", "type": "string", "info": "Static IP information.: string", "required": false, "schema": { "title": "staticIp", "type": "string" } }, { "name": "limit", "type": "number", "info": "The maximum number of GRE tunnel IP ranges that can be added.: 123", "required": false, "schema": { "title": "limit", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "GreTunnelIPRange", "type": "object", "properties": { "startIPAddress": { "type": "string", "description": "Starting IP address in the range" }, "endIPAddress": { "type": "string", "description": "Ending IP address in the range" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/validateAndGetAvailableInternalIpRanges" }, "task": true }, { "name": "getGreTunelById", "summary": "getGreTunelById", "description": "Gets the GRE tunnel information for the specified ID.", "input": [ { "name": "id", "type": "number", "info": "The unique identifier for the GRE tunnel.: 123", "required": true, "schema": { "title": "id", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getGreTunelById" }, "task": true }, { "name": "updateGreTunnel", "summary": "updateGreTunnel", "description": "Updates the GRE tunnel information for the specified ID.", "input": [ { "name": "id", "type": "number", "info": "The unique identifier for the GRE tunnel.: 123", "required": true, "schema": { "title": "id", "type": "number" } }, { "name": "body", "type": "object", "info": "GRE tunnel information.: object", "required": true, "schema": { "allOf": [ { "type": "object" }, { "description": "GRE tunnel information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateGreTunnel" }, "task": true }, { "name": "deleteGreTunnel", "summary": "deleteGreTunnel", "description": "Deletes the GRE tunnel information for the specified ID.", "input": [ { "name": "id", "type": "number", "info": "The unique identifier for the GRE tunnel.: 123", "required": true, "schema": { "title": "id", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteGreTunnel" }, "task": true }, { "name": "getIPv6Configuration", "summary": "getIPv6Configuration", "description": "Gets the IPv6 configuration details for the organization. For information about IPv6 support, see Understanding IPv6 Support .", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getIPv6Configuration" }, "task": true }, { "name": "getDns64Prefixes", "summary": "getDns64Prefixes", "description": "Gets the list of NAT64 prefixes configured as the DNS64 prefix for the organization. To learn more, see About the DNS64 Prefix .", "input": [ { "name": "search", "type": "string", "info": "The search string used to match against a DNS64 prefix’s name , description , or prefixMask attributes.: string", "required": false, "schema": { "title": "search", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IPv6PrefixMask", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for the NAT64 prefix." }, "name": { "type": "string", "description": "The name of the NAT64 prefix." }, "description": { "type": "string", "description": "The description of the NAT64 prefix." }, "prefixMask": { "type": "string", "description": "The subnet mask for the NAT64 prefix." }, "dnsPrefix": { "type": "boolean", "description": "Indicates whether or not this NAT64 prefix is the DNS64 prefix." }, "nonEditable": { "type": "boolean", "description": "Indicates whether or not this NAT64 prefix is editable." } }, "description": "NAT64/DNS64 prefix information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getDns64Prefixes" }, "task": true }, { "name": "getNat64Prefixes", "summary": "getNat64Prefixes", "description": "Gets the list of NAT64 prefixes configured for the organization. The prefix which has the dnsPrefix field set to true is identified as the DNS64 prefix. To learn more, see About NAT64 Prefixes .", "input": [ { "name": "search", "type": "string", "info": "The search string used to match against a NAT64 prefix’s name , description , or prefixMask attributes.: string", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 100 and the maximum size is 1000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IPv6PrefixMask", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for the NAT64 prefix." }, "name": { "type": "string", "description": "The name of the NAT64 prefix." }, "description": { "type": "string", "description": "The description of the NAT64 prefix." }, "prefixMask": { "type": "string", "description": "The subnet mask for the NAT64 prefix." }, "dnsPrefix": { "type": "boolean", "description": "Indicates whether or not this NAT64 prefix is the DNS64 prefix." }, "nonEditable": { "type": "boolean", "description": "Indicates whether or not this NAT64 prefix is editable." } }, "description": "NAT64/DNS64 prefix information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNat64Prefixes" }, "task": true }, { "name": "getIPGWDetails", "summary": "getIPGWDetails", "description": "Gets a list of IP addresses with GRE tunnel details.", "input": [ { "name": "ipAddresses", "type": "array", "info": "Filter based on an IP address range.: array", "required": false, "schema": { "title": "ipAddresses", "type": "array" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "IpDetails", "type": "object", "properties": { "ipAddress": { "type": "string" }, "greEnabled": { "type": "boolean", "default": false }, "greTunnelIP": { "type": "string" }, "primaryGW": { "type": "string" }, "secondaryGW": { "type": "string" }, "tunID": { "type": "integer" }, "greRangePrimary": { "type": "string" }, "greRangeSecondary": { "type": "string" } } }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getIPGWDetails" }, "task": true }, { "name": "getRegionByGeoCoordinates", "summary": "getRegionByGeoCoordinates", "description": "Retrieves the geographical data of the region or city that is located in the specified latitude and longitude coordinates. The geographical data includes the city name, state, country, geographical ID of the city and state, etc.", "input": [ { "name": "latitude", "type": "number", "info": "The latitude coordinate of the city or region: 123", "required": true, "schema": { "title": "latitude", "type": "number" } }, { "name": "longitude", "type": "number", "info": "The longitude coordinate of the city or region: 123", "required": true, "schema": { "title": "longitude", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getRegionByGeoCoordinates" }, "task": true }, { "name": "getRegionBySrcIPAddress", "summary": "getRegionBySrcIPAddress", "description": "Retrieves information about the geo-location of the specified IP address, including the city, state, and country of location, geographical ID of the city and state, postal code, etc.", "input": [ { "name": "ip", "type": "string", "info": "The IP address for which you want to retrieve the geo-location and other geographical data.: string", "required": true, "schema": { "title": "ip", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getRegionBySrcIPAddress" }, "task": true }, { "name": "getRegionsByPrefix", "summary": "getRegionsByPrefix", "description": "Retrieves the list of cities (along with their geographical data) that match the prefix search. The geographical data includes the latitude and longitude coordinates of the city, geographical ID of the city and state, country, postal code, etc.", "input": [ { "name": "prefix", "type": "string", "info": "The string used in the prefix search of the city or region. The prefix can contain names of city, state, country in the following format: city name, state name, country...(description truncated): string", "required": false, "schema": { "title": "prefix", "type": "string" } }, { "name": "page", "type": "number", "info": "Specifies the page offset: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 100 and the maximum size is 1,000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "RegionInfo", "type": "object", "properties": { "cityGeoId": { "type": "integer", "description": "The geographical ID of the city" }, "stateGeoId": { "type": "integer", "description": "The geographical ID of the state" }, "latitude": { "type": "number", "description": "The latitude coordinate of the city" }, "longitude": { "type": "number", "description": "The longitude coordinate of the city" }, "cityName": { "type": "string", "description": "The name of the city" }, "stateName": { "type": "string", "description": "The name of the state, province, or territory of a country" }, "countryName": { "type": "string", "description": "The name of the country" }, "countryCode": { "type": "string", "description": "The ISO standard two-letter country code" }, "postalCode": { "type": "string", "description": "The postal code" }, "continentCode": { "type": "string", "description": "The ISO standard two-letter continent code" } }, "description": "Information about a region or a city" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getRegionsByPrefix" }, "task": true }, { "name": "getAllStaticIPs", "summary": "getAllStaticIPs", "description": "Gets all provisioned static IP addresses.", "input": [ { "name": "availableForGreTunnel", "type": "boolean", "info": "Set to true to get only the static IP addresses that are not yet associated to a GRE tunnel.: boolean", "required": false, "schema": { "title": "availableForGreTunnel", "type": "boolean" } }, { "name": "ipAddress", "type": "string", "info": "Filter based on IP address: string", "required": false, "schema": { "title": "ipAddress", "type": "string" } }, { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 100, but the maximum size is 1000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "StaticIP", "required": [ "latitude", "longitude" ], "type": "object", "properties": { "id": { "type": "integer", "description": "The unique identifier for the static IP address", "readOnly": true }, "ipAddress": { "type": "string", "description": "The static IP address" }, "geoOverride": { "type": "boolean", "description": "If not set, geographic coordinates and city are automatically determined from the IP address. Otherwise, the latitude and longitude coordinates must be provided." }, "latitude": { "type": "number", "description": "Required only if the geoOverride attribute is set. Latitude with 7 digit precision after decimal point, ranges between -90 and 90 degrees." }, "longitude": { "type": "number", "description": "Required only if the geoOverride attribute is set. Longitude with 7 digit precision after decimal point, ranges between -180 and 180 degrees." }, "routableIP": { "type": "boolean", "description": "Indicates whether a non-RFC 1918 IP address is publicly routable. This attribute is ignored if there is no ZIA Private Service Edge associated to the organization." }, "managedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] }, "lastModificationTime": { "type": "integer", "description": "When the static IP address was last modified", "readOnly": true }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] }, "comment": { "type": "string", "description": "Additional information about this static IP address" } }, "description": "Static IP address information" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getAllStaticIPs" }, "task": true }, { "name": "addStaticIP", "summary": "addStaticIP", "description": "Adds a static IP address.", "input": [ { "name": "body", "type": "object", "info": "Static IP address information.: object", "required": true, "schema": { "allOf": [ { "type": "object" }, { "description": "Static IP address information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/addStaticIP" }, "task": true }, { "name": "validateIPAddress", "summary": "validateIPAddress", "description": "Validates the static IP address.", "input": [ { "name": "body", "type": "object", "info": "The static IP address information.: object", "required": true, "schema": { "allOf": [ { "type": "object" }, { "description": "The static IP address information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/validateIPAddress" }, "task": true }, { "name": "getStaticIPById", "summary": "getStaticIPById", "description": "Gets static IP address for the specified ID", "input": [ { "name": "id", "type": "number", "info": "The unique identifier for the provisioned static IP address.: 123", "required": true, "schema": { "title": "id", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getStaticIPById" }, "task": true }, { "name": "updateStaticIP", "summary": "updateStaticIP", "description": "Updates the static IP address for the specified ID.", "input": [ { "name": "id", "type": "number", "info": "The unique identifier for the provisioned static IP address.: 123", "required": true, "schema": { "title": "id", "type": "number" } }, { "name": "body", "type": "object", "info": "The static IP address information.: object", "required": true, "schema": { "allOf": [ { "type": "object" }, { "description": "The static IP address information." } ] } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateStaticIP" }, "task": true }, { "name": "deleteStaticIP", "summary": "deleteStaticIP", "description": "Deletes the static IP address for the specified ID.", "input": [ { "name": "id", "type": "number", "info": "The unique identifier for the provisioned static IP address.: 123", "required": true, "schema": { "title": "id", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteStaticIP" }, "task": true }, { "name": "getZscalerNodesDetails", "summary": "getZscalerNodesDetails", "description": "Gets a paginated list of the virtual IP addresses (VIPs) available in the Zscaler cloud, including region and data center information. By default, the request gets all public VIPs in the cloud, but you can also include private or all VIPs in the request, if necessary. \n", "input": [ { "name": "dc", "type": "string", "info": "Filter based on data center.: string", "required": false, "schema": { "title": "dc", "type": "string" } }, { "name": "region", "type": "string", "info": "Filter based on region.: string", "required": false, "schema": { "title": "region", "type": "string" } }, { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 100, but the maximum size is 1000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } }, { "name": "include", "type": "string", "info": "Include all, private, or public VIPs in the list.: ", "required": false, "schema": { "title": "include", "enum": [ "all", "private", "public" ], "type": "string" } }, { "name": "subcloud", "type": "string", "info": "Filter based on the subcloud for the VIP. To learn more see, About Subcloud .: string", "required": false, "schema": { "title": "subcloud", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "PublicNode", "type": "object", "properties": { "cloudName": { "type": "string", "description": "The Zscaler cloud name." }, "region": { "type": "string", "description": "The region." }, "country": { "type": "string", "description": "The country." }, "city": { "type": "string", "description": "The city." }, "dataCenter": { "type": "string", "description": "Data center name." }, "location": { "type": "string", "description": "The location coordinates." }, "vpnIps": { "type": "array", "items": { "type": "string" }, "description": "The VPN IP addresses." }, "vpnDomainName": { "type": "string", "description": "The VPN server domain name." }, "greIps": { "type": "array", "items": { "type": "string" }, "description": "The GRE IP addresses." }, "greDomainName": { "type": "string", "description": "The proxy host name." }, "pacIps": { "type": "array", "items": { "type": "string" }, "description": "The PAC IP addresses." }, "pacDomainName": { "type": "string", "description": "The PAC server domain name." }, "svpnIps": { "type": "array", "items": { "type": "string" }, "description": "The PAC IP addresses." }, "svpnDomainName": { "type": "string", "description": "The PAC server domain name." } }, "description": "Public node details" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getZscalerNodesDetails" }, "task": true }, { "name": "getRecommendedVipsGroupedByDC", "summary": "getRecommendedVipsGroupedByDC", "description": "Gets a list of recommended GRE tunnel virtual IP addresses (VIPs), grouped by data center, based on source IP address or latitude/longitude coordinates.", "input": [ { "name": "routableIP", "type": "boolean", "info": "The routable IP address.: boolean", "required": false, "schema": { "title": "routableIP", "type": "boolean" } }, { "name": "withinCountryOnly", "type": "boolean", "info": "Search within country only.: boolean", "required": false, "schema": { "title": "withinCountryOnly", "type": "boolean" } }, { "name": "includePrivateServiceEdge", "type": "boolean", "info": "Include ZIA Private Service Edge VIPs.: boolean", "required": false, "schema": { "title": "includePrivateServiceEdge", "type": "boolean" } }, { "name": "includeCurrentVips", "type": "boolean", "info": "Include currently assigned VIPs.: boolean", "required": false, "schema": { "title": "includeCurrentVips", "type": "boolean" } }, { "name": "sourceIp", "type": "string", "info": "The source IP address.: string", "required": false, "schema": { "title": "sourceIp", "type": "string" } }, { "name": "latitude", "type": "number", "info": "The latitude coordinate of the GRE tunnel source.: 123", "required": false, "schema": { "title": "latitude", "type": "number" } }, { "name": "longitude", "type": "number", "info": "The longitude coordinate of the GRE tunnel source.: 123", "required": false, "schema": { "title": "longitude", "type": "number" } }, { "name": "subcloud", "type": "string", "info": "The subcloud for the VIP. To learn more see, About Subcloud .: string", "required": false, "schema": { "title": "subcloud", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "DatacenterVips", "type": "object", "properties": { "datacenter": { "allOf": [ { "title": "Datacenter", "type": "object", "properties": { "datacenter": { "type": "string", "description": "Zscaler data center name.", "readOnly": true } }, "description": "Zscaler data center information." }, { "description": "Zscaler data center details." } ] }, "greVips": { "type": "array", "items": { "title": "GreVirtualIp", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifer of the GRE virtual IP address (VIP)" }, "virtualIp": { "type": "string", "description": "GRE cluster virtual IP address (VIP)" }, "privateServiceEdge": { "type": "boolean", "description": "Set to true if the virtual IP address (VIP) is a ZIA Private Service Edge", "readOnly": true }, "datacenter": { "type": "string", "description": "Data center information", "readOnly": true } }, "description": "GRE cluster virtual IP address (VIP) and data center information" }, "description": "GRE cluster virtual IP addresses (VIPs)." } }, "description": "GRE cluster virtual IP addresses (VIPs) that belong to a Zscaler data center." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getRecommendedVipsGroupedByDC" }, "task": true }, { "name": "getRecommendedGreVips", "summary": "getRecommendedGreVips", "description": "Gets a list of recommended GRE tunnel virtual IP addresses (VIPs), based on source IP address or latitude/longitude coordinates.", "input": [ { "name": "routableIP", "type": "boolean", "info": "The routable IP address.: boolean", "required": false, "schema": { "title": "routableIP", "type": "boolean" } }, { "name": "withinCountryOnly", "type": "boolean", "info": "Search within country only.: boolean", "required": false, "schema": { "title": "withinCountryOnly", "type": "boolean" } }, { "name": "includePrivateServiceEdge", "type": "boolean", "info": "Include ZIA Private Service Edge VIPs.: boolean", "required": false, "schema": { "title": "includePrivateServiceEdge", "type": "boolean" } }, { "name": "includeCurrentVips", "type": "boolean", "info": "Include currently assigned VIPs.: boolean", "required": false, "schema": { "title": "includeCurrentVips", "type": "boolean" } }, { "name": "sourceIp", "type": "string", "info": "The source IP address.: string", "required": false, "schema": { "title": "sourceIp", "type": "string" } }, { "name": "latitude", "type": "number", "info": "The latitude coordinate of the GRE tunnel source.: 123", "required": false, "schema": { "title": "latitude", "type": "number" } }, { "name": "longitude", "type": "number", "info": "The longitude coordinate of the GRE tunnel source.: 123", "required": false, "schema": { "title": "longitude", "type": "number" } }, { "name": "subcloud", "type": "string", "info": "The subcloud for the VIP. To learn more see, About Subcloud .: string", "required": false, "schema": { "title": "subcloud", "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "GreVirtualIp", "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifer of the GRE virtual IP address (VIP)" }, "virtualIp": { "type": "string", "description": "GRE cluster virtual IP address (VIP)" }, "privateServiceEdge": { "type": "boolean", "description": "Set to true if the virtual IP address (VIP) is a ZIA Private Service Edge", "readOnly": true }, "datacenter": { "type": "string", "description": "Data center information", "readOnly": true } }, "description": "GRE cluster virtual IP address (VIP) and data center information" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getRecommendedGreVips" }, "task": true }, { "name": "getAuthExemptedUrls", "summary": "getAuthExemptedUrls", "description": "Gets a list of URLs that were exempted from cookie authentication . To learn more, see URL Format Guidelines .", "input": [], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAuthExemptedUrls" }, "task": true }, { "name": "updateAuthExemptedUrls", "summary": "updateAuthExemptedUrls", "description": "Adds a URL to or removes a URL from the cookie authentication exempt list. To add a URL to the list, set the action parameter to ADD_TO_LIST . To remove a URL, set action to REMOVE_FROM_LIST .", "input": [ { "name": "action", "type": "string", "info": "The action applied to the exempted URLs list (i.e., adding a URL or removing a URL).: ", "required": true, "schema": { "title": "action", "enum": [ "ADD_TO_LIST", "REMOVE_FROM_LIST" ], "type": "string" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/updateAuthExemptedUrls" }, "task": true }, { "name": "getWorkloadGroups", "summary": "getWorkloadGroups", "description": "Gets the list of workload groups configured in the ZIA Admin Portal. You can configure the workload groups as criteria in various policies including Data Loss Prevention, URL Filtering, SSL Inspection, and Firewall Filtering rules. To learn more, see About Workload Groups and Configuring Workload Groups .", "input": [ { "name": "page", "type": "number", "info": "Specifies the page offset: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 250 and the maximum size is 1,000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "WorkloadGroup", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier assigned to the workload group" }, "name": { "type": "string", "description": "The name of the workload group" }, "description": { "type": "string", "description": "The description of the workload group" }, "expressionJson": { "title": "WorkloadTagExpression", "type": "object", "properties": { "expressionContainers": { "type": "array", "items": { "title": "ExpressionContainer", "type": "object", "properties": { "tagType": { "allOf": [ { "title": "TagType", "enum": [ "ANY", "VPC", "SUBNET", "VM", "ENI", "ATTR" ], "type": "string", "description": "The tag type selected from a predefined list" }, { "description": "The tag type selected from a predefined list" } ] }, "operator": { "allOf": [ { "title": "Operator", "enum": [ "AND", "OR", "OPEN_PARENTHESES", "CLOSE_PARENTHESES" ], "type": "string", "description": "The operator (either AND or OR) used to create logical relationships among tag types" }, { "description": "The operator (either AND or OR) used to create logical relationships among tag types" } ] }, "tagContainer": { "allOf": [ { "title": "TagContainer", "type": "object", "properties": { "tags": { "type": "array", "items": { "title": "Tag", "type": "object", "properties": { "key": { "type": "string", "description": "The key component present in the key-value pair contained in a tag" }, "value": { "type": "string", "description": "The value component present in the key-value pair contained in a tag" } }, "description": "The list of tags (key-value pairs) selected within a tag type" }, "description": "

One or more tags, each consisting of a key-value pair, selected within a tag type. If multiple tags are present within a tag type, they are combined using a logical operator.

Note: A maximum of 8 tags can be added to a workload group, irrespective of the number of tag types present.

" }, "operator": { "allOf": [ { "title": "Operator1", "enum": [ "AND", "OR", "OPEN_PARENTHESES", "CLOSE_PARENTHESES" ], "type": "string", "description": "The logical operator (either AND or OR) used to combine the tags within a tag type" }, { "description": "The logical operator (either AND or OR) used to combine the tags within a tag type" } ] } }, "description": "One or more tags combined using logical operators within a tag type" }, { "description": "One or more tags combined using logical operators within a tag type" } ] } }, "description": "One or more tag types (and associated tags) combined using logical operators within a workload group" }, "description": "Contains one or more tag types (and associated tags) combined using logical operators within a workload group" } } }, "expression": { "type": "string", "description": "The workload group expression containing tag types, tags, and their relationships." }, "lastModifiedTime": { "type": "integer", "description": "Timestamp when the workload group was last modified" }, "lastModifiedBy": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] } }, "description": "Workload group information" }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getWorkloadGroups" }, "task": true }, { "name": "getLocationGroups", "summary": "getLocationGroups", "description": "Gets information on location groups. To learn more, see About Location Groups .", "input": [ { "name": "version", "type": "number", "info": "The version parameter is for Zscaler internal use only. The version is used by the service for backup operations.: 123", "required": false, "schema": { "title": "version", "type": "number" } }, { "name": "name", "type": "string", "info": "The location group's name.: string", "required": false, "schema": { "title": "name", "type": "string" } }, { "name": "groupType", "type": "string", "info": "The location group's type (i.e., Static or Dynamic).: string", "required": false, "schema": { "title": "groupType", "type": "string" } }, { "name": "comments", "type": "string", "info": "Additional comments or information about the location group.: string", "required": false, "schema": { "title": "comments", "type": "string" } }, { "name": "locationId", "type": "number", "info": "The unique identifier for a location within a location group.: 123", "required": false, "schema": { "title": "locationId", "type": "number" } }, { "name": "lastModUser", "type": "string", "info": "The admin who modified the location group last.: string", "required": false, "schema": { "title": "lastModUser", "type": "string" } }, { "name": "page", "type": "number", "info": "Specifies the page offset.: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "pageSize", "type": "number", "info": "Specifies the page size. The default size is 100, but the maximum size is 1000.: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "type": "array", "items": { "title": "LocationGroup", "required": [ "name" ], "type": "object", "properties": { "id": { "type": "integer", "description": "Unique identifier for the location group", "readOnly": true }, "name": { "type": "string", "description": "Location group name" }, "deleted": { "type": "boolean", "description": "Indicates the location group was deleted", "readOnly": true }, "groupType": { "allOf": [ { "title": "GroupType1", "enum": [ "STATIC_GROUP", "DYNAMIC_GROUP" ], "type": "string", "description": "The location group's type (i.e., Static or Dynamic)" }, { "description": "The location group's type (i.e., Static or Dynamic)" } ] }, "dynamicLocationGroupCriteria": { "allOf": [ { "title": "DynamicLocationGroupCriteria", "type": "object", "properties": { "name": { "title": "StringFilter", "type": "object", "properties": { "matchString": { "type": "string", "description": "String value to be matched or partially matched" }, "matchType": { "allOf": [ { "title": "MatchType", "enum": [ "CONTAINS", "EQUALS", "STARTS_WITH", "ENDS_WITH" ], "type": "string", "description": "Operator that performs match action" }, { "description": "Operator that performs match action" } ] } } }, "countries": { "type": "array", "items": { "title": "Country5", "type": "string" }, "description": "One or more countries from a predefined set" }, "city": { "title": "StringFilter", "type": "object", "properties": { "matchString": { "type": "string", "description": "String value to be matched or partially matched" }, "matchType": { "allOf": [ { "title": "MatchType", "enum": [ "CONTAINS", "EQUALS", "STARTS_WITH", "ENDS_WITH" ], "type": "string", "description": "Operator that performs match action" }, { "description": "Operator that performs match action" } ] } } }, "managedBy": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "One or more values from a predefined set of SD-WAN partner list to display partner names." }, "enforceAuthentication": { "type": "boolean", "description": "Enforce Authentication. Required when ports are enabled, IP Surrogate is enabled, or Kerberos Authentication is enabled." }, "enforceAup": { "type": "boolean", "description": "Enable AUP. When set to true, AUP is enabled for the location." }, "enforceFirewallControl": { "type": "boolean", "description": "Enable Firewall. When set to true, Firewall is enabled for the location." }, "enableXffForwarding": { "type": "boolean", "description": "Enable XFF Forwarding. When set to true, traffic is passed to Zscaler Cloud via the X-Forwarded-For (XFF) header." }, "enableCaution": { "type": "boolean", "description": "Enable Caution. When set to true, a caution notifcation is enabled for the location." }, "enableBandwidthControl": { "type": "boolean", "description": "Enable Bandwidth Control. When set to true, Bandwidth Control is enabled for the location." }, "profiles": { "type": "array", "items": { "title": "Profile1", "enum": [ "NONE", "CORPORATE", "SERVER", "GUESTWIFI", "IOT" ], "type": "string" }, "description": "One or more location profiles from a predefined set" } }, "description": "Dynamic location group information." }, { "description": "Dynamic location group information." } ] }, "locations": { "type": "array", "items": { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, "description": "The Name-ID pairs of the locations that are assigned to the static location group. This is ignored if the groupType is Dynamic." }, "comments": { "type": "string", "description": "Additional information about the location group" }, "lastModUser": { "allOf": [ { "title": "EntityReference", "type": "object", "properties": { "id": { "type": "integer", "description": "A unique identifier for an entity" }, "name": { "type": "string", "description": "The configured name of the entity", "readOnly": true }, "externalId": { "type": "string", "description": "An external identifier used for an entity that is managed outside of ZIA. Examples include zpaServerGroup and zpaAppSegments. This field is not applicable to ZIA-managed entities." }, "extensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the entity" } }, "description": "This is an immutable reference to an entity. which mainly consists of id and name" }, { "description": "This is an immutable reference to an entity. which mainly consists of id and name" } ] }, "lastModTime": { "type": "integer", "description": "Automatically populated with the current time, after a successful POST or PUT request.", "readOnly": true }, "predefined": { "type": "boolean" } }, "description": "Location group information." }, "description": "" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getLocationGroups" }, "task": true }, { "name": "postUrlCategoriesReviewDomain", "summary": "URL Categories - Review Domain", "description": "URL Categories - Review Domain", "input": [ { "name": "body", "type": "array", "info": "The list of URLs that must be matched against the entries present in existing custom URL categories", "required": true, "schema": { "title": "body", "type": "array" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postUrlCategoriesReviewDomain" }, "task": true }, { "name": "putUrlCategoriesReviewDomainAddURLs", "summary": "URL Categories - Review Domain - Add URLs", "description": "URL Categories - Review Domain - Add URLs", "input": [ { "name": "body", "type": "array", "info": "Information about the URLs (of Subdomain type) and the respective custom categories to which they must be added.", "required": true, "schema": { "title": "body", "type": "array" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putUrlCategoriesReviewDomainAddURLs" }, "task": true }, { "name": "getWebApplicationRulesRuleTypeAvailableActions", "summary": "Fetches the granular actions supported for the applications.", "description": "Fetches the granular actions supported for the applications.", "input": [ { "name": "ruleType", "type": "string", "info": "The rule type selected from the available options. Available values : [ \"SOCIAL_NETWORKING\", \"STREAMING_MEDIA\", \"WEBMAIL\", \"INSTANT_MESSAGING\", \"BUSINESS_PRODU...(description truncated): string", "required": true, "schema": { "title": "ruleType", "type": "string" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getWebApplicationRulesRuleTypeAvailableActions" }, "task": true }, { "name": "getWebApplicationRulesRuleTypeMapping", "summary": "Gets the backend keys that match the application type string.", "description": "Gets the backend keys that match the application type string.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getWebApplicationRulesRuleTypeMapping" }, "task": true }, { "name": "getWebApplicationRulesRuleType", "summary": "Gets the list of cloud application rules by the type of rule.", "description": "Gets the list of cloud application rules by the type of rule.", "input": [ { "name": "ruleType", "type": "string", "info": "The rule type selected from the available options. Available values : [ \"SOCIAL_NETWORKING\", \"STREAMING_MEDIA\", \"WEBMAIL\", \"INSTANT_MESSAGING\", \"BUSINESS_PRODUC...(description truncated): string", "required": true, "schema": { "title": "ruleType", "type": "string" } }, { "name": "search", "type": "string", "info": "The search string used to match against a rule type option.: string", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getWebApplicationRulesRuleType" }, "task": true }, { "name": "postWebApplicationRulesRuleType", "summary": "Adds a new cloud application rule.", "description": "Adds a new cloud application rule.", "input": [ { "name": "ruleType", "type": "string", "info": "The rule type selected from the available options. Available values : [ \"SOCIAL_NETWORKING\", \"STREAMING_MEDIA\", \"WEBMAIL\", \"INSTANT_MESSAGING\", \"BUSINESS_PRODU...(description truncated): string", "required": true, "schema": { "title": "ruleType", "type": "string" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postWebApplicationRulesRuleType" }, "task": true }, { "name": "postWebApplicationRulesRuleTypeRuleId", "summary": "Duplicates a Cloud App Control policy rule.", "description": "Duplicates a Cloud App Control policy rule.", "input": [ { "name": "ruleType", "type": "string", "info": "The rule type selected from the available options. Available values : [ \"SOCIAL_NETWORKING\", \"STREAMING_MEDIA\", \"WEBMAIL\", \"INSTANT_MESSAGING\", \"BUSINESS_PRODU...(description truncated): string", "required": true, "schema": { "title": "ruleType", "type": "string" } }, { "name": "ruleId", "type": "number", "info": "The ID of the Cloud App Control policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "name", "type": "string", "info": "The duplicated Cloud App Control policy rule's name.: string", "required": false, "schema": { "title": "name", "type": "string" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postWebApplicationRulesRuleTypeRuleId" }, "task": true }, { "name": "getWebApplicationRulesRuleTypeRuleId", "summary": "Gets a Cloud App Control policy rule by the rule type and ID.", "description": "Gets a Cloud App Control policy rule by the rule type and ID.", "input": [ { "name": "ruleType", "type": "string", "info": "The rule type selected from the available options. Available values : [ \"SOCIAL_NETWORKING\", \"STREAMING_MEDIA\", \"WEBMAIL\", \"INSTANT_MESSAGING\", \"BUSINESS_PRODU...(description truncated): string", "required": true, "schema": { "title": "ruleType", "type": "string" } }, { "name": "ruleId", "type": "number", "info": "The ID of the Cloud App Control policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getWebApplicationRulesRuleTypeRuleId" }, "task": true }, { "name": "putWebApplicationRulesRuleTypeRuleId", "summary": "Updates the Cloud App Control policy rule.", "description": "Updates the Cloud App Control policy rule.", "input": [ { "name": "ruleType", "type": "string", "info": "The rule type selected from the available options. Available values : [ \"SOCIAL_NETWORKING\", \"STREAMING_MEDIA\", \"WEBMAIL\", \"INSTANT_MESSAGING\", \"BUSINESS_PRODU...(description truncated): string", "required": true, "schema": { "title": "ruleType", "type": "string" } }, { "name": "ruleId", "type": "number", "info": "The ID of the Cloud App Control policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putWebApplicationRulesRuleTypeRuleId" }, "task": true }, { "name": "deleteWebApplicationRulesRuleTypeRuleId", "summary": "Deletes a Cloud App Control policy rule.", "description": "Deletes a Cloud App Control policy rule.", "input": [ { "name": "ruleType", "type": "string", "info": "The rule type selected from the available options. Available values : [ \"SOCIAL_NETWORKING\", \"STREAMING_MEDIA\", \"WEBMAIL\", \"INSTANT_MESSAGING\", \"BUSINESS_PRODU...(description truncated): string", "required": true, "schema": { "title": "ruleType", "type": "string" } }, { "name": "ruleId", "type": "number", "info": "The ID of the Cloud App Control policy rule.: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteWebApplicationRulesRuleTypeRuleId" }, "task": true }, { "name": "postForwardingRules", "summary": "Adds a new forwarding rule. To learn more, see Configuring Forwarding Policy.", "description": "Adds a new forwarding rule. To learn more, see Configuring Forwarding Policy.", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postForwardingRules" }, "task": true }, { "name": "getForwardingRulesRuleId", "summary": "Gets information for a forwarding rule using the specified ID", "description": "Gets information for a forwarding rule using the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "The ID of the forwarding rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getForwardingRulesRuleId" }, "task": true }, { "name": "putForwardingRulesRuleId", "summary": "Updates information for a forwarding rule using the specified ID", "description": "Updates information for a forwarding rule using the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "The ID of the forwarding rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putForwardingRulesRuleId" }, "task": true }, { "name": "deleteForwardingRulesRuleId", "summary": "Deletes a forwarding rule using the specified ID", "description": "Deletes a forwarding rule using the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "The ID of the forwarding rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteForwardingRulesRuleId" }, "task": true }, { "name": "postZpaGateways", "summary": "Adds a new custom ZPA gateway. The ZPA gateway can be used in a forwarding control policy to forwar", "description": "Adds a new custom ZPA gateway. The ZPA gateway can be used in a forwarding control policy to forward traffic to ZPA for Source IP Anchoring. To learn more, see Configuring ZPA Gateway.", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postZpaGateways" }, "task": true }, { "name": "getZpaGatewaysGatewayId", "summary": "Gets information for a ZPA gateway using the specified ID", "description": "Gets information for a ZPA gateway using the specified ID", "input": [ { "name": "gatewayId", "type": "number", "info": "The ID of the ZPA gateway: 123", "required": true, "schema": { "title": "gatewayId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getZpaGatewaysGatewayId" }, "task": true }, { "name": "putZpaGatewaysGatewayId", "summary": "Updates information for a ZPA gateway using the specified ID", "description": "Updates information for a ZPA gateway using the specified ID", "input": [ { "name": "gatewayId", "type": "number", "info": "The ID of the ZPA gateway: 123", "required": true, "schema": { "title": "gatewayId", "type": "number" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putZpaGatewaysGatewayId" }, "task": true }, { "name": "deleteZpaGatewaysGatewayId", "summary": "Deletes a ZPA gateway using the specified ID", "description": "Deletes a ZPA gateway using the specified ID", "input": [ { "name": "gatewayId", "type": "number", "info": "The ID of the ZPA gateway: 123", "required": true, "schema": { "title": "gatewayId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteZpaGatewaysGatewayId" }, "task": true }, { "name": "getProxyGateways", "summary": "Retrieves the proxy gateway information. To learn more, see About Gateways for Proxies.", "description": "Retrieves the proxy gateway information. To learn more, see About Gateways for Proxies.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getProxyGateways" }, "task": true }, { "name": "getProxyGatewaysLite", "summary": "Retrieves the name and ID of the proxy. To learn more, see About Gateways for Proxies.", "description": "Retrieves the name and ID of the proxy. To learn more, see About Gateways for Proxies.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getProxyGatewaysLite" }, "task": true }, { "name": "getAtpMalwareInspection", "summary": "Retrieves the traffic inspection configurations of Malware Protection policy", "description": "Retrieves the traffic inspection configurations of Malware Protection policy", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAtpMalwareInspection" }, "task": true }, { "name": "putAtpMalwareInspection", "summary": "Updates the traffic inspection configurations of Malware Protection policy", "description": "Updates the traffic inspection configurations of Malware Protection policy", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putAtpMalwareInspection" }, "task": true }, { "name": "getAtpMalwareProtocols", "summary": "Retrieves the protocol inspection configurations of Malware Protection policy", "description": "Retrieves the protocol inspection configurations of Malware Protection policy", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAtpMalwareProtocols" }, "task": true }, { "name": "putAtpMalwareProtocols", "summary": "Updates the protocol inspection configurations of Malware Protection policy", "description": "Updates the protocol inspection configurations of Malware Protection policy", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putAtpMalwareProtocols" }, "task": true }, { "name": "getMalwareSettings", "summary": "Retrieves the malware protection policy configuration details", "description": "Retrieves the malware protection policy configuration details", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getMalwareSettings" }, "task": true }, { "name": "putMalwareSettings", "summary": "Updates the malware protection policy configuration details", "description": "Updates the malware protection policy configuration details", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putMalwareSettings" }, "task": true }, { "name": "getMalwarePolicy", "summary": "Retrieves information about the security exceptions configured for the Malware Protection policy", "description": "Retrieves information about the security exceptions configured for the Malware Protection policy", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getMalwarePolicy" }, "task": true }, { "name": "putMalwarePolicy", "summary": "Updates security exceptions for the Malware Protection policy", "description": "Updates security exceptions for the Malware Protection policy", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/putMalwarePolicy" }, "task": true }, { "name": "getAdvancedThreatSettings", "summary": "Retrieves the advanced threat configuration settings in the ZIA Admin Portal", "description": "Retrieves the advanced threat configuration settings in the ZIA Admin Portal", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAdvancedThreatSettings" }, "task": true }, { "name": "putAdvancedThreatSettings", "summary": "Updates the advanced threat configuration settings.", "description": "Updates the advanced threat configuration settings.", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putAdvancedThreatSettings" }, "task": true }, { "name": "getMaliciousUrls", "summary": "Retrieves the malicious URLs added to the denylist in the Advanced Threat Protection (ATP) policy", "description": "Retrieves the malicious URLs added to the denylist in the Advanced Threat Protection (ATP) policy", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getMaliciousUrls" }, "task": true }, { "name": "putMaliciousUrls", "summary": "Updates the malicious URLs added to the denylist in ATP policy", "description": "Updates the malicious URLs added to the denylist in ATP policy", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putMaliciousUrls" }, "task": true }, { "name": "getSecurityExceptions", "summary": "Retrieves information about the security exceptions configured for the ATP policy", "description": "Retrieves information about the security exceptions configured for the ATP policy", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSecurityExceptions" }, "task": true }, { "name": "putSecurityExceptions", "summary": "Updates security exceptions for the ATP policy.", "description": "Updates security exceptions for the ATP policy.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/putSecurityExceptions" }, "task": true }, { "name": "getfileTypeRules", "summary": "Retrieves all the rules in the File Type Control policy.", "description": "Retrieves all the rules in the File Type Control policy.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getfileTypeRules" }, "task": true }, { "name": "postFileTypeRules", "summary": "Adds a new File Type Control policy rule.", "description": "Adds a new File Type Control policy rule.", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postFileTypeRules" }, "task": true }, { "name": "getLite", "summary": "Retrieves all the rules in the File Type Control policy.", "description": "Retrieves all the rules in the File Type Control policy.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getLite" }, "task": true }, { "name": "getFileTypeRulesRuleId", "summary": "Retrieves the File Type Control policy rule information for the specified ID.", "description": "Retrieves the File Type Control policy rule information for the specified ID.", "input": [ { "name": "ruleId", "type": "number", "info": "Unique identifier for the policy rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getFileTypeRulesRuleId" }, "task": true }, { "name": "putFileTypeRulesRuleId", "summary": "Updates the File Type Control policy rule information for the specified ID.", "description": "Updates the File Type Control policy rule information for the specified ID.", "input": [ { "name": "ruleId", "type": "number", "info": "Unique identifier for the policy rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putFileTypeRulesRuleId" }, "task": true }, { "name": "deleteFileTypeRulesRuleId", "summary": "Deletes a File Type Control policy rule information for the specified ID.", "description": "Deletes a File Type Control policy rule information for the specified ID.", "input": [ { "name": "ruleId", "type": "number", "info": "Unique identifier for the policy rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteFileTypeRulesRuleId" }, "task": true }, { "name": "getSandboxRules", "summary": "Retrieves the list of all Sandbox policy rules configured in the ZIA Admin Portal.", "description": "Retrieves the list of all Sandbox policy rules configured in the ZIA Admin Portal.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSandboxRules" }, "task": true }, { "name": "postSandboxRules", "summary": "Adds a Sandbox policy rule.", "description": "Adds a Sandbox policy rule.", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postSandboxRules" }, "task": true }, { "name": "getSandboxRulesRuleId", "summary": "Retrieves the Sandbox policy rule information based on the specified ID", "description": "Retrieves the Sandbox policy rule information based on the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "Unique identifier of the Sandbox policy rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getSandboxRulesRuleId" }, "task": true }, { "name": "putSandboxRulesRuleId", "summary": "Updates the Sandbox policy rule configuration for the specified ID", "description": "Updates the Sandbox policy rule configuration for the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "Unique identifier of the Sandbox policy rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putSandboxRulesRuleId" }, "task": true }, { "name": "deleteSandboxRulesRuleId", "summary": "Deletes the Sandbox policy rule based on the specified ID", "description": "Deletes the Sandbox policy rule based on the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "Unique identifier of the Sandbox policy rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteSandboxRulesRuleId" }, "task": true }, { "name": "getBehavioralAnalysisAdvancedSettings", "summary": "Gets the custom list of MD5 file hashes that are blocked by Sandbox", "description": "Gets the custom list of MD5 file hashes that are blocked by Sandbox", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getBehavioralAnalysisAdvancedSettings" }, "task": true }, { "name": "putBehavioralAnalysisAdvancedSettings", "summary": "Updates the custom list of MD5 file hashes that are blocked by Sandbox. This overwrites a previousl", "description": "Updates the custom list of MD5 file hashes that are blocked by Sandbox. This overwrites a previously generated blocklist. If you need to completely erase the blocklist, submit an empty list. Note: Only the file types that are supported by Sandbox analysis can be blocked using MD5 hashes.", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putBehavioralAnalysisAdvancedSettings" }, "task": true }, { "name": "getBehavioralAnalysisAdvancedSettingsFileHashCount", "summary": "Gets the used and unused quota for blocking MD5 file hashes with Sandbox", "description": "Gets the used and unused quota for blocking MD5 file hashes with Sandbox", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getBehavioralAnalysisAdvancedSettingsFileHashCount" }, "task": true }, { "name": "getAdvancedUrlFilterAndCloudAppSettings", "summary": "Retrieves information about URL and Cloud App Control advanced policy settings", "description": "Retrieves information about URL and Cloud App Control advanced policy settings", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAdvancedUrlFilterAndCloudAppSettings" }, "task": true }, { "name": "putAdvancedUrlFilterAndCloudAppSettings", "summary": "Updates the URL and Cloud App Control advanced policy settings", "description": "Updates the URL and Cloud App Control advanced policy settings", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putAdvancedUrlFilterAndCloudAppSettings" }, "task": true }, { "name": "getFirewallDnsRules", "summary": "Retrieves the list of DNS Control policy rules configured in the ZIA Admin Portal", "description": "Retrieves the list of DNS Control policy rules configured in the ZIA Admin Portal", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getFirewallDnsRules" }, "task": true }, { "name": "postFirewallDnsRules", "summary": "Adds a new DNS Control policy rule. To learn more, see Configuring the DNS Control Policy.", "description": "Adds a new DNS Control policy rule. To learn more, see Configuring the DNS Control Policy.", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postFirewallDnsRules" }, "task": true }, { "name": "getFirewallDnsRulesRuleId", "summary": "Retrieves the DNS Control policy rule information based on the specified ID", "description": "Retrieves the DNS Control policy rule information based on the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getFirewallDnsRulesRuleId" }, "task": true }, { "name": "putFirewallDnsRulesRuleId", "summary": "Updates the DNS Control policy rule information based on the specified ID. To learn more about the", "description": "Updates the DNS Control policy rule information based on the specified ID. To learn more about the rule configuration, see Configuring the DNS Control Policy.", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putFirewallDnsRulesRuleId" }, "task": true }, { "name": "deleteFirewallDnsRulesRuleId", "summary": "Deletes the DNS Control policy rule information based on the specified ID", "description": "Deletes the DNS Control policy rule information based on the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteFirewallDnsRulesRuleId" }, "task": true }, { "name": "getFirewallIpsRules", "summary": "Retrieves the list of IPS Control policy rules configured in the ZIA Admin Portal", "description": "Retrieves the list of IPS Control policy rules configured in the ZIA Admin Portal", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getFirewallIpsRules" }, "task": true }, { "name": "postFirewallIpsRules", "summary": "Adds a new IPS Control policy rule. To learn more, see Configuring the IPS Control Policy.", "description": "Adds a new IPS Control policy rule. To learn more, see Configuring the IPS Control Policy.", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postFirewallIpsRules" }, "task": true }, { "name": "getFirewallIpsRulesRuleId", "summary": "Retrieves the IPS Control policy rule information based on the specified ID", "description": "Retrieves the IPS Control policy rule information based on the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getFirewallIpsRulesRuleId" }, "task": true }, { "name": "putFirewallIpsRulesRuleId", "summary": "Updates the IPS Control policy rule information based on the specified ID", "description": "Updates the IPS Control policy rule information based on the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putFirewallIpsRulesRuleId" }, "task": true }, { "name": "deleteFirewallIpsRulesRuleId", "summary": "Deletes the IPS Control policy rule information based on the specified ID", "description": "Deletes the IPS Control policy rule information based on the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "The unique identifier for the rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteFirewallIpsRulesRuleId" }, "task": true }, { "name": "getAdvancedSettings", "summary": "Retrieves information about the advanced settings configured in the ZIA Admin Portal", "description": "Retrieves information about the advanced settings configured in the ZIA Admin Portal", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAdvancedSettings" }, "task": true }, { "name": "putAdvancedSettings", "summary": "Updates the advanced settings configuration in the ZIA Admin Portal. To learn more, see Configuring", "description": "Updates the advanced settings configuration in the ZIA Admin Portal. To learn more, see Configuring Advanced Settings.", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putAdvancedSettings" }, "task": true }, { "name": "getNssFeeds", "summary": "Retrieves the cloud NSS feeds configured in the ZIA Admin Portal", "description": "Retrieves the cloud NSS feeds configured in the ZIA Admin Portal", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getNssFeeds" }, "task": true }, { "name": "postNssFeeds", "summary": "Adds a new cloud NSS feed. To learn more, see Adding Cloud NSS Feeds.", "description": "Adds a new cloud NSS feed. To learn more, see Adding Cloud NSS Feeds.", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postNssFeeds" }, "task": true }, { "name": "getNssFeedsFeedId", "summary": "Retrieves information about cloud NSS feed based on the specified ID", "description": "Retrieves information about cloud NSS feed based on the specified ID", "input": [ { "name": "feedId", "type": "number", "info": "Unique identifier for the cloud NSS feed: 123", "required": true, "schema": { "title": "feedId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNssFeedsFeedId" }, "task": true }, { "name": "putNssFeedsFeedId", "summary": "Updates cloud NSS feed configuration based on the specified ID. To learn more, see Adding Cloud NSS", "description": "Updates cloud NSS feed configuration based on the specified ID. To learn more, see Adding Cloud NSS Feeds.", "input": [ { "name": "feedId", "type": "number", "info": "Unique identifier for the cloud NSS feed: 123", "required": true, "schema": { "title": "feedId", "type": "number" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putNssFeedsFeedId" }, "task": true }, { "name": "deleteNssFeedsFeedId", "summary": "Deletes cloud NSS feed configuration based on the specified ID", "description": "Deletes cloud NSS feed configuration based on the specified ID", "input": [ { "name": "feedId", "type": "number", "info": "Unique identifier for the cloud NSS feed: 123", "required": true, "schema": { "title": "feedId", "type": "number" } }, { "name": "cloudNss", "type": "boolean", "info": "A Boolean value indicating whether the feed is cloud NSS feed: boolean", "required": false, "schema": { "title": "cloudNss", "type": "boolean" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteNssFeedsFeedId" }, "task": true }, { "name": "getNssFeedsFeedOutputDefaults", "summary": "Retrieves the default cloud NSS feed output format for different log types", "description": "Retrieves the default cloud NSS feed output format for different log types", "input": [ { "name": "type", "type": "string", "info": "The type of logs that you are streaming. Available values : [ 0:\"ADMIN_AUDIT\" 1:\"WEBLOG\" 2:\"ALERT\" 3:\"FWLOG\" 4:\"DNSLOG\" 5:\"MULTIFEEDLOG\" 6:\"CASB_FILELOG\" 7:\"CASB_MAILLOG\"...(description truncated): [object Object]", "required": false, "schema": { "title": "type", "type": "string" } }, { "name": "multiFeedType", "type": "string", "info": "This field is used to set the multi-feed type to Tunnel. Available values : [ \"ANY\", \"NONE\", \"WEB\", \"FW\", \"DNS\", \"EMAIL\", \"NSSALERTS\", \"BW\", \"CSTAT\", ...(description truncated): string", "required": false, "schema": { "title": "multiFeedType", "type": "string" } }, { "name": "fieldFormat", "type": "string", "info": "The feed output type of your SIEM. Available values : [ \"QRADAR\", \"CSV\", \"TAB_SEPARATED\", \"SPLUNK_CIM\", \"ARCSIGHT_CEF\", \"SYMANTEC_MSS\", \"LOGRHYTHM\", \"NAME...(description truncated): string", "required": false, "schema": { "title": "fieldFormat", "type": "string" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNssFeedsFeedOutputDefaults" }, "task": true }, { "name": "getNssFeedsTestConnectivityFeedId", "summary": "Tests the connectivity of cloud NSS feed based on the specified ID", "description": "Tests the connectivity of cloud NSS feed based on the specified ID", "input": [ { "name": "feedId", "type": "number", "info": "Unique identifier for the cloud NSS feed: 123", "required": true, "schema": { "title": "feedId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNssFeedsTestConnectivityFeedId" }, "task": true }, { "name": "postNssFeedsValidateFeedFormat", "summary": "Validates the cloud NSS feed format and returns the validation result", "description": "Validates the cloud NSS feed format and returns the validation result", "input": [ { "name": "type", "type": "string", "info": "The cloud NSS log type. Available values : [ \"ADMIN_AUDIT\", \"VM_GBL_METRICS\", \"INST_GBL_METRICS\", \"DEVICE_METRICS\", \"WEBLOG\", \"ALERT\", \"TUNNEL_SAMPLES\", \"...(description truncated): [object Object]", "required": false, "schema": { "title": "type", "type": "string" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postNssFeedsValidateFeedFormat" }, "task": true }, { "name": "getOrgInformation", "summary": "Retrieves detailed organization information, including headquarter location, geolocation, address,", "description": "Retrieves detailed organization information, including headquarter location, geolocation, address, and contact details.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getOrgInformation" }, "task": true }, { "name": "getOrgInformationLite", "summary": "Retrieves minimal organization information.", "description": "Retrieves minimal organization information.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getOrgInformationLite" }, "task": true }, { "name": "getSubscriptions", "summary": "Retrieves information about the list of subscriptions enabled for your tenant. Subscriptions define", "description": "Retrieves information about the list of subscriptions enabled for your tenant. Subscriptions define the various features and levels of functionality that are available to your organization.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSubscriptions" }, "task": true }, { "name": "getRemoteAssistance", "summary": "Retrieves information about the Remote Assistance option configured in the ZIA Admin Portal. Using", "description": "Retrieves information about the Remote Assistance option configured in the ZIA Admin Portal. Using this option, you can allow Zscaler Support to access your organization’s ZIA Admin Portal for a specified time period to troubleshoot issues. To learn more, see Enabling Remote Assistance.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getRemoteAssistance" }, "task": true }, { "name": "putRemoteAssistance", "summary": "Retrieves information about the Remote Assistance option configured in the ZIA Admin Portal. Using", "description": "Retrieves information about the Remote Assistance option configured in the ZIA Admin Portal. Using this option, you can allow Zscaler Support to access your organization’s ZIA Admin Portal for a specified time period to troubleshoot issues. To learn more, see Enabling Remote Assistance.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/putRemoteAssistance" }, "task": true }, { "name": "getSslInspectionRules", "summary": "Retrieves all SSL inspection rules", "description": "Retrieves all SSL inspection rules", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getSslInspectionRules" }, "task": true }, { "name": "postSslInspectionRules", "summary": "Creates a new SSL inspection rule", "description": "Creates a new SSL inspection rule", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/postSslInspectionRules" }, "task": true }, { "name": "getSslInspectionRulesRuleId", "summary": "Retrieves the SSL inspection rule based on the specified ID", "description": "Retrieves the SSL inspection rule based on the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "Unique identifier for the SSL inspection rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getSslInspectionRulesRuleId" }, "task": true }, { "name": "putSslInspectionRulesRuleId", "summary": "Updates the SSL inspection rule based on the specified ID", "description": "Updates the SSL inspection rule based on the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "Unique identifier for the SSL inspection rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putSslInspectionRulesRuleId" }, "task": true }, { "name": "deleteSslInspectionRulesRuleId", "summary": "Deletes an existing SSL inspection rule based on the specified ID", "description": "Deletes an existing SSL inspection rule based on the specified ID", "input": [ { "name": "ruleId", "type": "number", "info": "Unique identifier for the SSL inspection rule: 123", "required": true, "schema": { "title": "ruleId", "type": "number" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/deleteSslInspectionRulesRuleId" }, "task": true }, { "name": "getCloudApplicationsPolicy", "summary": "Retrieves a list of Predefined and User Defined Cloud Applications associated with the DLP rules, C", "description": "Retrieves a list of Predefined and User Defined Cloud Applications associated with the DLP rules, Cloud App Control rules, Advanced Settings, Bandwidth Classes, and File Type Control rules. Retrieves AppInfo when groupResults is set to false and retrieves the application count grouped by application category when groupResults is set to true.", "input": [ { "name": "search", "type": "string", "info": "Filter application by name: string", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "pageSize", "type": "number", "info": "Set the size of response: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } }, { "name": "page", "type": "number", "info": "Set the page number of response: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "appClass", "type": "array", "info": "Filter application by application category. Available values : [ \"WEB_MAIL\", \"SOCIAL_NETWORKING\", \"STREAMING\", \"P2P\", \"INSTANT_MESSAGING\", \"WEB_SEARCH\", \"GE...(description truncated): array", "required": false, "schema": { "title": "appClass", "type": "array" } }, { "name": "groupResults", "type": "boolean", "info": "Show count of applications grouped by application category: boolean", "required": false, "schema": { "title": "groupResults", "type": "boolean" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getCloudApplicationsPolicy" }, "task": true }, { "name": "getCloudApplicationsSslPolicy", "summary": "Retrieves a list of Predefined and User Defined Cloud Applications associated with the SSL Inspecti", "description": "Retrieves a list of Predefined and User Defined Cloud Applications associated with the SSL Inspection rules. Retrives AppInfo when groupResults is set to false and retrieves the application count grouped by application category when groupResults is set to true", "input": [ { "name": "search", "type": "string", "info": "Filter application by name: string", "required": false, "schema": { "title": "search", "type": "string" } }, { "name": "pageSize", "type": "number", "info": "Set the size of response: 123", "required": false, "schema": { "title": "pageSize", "type": "number" } }, { "name": "page", "type": "number", "info": "Set the page number of response: 123", "required": false, "schema": { "title": "page", "type": "number" } }, { "name": "appClass", "type": "array", "info": "Filter application by application category. Available values : [ \"WEB_MAIL\", \"SOCIAL_NETWORKING\", \"STREAMING\", \"P2P\", \"INSTANT_MESSAGING\", \"WEB_SEARCH\", \"GE...(description truncated): array", "required": false, "schema": { "title": "appClass", "type": "array" } }, { "name": "groupResults", "type": "boolean", "info": "Show count of applications grouped by application category: boolean", "required": false, "schema": { "title": "groupResults", "type": "boolean" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getCloudApplicationsSslPolicy" }, "task": true }, { "name": "getAuthSettings", "summary": "Retrieves the organization's default authentication settings information, including authentication", "description": "Retrieves the organization's default authentication settings information, including authentication profile and Kerberos authentication information.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAuthSettings" }, "task": true }, { "name": "putAuthSettings", "summary": "Updates the organization's default authentication settings information.", "description": "Updates the organization's default authentication settings information.", "input": [ { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/putAuthSettings" }, "task": true }, { "name": "getAuthSettingsLite", "summary": "Retrieves organization's default authentication settings information.", "description": "Retrieves organization's default authentication settings information.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getAuthSettingsLite" }, "task": true }, { "name": "getTimeWindowsLite", "summary": "Gets a name and ID dictionary of time intervals used by the Firewall policy or the URL Filtering po", "description": "Gets a name and ID dictionary of time intervals used by the Firewall policy or the URL Filtering policy.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/getTimeWindowsLite" }, "task": true }, { "name": "postAuthenticatedSession__v1", "summary": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID tha", "description": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID that must be used in subsequent requests.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/postAuthenticatedSession__v1" }, "task": true }, { "name": "postAuthenticatedSession__v2", "summary": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID tha", "description": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID that must be used in subsequent requests.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/postAuthenticatedSession__v2" }, "task": true }, { "name": "postAuthenticatedSession__v3", "summary": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID tha", "description": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID that must be used in subsequent requests.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/postAuthenticatedSession__v3" }, "task": true }, { "name": "getWebApplicationRulesRuleTypeAvailableActions__v1", "summary": "Fetches the granular actions supported for the applications.", "description": "Fetches the granular actions supported for the applications.", "input": [ { "name": "ruleType", "type": "string", "info": "The rule type selected from the available options. Available values : [ \"SOCIAL_NETWORKING\", \"STREAMING_MEDIA\", \"WEBMAIL\", \"INSTANT_MESSAGING\", \"BUSINESS_PRODU...(description truncated): string", "required": true, "schema": { "title": "ruleType", "type": "string" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getWebApplicationRulesRuleTypeAvailableActions__v1" }, "task": true }, { "name": "getNssFeedsFeedOutputDefaults__v1", "summary": "Retrieves the default cloud NSS feed output format for different log types", "description": "Retrieves the default cloud NSS feed output format for different log types", "input": [ { "name": "type", "type": "string", "info": "The type of logs that you are streaming. Available values : [ 0:\"ADMIN_AUDIT\" 1:\"WEBLOG\" 2:\"ALERT\" 3:\"FWLOG\" 4:\"DNSLOG\" 5:\"MULTIFEEDLOG\" 6:\"CASB_FILELOG\" 7:\"CASB_MAILLOG\"...(description truncated): string", "required": false, "schema": { "title": "type", "type": "string" } }, { "name": "multiFeedType", "type": "string", "info": "This field is used to set the multi-feed type to Tunnel. Available values : [ \"ANY\", \"NONE\", \"WEB\", \"FW\", \"DNS\", \"EMAIL\", \"NSSALERTS\", \"BW\", \"CSTAT\", ...(description truncated): string", "required": false, "schema": { "title": "multiFeedType", "type": "string" } }, { "name": "fieldFormat", "type": "string", "info": "The feed output type of your SIEM. Available values : [ \"QRADAR\", \"CSV\", \"TAB_SEPARATED\", \"SPLUNK_CIM\", \"ARCSIGHT_CEF\", \"SYMANTEC_MSS\", \"LOGRHYTHM\", \"NAME...(description truncated): string", "required": false, "schema": { "title": "fieldFormat", "type": "string" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNssFeedsFeedOutputDefaults__v1" }, "task": true }, { "name": "postAuthenticatedSession__v4", "summary": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID tha", "description": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID that must be used in subsequent requests.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/postAuthenticatedSession__v4" }, "task": true }, { "name": "getWebApplicationRulesRuleTypeAvailableActions__v2", "summary": "Fetches the granular actions supported for the applications.", "description": "Fetches the granular actions supported for the applications.", "input": [ { "name": "ruleType", "type": "string", "info": "The rule type selected from the available options. Available values : [ \"SOCIAL_NETWORKING\", \"STREAMING_MEDIA\", \"WEBMAIL\", \"INSTANT_MESSAGING\", \"BUSINESS_PRODU...(description truncated): string", "required": true, "schema": { "title": "ruleType", "type": "string" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getWebApplicationRulesRuleTypeAvailableActions__v2" }, "task": true }, { "name": "getNssFeedsFeedOutputDefaults__v2", "summary": "Retrieves the default cloud NSS feed output format for different log types", "description": "Retrieves the default cloud NSS feed output format for different log types", "input": [ { "name": "type", "type": "string", "info": "The type of logs that you are streaming. Available values : [ 0:\"ADMIN_AUDIT\" 1:\"WEBLOG\" 2:\"ALERT\" 3:\"FWLOG\" 4:\"DNSLOG\" 5:\"MULTIFEEDLOG\" 6:\"CASB_FILELOG\" 7:\"CASB_MAILLOG\"...(description truncated): string", "required": false, "schema": { "title": "type", "type": "string" } }, { "name": "multiFeedType", "type": "string", "info": "This field is used to set the multi-feed type to Tunnel. Available values : [ \"ANY\", \"NONE\", \"WEB\", \"FW\", \"DNS\", \"EMAIL\", \"NSSALERTS\", \"BW\", \"CSTAT\", ...(description truncated): string", "required": false, "schema": { "title": "multiFeedType", "type": "string" } }, { "name": "fieldFormat", "type": "string", "info": "The feed output type of your SIEM. Available values : [ \"QRADAR\", \"CSV\", \"TAB_SEPARATED\", \"SPLUNK_CIM\", \"ARCSIGHT_CEF\", \"SYMANTEC_MSS\", \"LOGRHYTHM\", \"NAME...(description truncated): string", "required": false, "schema": { "title": "fieldFormat", "type": "string" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNssFeedsFeedOutputDefaults__v2" }, "task": true }, { "name": "postAuthenticatedSession__v5", "summary": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID tha", "description": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID that must be used in subsequent requests.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/postAuthenticatedSession__v5" }, "task": true }, { "name": "getWebApplicationRulesRuleTypeAvailableActions__v3", "summary": "Fetches the granular actions supported for the applications.", "description": "Fetches the granular actions supported for the applications.", "input": [ { "name": "ruleType", "type": "string", "info": "The rule type selected from the available options. Available values : [ \"SOCIAL_NETWORKING\", \"STREAMING_MEDIA\", \"WEBMAIL\", \"INSTANT_MESSAGING\", \"BUSINESS_PRODU...(description truncated): string", "required": true, "schema": { "title": "ruleType", "type": "string" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getWebApplicationRulesRuleTypeAvailableActions__v3" }, "task": true }, { "name": "getNssFeedsFeedOutputDefaults__v3", "summary": "Retrieves the default cloud NSS feed output format for different log types", "description": "Retrieves the default cloud NSS feed output format for different log types", "input": [ { "name": "type", "type": "string", "info": "The type of logs that you are streaming. Available values : [ 0:\"ADMIN_AUDIT\" 1:\"WEBLOG\" 2:\"ALERT\" 3:\"FWLOG\" 4:\"DNSLOG\" 5:\"MULTIFEEDLOG\" 6:\"CASB_FILELOG\" 7:\"CASB_MAILLOG\"...(description truncated): string", "required": false, "schema": { "title": "type", "type": "string" } }, { "name": "multiFeedType", "type": "string", "info": "This field is used to set the multi-feed type to Tunnel. Available values : [ \"ANY\", \"NONE\", \"WEB\", \"FW\", \"DNS\", \"EMAIL\", \"NSSALERTS\", \"BW\", \"CSTAT\", ...(description truncated): string", "required": false, "schema": { "title": "multiFeedType", "type": "string" } }, { "name": "fieldFormat", "type": "string", "info": "The feed output type of your SIEM. Available values : [ \"QRADAR\", \"CSV\", \"TAB_SEPARATED\", \"SPLUNK_CIM\", \"ARCSIGHT_CEF\", \"SYMANTEC_MSS\", \"LOGRHYTHM\", \"NAME...(description truncated): string", "required": false, "schema": { "title": "fieldFormat", "type": "string" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNssFeedsFeedOutputDefaults__v3" }, "task": true }, { "name": "postAuthenticatedSession__v6", "summary": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID tha", "description": "Creates an authenticated session. The response returns a cookie in the header called JSESSIONID that must be used in subsequent requests.", "input": [ { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "GET", "path": "/postAuthenticatedSession__v6" }, "task": true }, { "name": "getWebApplicationRulesRuleTypeAvailableActions__v4", "summary": "Fetches the granular actions supported for the applications.", "description": "Fetches the granular actions supported for the applications.", "input": [ { "name": "ruleType", "type": "string", "info": "The rule type selected from the available options. Available values : [ \"SOCIAL_NETWORKING\", \"STREAMING_MEDIA\", \"WEBMAIL\", \"INSTANT_MESSAGING\", \"BUSINESS_PRODU...(description truncated): string", "required": true, "schema": { "title": "ruleType", "type": "string" } }, { "name": "body", "type": "object", "info": ": object", "required": true, "schema": { "type": "object", "definitions": {} } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getWebApplicationRulesRuleTypeAvailableActions__v4" }, "task": true }, { "name": "getNssFeedsFeedOutputDefaults__v4", "summary": "Retrieves the default cloud NSS feed output format for different log types", "description": "Retrieves the default cloud NSS feed output format for different log types", "input": [ { "name": "type", "type": "string", "info": "The type of logs that you are streaming. Available values : [ 0:\"ADMIN_AUDIT\" 1:\"WEBLOG\" 2:\"ALERT\" 3:\"FWLOG\" 4:\"DNSLOG\" 5:\"MULTIFEEDLOG\" 6:\"CASB_FILELOG\" 7:\"CASB_MAILLOG\"...(description truncated): string", "required": false, "schema": { "title": "type", "type": "string" } }, { "name": "multiFeedType", "type": "string", "info": "This field is used to set the multi-feed type to Tunnel. Available values : [ \"ANY\", \"NONE\", \"WEB\", \"FW\", \"DNS\", \"EMAIL\", \"NSSALERTS\", \"BW\", \"CSTAT\", ...(description truncated): string", "required": false, "schema": { "title": "multiFeedType", "type": "string" } }, { "name": "fieldFormat", "type": "string", "info": "The feed output type of your SIEM. Available values : [ \"QRADAR\", \"CSV\", \"TAB_SEPARATED\", \"SPLUNK_CIM\", \"ARCSIGHT_CEF\", \"SYMANTEC_MSS\", \"LOGRHYTHM\", \"NAME...(description truncated): string", "required": false, "schema": { "title": "fieldFormat", "type": "string" } }, { "name": "iapMetadata", "type": "object", "info": "Itential Platform Metadata object contains additional info needed for the request: payload, uriPathVars, uriQuery, uriOptions, addlHeaders, authData, callProperties, etc.", "required": false, "schema": { "title": "iapMetadata", "type": "object" } } ], "output": { "name": "result", "type": "object", "description": "A JSON Object containing status, code and the result", "schema": { "title": "result", "type": "object" } }, "roles": [ "admin" ], "route": { "verb": "POST", "path": "/getNssFeedsFeedOutputDefaults__v4" }, "task": true } ] }