mirror of https://github.com/portainer/portainer
2990 lines
86 KiB
YAML
2990 lines
86 KiB
YAML
---
|
|
swagger: "2.0"
|
|
info:
|
|
description: |
|
|
Portainer API is an HTTP API served by Portainer. It is used by the Portainer UI and everything you can do with the UI can be done using the HTTP API.
|
|
Examples are available at https://gist.github.com/deviantony/77026d402366b4b43fa5918d41bc42f8
|
|
You can find out more about Portainer at [http://portainer.io](http://portainer.io) and get some support on [Slack](http://portainer.io/slack/).
|
|
|
|
# Authentication
|
|
|
|
Most of the API endpoints require to be authenticated as well as some level of authorization to be used.
|
|
Portainer API uses JSON Web Token to manage authentication and thus requires you to provide a token in the **Authorization** header of each request
|
|
with the **Bearer** authentication mechanism.
|
|
|
|
Example:
|
|
```
|
|
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTQ5OTM3NjE1NH0.NJ6vE8FY1WG6jsRQzfMqeatJ4vh2TWAeeYfDhP71YEE
|
|
```
|
|
|
|
# Security
|
|
|
|
Each API endpoint has an associated access policy, it is documented in the description of each endpoint.
|
|
|
|
Different access policies are available:
|
|
* Public access
|
|
* Authenticated access
|
|
* Restricted access
|
|
* Administrator access
|
|
|
|
### Public access
|
|
|
|
No authentication is required to access the endpoints with this access policy.
|
|
|
|
### Authenticated access
|
|
|
|
Authentication is required to access the endpoints with this access policy.
|
|
|
|
### Restricted access
|
|
|
|
Authentication is required to access the endpoints with this access policy.
|
|
Extra-checks might be added to ensure access to the resource is granted. Returned data might also be filtered.
|
|
|
|
### Administrator access
|
|
|
|
Authentication as well as an administrator role are required to access the endpoints with this access policy.
|
|
|
|
# Execute Docker requests
|
|
|
|
Portainer **DO NOT** expose specific endpoints to manage your Docker resources (create a container, remove a volume, etc...).
|
|
|
|
Instead, it acts as a reverse-proxy to the Docker HTTP API. This means that you can execute Docker requests **via** the Portainer HTTP API.
|
|
|
|
To do so, you can use the `/endpoints/{id}/docker` Portainer API endpoint (which is not documented below due to Swagger limitations). This
|
|
endpoint has a restricted access policy so you still need to be authenticated to be able to query this endpoint. Any query on this endpoint will be proxied to the
|
|
Docker API of the associated endpoint (requests and responses objects are the same as documented in the Docker API).
|
|
|
|
**NOTE**: You can find more information on how to query the Docker API in the [Docker official documentation](https://docs.docker.com/engine/api/v1.30/) as well as in [this Portainer example](https://gist.github.com/deviantony/77026d402366b4b43fa5918d41bc42f8).
|
|
|
|
version: "1.16.4"
|
|
title: "Portainer API"
|
|
contact:
|
|
email: "info@portainer.io"
|
|
host: "portainer.domain"
|
|
basePath: "/api"
|
|
tags:
|
|
- name: "auth"
|
|
description: "Authenticate against Portainer HTTP API"
|
|
- name: "dockerhub"
|
|
description: "Manage how Portainer connects to the DockerHub"
|
|
- name: "endpoints"
|
|
description: "Manage Docker environments"
|
|
- name: "registries"
|
|
description: "Manage Docker registries"
|
|
- name: "resource_controls"
|
|
description: "Manage access control on Docker resources"
|
|
- name: "settings"
|
|
description: "Manage Portainer settings"
|
|
- name: "status"
|
|
description: "Information about the Portainer instance"
|
|
- name: "stacks"
|
|
description: "Manage Docker stacks"
|
|
- name: "users"
|
|
description: "Manage users"
|
|
- name: "teams"
|
|
description: "Manage teams"
|
|
- name: "team_memberships"
|
|
description: "Manage team memberships"
|
|
- name: "templates"
|
|
description: "Manage App Templates"
|
|
- name: "upload"
|
|
description: "Upload files"
|
|
- name: "websocket"
|
|
description: "Create exec sessions using websockets"
|
|
schemes:
|
|
- "http"
|
|
- "https"
|
|
paths:
|
|
/auth:
|
|
post:
|
|
tags:
|
|
- "auth"
|
|
summary: "Authenticate a user"
|
|
description: |
|
|
Use this endpoint to authenticate against Portainer using a username and password.
|
|
**Access policy**: public
|
|
operationId: "AuthenticateUser"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Credentials used for authentication"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/AuthenticateUserRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/AuthenticateUserResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid credentials"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
503:
|
|
description: "Authentication disabled"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Authentication is disabled"
|
|
/dockerhub:
|
|
get:
|
|
tags:
|
|
- "dockerhub"
|
|
summary: "Retrieve DockerHub information"
|
|
description: |
|
|
Use this endpoint to retrieve the information used to connect to the DockerHub
|
|
**Access policy**: authenticated
|
|
operationId: "DockerHubInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters: []
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/DockerHubInspectResponse"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
put:
|
|
tags:
|
|
- "dockerhub"
|
|
summary: "Update DockerHub information"
|
|
description: |
|
|
Use this endpoint to update the information used to connect to the DockerHub
|
|
**Access policy**: administrator
|
|
operationId: "DockerHubUpdate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "body"
|
|
name: "body"
|
|
description: "DockerHub information"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/DockerHubUpdateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/endpoints:
|
|
get:
|
|
tags:
|
|
- "endpoints"
|
|
summary: "List endpoints"
|
|
description: |
|
|
List all endpoints based on the current user authorizations. Will
|
|
return all endpoints if using an administrator account otherwise it will
|
|
only return authorized endpoints.
|
|
**Access policy**: restricted
|
|
operationId: "EndpointList"
|
|
produces:
|
|
- "application/json"
|
|
parameters: []
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/EndpointListResponse"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
post:
|
|
tags:
|
|
- "endpoints"
|
|
summary: "Create a new endpoint"
|
|
description: |
|
|
Create a new endpoint that will be used to manage a Docker environment.
|
|
**Access policy**: administrator
|
|
operationId: "EndpointCreate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Endpoint details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/EndpointCreateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/EndpointCreateResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
503:
|
|
description: "Endpoint management disabled"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Endpoint management is disabled"
|
|
/endpoints/{id}:
|
|
get:
|
|
tags:
|
|
- "endpoints"
|
|
summary: "Inspect an endpoint"
|
|
description: |
|
|
Retrieve details abount an endpoint.
|
|
**Access policy**: administrator
|
|
operationId: "EndpointInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Endpoint identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/Endpoint"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
404:
|
|
description: "Endpoint not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Endpoint not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
put:
|
|
tags:
|
|
- "endpoints"
|
|
summary: "Update an endpoint"
|
|
description: |
|
|
Update an endpoint.
|
|
**Access policy**: administrator
|
|
operationId: "EndpointUpdate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Endpoint identifier"
|
|
required: true
|
|
type: "integer"
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Endpoint details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/EndpointUpdateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
404:
|
|
description: "Endpoint not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Endpoint not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
503:
|
|
description: "Endpoint management disabled"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Endpoint management is disabled"
|
|
delete:
|
|
tags:
|
|
- "endpoints"
|
|
summary: "Remove an endpoint"
|
|
description: |
|
|
Remove an endpoint.
|
|
**Access policy**: administrator
|
|
operationId: "EndpointDelete"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Endpoint identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
404:
|
|
description: "Endpoint not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Endpoint not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
503:
|
|
description: "Endpoint management disabled"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Endpoint management is disabled"
|
|
/endpoints/{id}/access:
|
|
put:
|
|
tags:
|
|
- "endpoints"
|
|
summary: "Manage accesses to an endpoint"
|
|
description: |
|
|
Manage user and team accesses to an endpoint.
|
|
**Access policy**: administrator
|
|
operationId: "EndpointAccessUpdate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Endpoint identifier"
|
|
required: true
|
|
type: "integer"
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Authorizations details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/EndpointAccessUpdateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
404:
|
|
description: "Endpoint not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Endpoint not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
|
|
/endpoints/{endpointId}/stacks:
|
|
get:
|
|
tags:
|
|
- "stacks"
|
|
summary: "List stacks"
|
|
description: |
|
|
List all stacks based on the current user authorizations.
|
|
Will return all stacks if using an administrator account otherwise it
|
|
will only return the list of stacks the user have access to.
|
|
**Access policy**: restricted
|
|
operationId: "StackList"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "endpointId"
|
|
in: "path"
|
|
description: "Endpoint identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/StackListResponse"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
post:
|
|
tags:
|
|
- "stacks"
|
|
summary: "Deploy a new stack"
|
|
description: |
|
|
Deploy a new stack into a Docker environment specified via the endpoint identifier.
|
|
**Access policy**: restricted
|
|
operationId: "StackCreate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "endpointId"
|
|
in: "path"
|
|
description: "Endpoint identifier"
|
|
required: true
|
|
type: "integer"
|
|
- name: "method"
|
|
in: "query"
|
|
description: "Stack deployment method. Possible values: string or repository."
|
|
required: true
|
|
type: "string"
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Stack details. Used when"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/StackCreateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/StackCreateResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
404:
|
|
description: "Endpoint not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Endpoint not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/endpoints/{endpointId}/stacks/{id}:
|
|
get:
|
|
tags:
|
|
- "stacks"
|
|
summary: "Inspect a stack"
|
|
description: |
|
|
Retrieve details about a stack.
|
|
**Access policy**: restricted
|
|
operationId: "StackInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "endpointId"
|
|
in: "path"
|
|
description: "Endpoint identifier"
|
|
required: true
|
|
type: "integer"
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Stack identifier"
|
|
required: true
|
|
type: "string"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/Stack"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
404:
|
|
description: "Stack not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Stack not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
put:
|
|
tags:
|
|
- "stacks"
|
|
summary: "Update a stack"
|
|
description: |
|
|
Update a stack.
|
|
**Access policy**: restricted
|
|
operationId: "StackUpdate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "endpointId"
|
|
in: "path"
|
|
description: "Endpoint identifier"
|
|
required: true
|
|
type: "integer"
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Stack identifier"
|
|
required: true
|
|
type: "string"
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Stack details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/StackUpdateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
404:
|
|
description: "Stack not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Stack not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
delete:
|
|
tags:
|
|
- "stacks"
|
|
summary: "Remove a stack"
|
|
description: |
|
|
Remove a stack.
|
|
**Access policy**: restricted
|
|
operationId: "StackDelete"
|
|
parameters:
|
|
- name: "endpointId"
|
|
in: "path"
|
|
description: "Endpoint identifier"
|
|
required: true
|
|
type: "integer"
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Stack identifier"
|
|
required: true
|
|
type: "string"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
404:
|
|
description: "Stack not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Stack not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/endpoints/{endpointId}/stacks/{id}/stackfile:
|
|
get:
|
|
tags:
|
|
- "stacks"
|
|
summary: "Retrieve the content of the Stack file for the specified stack"
|
|
description: |
|
|
Get Stack file content.
|
|
**Access policy**: restricted
|
|
operationId: "StackFileInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "endpointId"
|
|
in: "path"
|
|
description: "Endpoint identifier"
|
|
required: true
|
|
type: "integer"
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Stack identifier"
|
|
required: true
|
|
type: "string"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/StackFileInspectResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
404:
|
|
description: "Stack not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Stack not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/registries:
|
|
get:
|
|
tags:
|
|
- "registries"
|
|
summary: "List registries"
|
|
description: |
|
|
List all registries based on the current user authorizations.
|
|
Will return all registries if using an administrator account otherwise it
|
|
will only return authorized registries.
|
|
**Access policy**: restricted
|
|
operationId: "RegistryList"
|
|
produces:
|
|
- "application/json"
|
|
parameters: []
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/RegistryListResponse"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
post:
|
|
tags:
|
|
- "registries"
|
|
summary: "Create a new registry"
|
|
description: |
|
|
Create a new registry.
|
|
**Access policy**: administrator
|
|
operationId: "RegistryCreate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Registry details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/RegistryCreateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/RegistryCreateResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
409:
|
|
description: "Registry already exists"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "A registry is already defined for this URL"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/registries/{id}:
|
|
get:
|
|
tags:
|
|
- "registries"
|
|
summary: "Inspect a registry"
|
|
description: |
|
|
Retrieve details about a registry.
|
|
**Access policy**: administrator
|
|
operationId: "RegistryInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Registry identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/Registry"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
404:
|
|
description: "Registry not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Registry not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
put:
|
|
tags:
|
|
- "registries"
|
|
summary: "Update a registry"
|
|
description: |
|
|
Update a registry.
|
|
**Access policy**: administrator
|
|
operationId: "RegistryUpdate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Registry identifier"
|
|
required: true
|
|
type: "integer"
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Registry details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/RegistryUpdateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
404:
|
|
description: "Registry not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Endpoint not found"
|
|
409:
|
|
description: "Registry already exists"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "A registry is already defined for this URL"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
delete:
|
|
tags:
|
|
- "registries"
|
|
summary: "Remove a registry"
|
|
description: |
|
|
Remove a registry.
|
|
**Access policy**: administrator
|
|
operationId: "RegistryDelete"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Registry identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
404:
|
|
description: "Registry not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Registry not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/registries/{id}/access:
|
|
put:
|
|
tags:
|
|
- "registries"
|
|
summary: "Manage accesses to a registry"
|
|
description: |
|
|
Manage user and team accesses to a registry.
|
|
**Access policy**: administrator
|
|
operationId: "RegistryAccessUpdate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Registry identifier"
|
|
required: true
|
|
type: "integer"
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Authorizations details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/RegistryAccessUpdateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
404:
|
|
description: "Registry not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Registry not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/resource_controls:
|
|
post:
|
|
tags:
|
|
- "resource_controls"
|
|
summary: "Create a new resource control"
|
|
description: |
|
|
Create a new resource control to restrict access to a Docker resource.
|
|
**Access policy**: restricted
|
|
operationId: "ResourceControlCreate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Resource control details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/ResourceControlCreateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
409:
|
|
description: "Resource control already exists"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "A resource control is already applied on this resource"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/resource_controls/{id}:
|
|
put:
|
|
tags:
|
|
- "resource_controls"
|
|
summary: "Update a resource control"
|
|
description: |
|
|
Update a resource control.
|
|
**Access policy**: restricted
|
|
operationId: "ResourceControlUpdate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Resource control identifier"
|
|
required: true
|
|
type: "integer"
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Resource control details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/ResourceControlUpdateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
404:
|
|
description: "Resource control not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Resource control not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
delete:
|
|
tags:
|
|
- "resource_controls"
|
|
summary: "Remove a resource control"
|
|
description: |
|
|
Remove a resource control.
|
|
**Access policy**: restricted
|
|
operationId: "ResourceControlDelete"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Resource control identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
404:
|
|
description: "Resource control not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Resource control not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/settings:
|
|
get:
|
|
tags:
|
|
- "settings"
|
|
summary: "Retrieve Portainer settings"
|
|
description: |
|
|
Retrieve Portainer settings.
|
|
**Access policy**: administrator
|
|
operationId: "SettingsInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters: []
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/Settings"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
put:
|
|
tags:
|
|
- "settings"
|
|
summary: "Update Portainer settings"
|
|
description: |
|
|
Update Portainer settings.
|
|
**Access policy**: administrator
|
|
operationId: "SettingsUpdate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "body"
|
|
name: "body"
|
|
description: "New settings"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/SettingsUpdateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/settings/public:
|
|
get:
|
|
tags:
|
|
- "settings"
|
|
summary: "Retrieve Portainer public settings"
|
|
description: |
|
|
Retrieve public settings. Returns a small set of settings that are not reserved to administrators only.
|
|
**Access policy**: public
|
|
operationId: "PublicSettingsInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters: []
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/PublicSettingsInspectResponse"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/settings/authentication/checkLDAP:
|
|
put:
|
|
tags:
|
|
- "settings"
|
|
summary: "Test LDAP connectivity"
|
|
description: |
|
|
Test LDAP connectivity using LDAP details.
|
|
**Access policy**: administrator
|
|
operationId: "SettingsLDAPCheck"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "body"
|
|
name: "body"
|
|
description: "LDAP settings"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/SettingsLDAPCheckRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/status:
|
|
get:
|
|
tags:
|
|
- "status"
|
|
summary: "Check Portainer status"
|
|
description: |
|
|
Retrieve Portainer status.
|
|
**Access policy**: public
|
|
operationId: "StatusInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters: []
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/Status"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/users:
|
|
get:
|
|
tags:
|
|
- "users"
|
|
summary: "List users"
|
|
description: |
|
|
List Portainer users. Non-administrator users will only be able to list other non-administrator user accounts.
|
|
**Access policy**: restricted
|
|
operationId: "UserList"
|
|
produces:
|
|
- "application/json"
|
|
parameters: []
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/UserListResponse"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
post:
|
|
tags:
|
|
- "users"
|
|
summary: "Create a new user"
|
|
description: |
|
|
Create a new Portainer user. Only team leaders and administrators can create users. Only administrators can
|
|
create an administrator user account.
|
|
**Access policy**: restricted
|
|
operationId: "UserCreate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "body"
|
|
name: "body"
|
|
description: "User details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/UserCreateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/UserCreateResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
409:
|
|
description: "User already exists"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "User already exists"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/users/{id}:
|
|
get:
|
|
tags:
|
|
- "users"
|
|
summary: "Inspect a user"
|
|
description: |
|
|
Retrieve details about a user.
|
|
**Access policy**: administrator
|
|
operationId: "UserInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "User identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/User"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
404:
|
|
description: "User not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "User not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
put:
|
|
tags:
|
|
- "users"
|
|
summary: "Update a user"
|
|
description: |
|
|
Update user details. A regular user account can only update his details.
|
|
**Access policy**: authenticated
|
|
operationId: "UserUpdate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "User identifier"
|
|
required: true
|
|
type: "integer"
|
|
- in: "body"
|
|
name: "body"
|
|
description: "User details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/UserUpdateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
404:
|
|
description: "User not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "User not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
delete:
|
|
tags:
|
|
- "users"
|
|
summary: "Remove a user"
|
|
description: |
|
|
Remove a user.
|
|
**Access policy**: administrator
|
|
operationId: "UserDelete"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "User identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
404:
|
|
description: "User not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "User not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/users/{id}/memberships:
|
|
get:
|
|
tags:
|
|
- "users"
|
|
summary: "Inspect a user memberships"
|
|
description: |
|
|
Inspect a user memberships.
|
|
**Access policy**: authenticated
|
|
operationId: "UserMembershipsInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "User identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/UserMembershipsResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
|
|
/users/{id}/passwd:
|
|
post:
|
|
tags:
|
|
- "users"
|
|
summary: "Check password validity for a user"
|
|
description: |
|
|
Check if the submitted password is valid for the specified user.
|
|
**Access policy**: authenticated
|
|
operationId: "UserPasswordCheck"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "User identifier"
|
|
required: true
|
|
type: "integer"
|
|
- in: "body"
|
|
name: "body"
|
|
description: "User details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/UserPasswordCheckRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/UserPasswordCheckResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
404:
|
|
description: "User not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "User not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
|
|
/users/admin/check:
|
|
get:
|
|
tags:
|
|
- "users"
|
|
summary: "Check administrator account existence"
|
|
description: |
|
|
Check if an administrator account exists in the database.
|
|
**Access policy**: public
|
|
operationId: "UserAdminCheck"
|
|
produces:
|
|
- "application/json"
|
|
parameters: []
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/UserListResponse"
|
|
404:
|
|
description: "User not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "User not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
|
|
/users/admin/init:
|
|
post:
|
|
tags:
|
|
- "users"
|
|
summary: "Initialize administrator account"
|
|
description: |
|
|
Initialize the 'admin' user account.
|
|
**Access policy**: public
|
|
operationId: "UserAdminInit"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "body"
|
|
name: "body"
|
|
description: "User details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/UserAdminInitRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
409:
|
|
description: "Admin user already initialized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "User already exists"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
|
|
/upload/tls/{certificate}:
|
|
post:
|
|
tags:
|
|
- "upload"
|
|
summary: "Upload TLS files"
|
|
description: |
|
|
Use this endpoint to upload TLS files.
|
|
**Access policy**: administrator
|
|
operationId: "UploadTLS"
|
|
consumes:
|
|
- multipart/form-data
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "path"
|
|
name: "certificate"
|
|
description: "TLS file type. Valid values are 'ca', 'cert' or 'key'."
|
|
required: true
|
|
type: "string"
|
|
- in: "query"
|
|
name: "folder"
|
|
description: "Folder where the TLS file will be stored. Will be created if not existing."
|
|
required: true
|
|
type: "string"
|
|
- in: "formData"
|
|
name: "file"
|
|
type: "file"
|
|
description: "The file to upload."
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
|
|
/teams:
|
|
get:
|
|
tags:
|
|
- "teams"
|
|
summary: "List teams"
|
|
description: |
|
|
List teams. For non-administrator users, will only list the teams they are member of.
|
|
**Access policy**: restricted
|
|
operationId: "TeamList"
|
|
produces:
|
|
- "application/json"
|
|
parameters: []
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/TeamListResponse"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
post:
|
|
tags:
|
|
- "teams"
|
|
summary: "Create a new team"
|
|
description: |
|
|
Create a new team.
|
|
**Access policy**: administrator
|
|
operationId: "TeamCreate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Team details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/TeamCreateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/TeamCreateResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
409:
|
|
description: "Team already exists"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Team already exists"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/teams/{id}:
|
|
get:
|
|
tags:
|
|
- "teams"
|
|
summary: "Inspect a team"
|
|
description: |
|
|
Retrieve details about a team. Access is only available for administrator and leaders of that team.
|
|
**Access policy**: restricted
|
|
operationId: "TeamInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Team identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/Team"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
404:
|
|
description: "Team not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Team not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
put:
|
|
tags:
|
|
- "teams"
|
|
summary: "Update a team"
|
|
description: |
|
|
Update a team.
|
|
**Access policy**: administrator
|
|
operationId: "TeamUpdate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Team identifier"
|
|
required: true
|
|
type: "integer"
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Team details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/TeamUpdateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
404:
|
|
description: "Team not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Team not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
delete:
|
|
tags:
|
|
- "teams"
|
|
summary: "Remove a team"
|
|
description: |
|
|
Remove a team.
|
|
**Access policy**: administrator
|
|
operationId: "TeamDelete"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Team identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
404:
|
|
description: "Team not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Team not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
|
|
/teams/{id}/memberships:
|
|
get:
|
|
tags:
|
|
- "teams"
|
|
summary: "Inspect a team memberships"
|
|
description: |
|
|
Inspect a team memberships. Access is only available for administrator and leaders of that team.
|
|
**Access policy**: restricted
|
|
operationId: "TeamMembershipsInspect"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Team identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/TeamMembershipsResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
|
|
/team_memberships:
|
|
get:
|
|
tags:
|
|
- "team_memberships"
|
|
summary: "List team memberships"
|
|
description: |
|
|
List team memberships. Access is only available to administrators and team leaders.
|
|
**Access policy**: restricted
|
|
operationId: "TeamMembershipList"
|
|
produces:
|
|
- "application/json"
|
|
parameters: []
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/TeamMembershipListResponse"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
post:
|
|
tags:
|
|
- "team_memberships"
|
|
summary: "Create a new team membership"
|
|
description: |
|
|
Create a new team memberships. Access is only available to administrators leaders of the associated team.
|
|
**Access policy**: restricted
|
|
operationId: "TeamMembershipCreate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Team membership details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/TeamMembershipCreateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/TeamMembershipCreateResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
409:
|
|
description: "Team membership already exists"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Team membership already exists for this user and team."
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/team_memberships/{id}:
|
|
put:
|
|
tags:
|
|
- "team_memberships"
|
|
summary: "Update a team membership"
|
|
description: |
|
|
Update a team membership. Access is only available to administrators leaders of the associated team.
|
|
**Access policy**: restricted
|
|
operationId: "TeamMembershipUpdate"
|
|
consumes:
|
|
- "application/json"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "Team membership identifier"
|
|
required: true
|
|
type: "integer"
|
|
- in: "body"
|
|
name: "body"
|
|
description: "Team membership details"
|
|
required: true
|
|
schema:
|
|
$ref: "#/definitions/TeamMembershipUpdateRequest"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request data format"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
404:
|
|
description: "Team membership not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Team membership not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
delete:
|
|
tags:
|
|
- "team_memberships"
|
|
summary: "Remove a team membership"
|
|
description: |
|
|
Remove a team membership. Access is only available to administrators leaders of the associated team.
|
|
**Access policy**: restricted
|
|
operationId: "TeamMembershipDelete"
|
|
parameters:
|
|
- name: "id"
|
|
in: "path"
|
|
description: "TeamMembership identifier"
|
|
required: true
|
|
type: "integer"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid request"
|
|
403:
|
|
description: "Unauthorized"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Access denied to resource"
|
|
404:
|
|
description: "Team membership not found"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Team membership not found"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
/templates:
|
|
get:
|
|
tags:
|
|
- "templates"
|
|
summary: "Retrieve App templates"
|
|
description: |
|
|
Retrieve App templates.
|
|
You can find more information about the format at http://portainer.readthedocs.io/en/stable/templates.html
|
|
**Access policy**: authenticated
|
|
operationId: "TemplateList"
|
|
produces:
|
|
- "application/json"
|
|
parameters:
|
|
- name: "key"
|
|
in: "query"
|
|
required: true
|
|
description: "Templates key. Valid values are 'container' or 'linuxserver.io'."
|
|
type: "string"
|
|
responses:
|
|
200:
|
|
description: "Success"
|
|
schema:
|
|
$ref: "#/definitions/TemplateListResponse"
|
|
400:
|
|
description: "Invalid request"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
examples:
|
|
application/json:
|
|
err: "Invalid query format"
|
|
500:
|
|
description: "Server error"
|
|
schema:
|
|
$ref: "#/definitions/GenericError"
|
|
securityDefinitions:
|
|
jwt:
|
|
type: "apiKey"
|
|
name: "Authorization"
|
|
in: "header"
|
|
definitions:
|
|
Team:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Team identifier"
|
|
Name:
|
|
type: "string"
|
|
example: "developers"
|
|
description: "Team name"
|
|
TeamMembership:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Membership identifier"
|
|
UserID:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User identifier"
|
|
TeamID:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Team identifier"
|
|
Role:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Team role (1 for team leader and 2 for team member)"
|
|
User:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User identifier"
|
|
Username:
|
|
type: "string"
|
|
example: "bob"
|
|
description: "Username"
|
|
Role:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User role (1 for administrator account and 2 for regular account)"
|
|
Status:
|
|
type: "object"
|
|
properties:
|
|
Authentication:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Is authentication enabled"
|
|
EndpointManagement:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Is endpoint management enabled"
|
|
Analytics:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Is analytics enabled"
|
|
Version:
|
|
type: "string"
|
|
example: "1.16.4"
|
|
description: "Portainer API version"
|
|
PublicSettingsInspectResponse:
|
|
type: "object"
|
|
properties:
|
|
LogoURL:
|
|
type: "string"
|
|
example: "https://mycompany.mydomain.tld/logo.png"
|
|
description: "URL to a logo that will be displayed on the login page as well\
|
|
\ as on top of the sidebar. Will use default Portainer logo when value is\
|
|
\ empty string"
|
|
DisplayDonationHeader:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Whether to display or not the donation message in the header."
|
|
DisplayExternalContributors:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Whether to display or not external templates contributions as\
|
|
\ sub-menus in the UI."
|
|
AuthenticationMethod:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Active authentication method for the Portainer instance. Valid values are: 1 for managed or 2 for LDAP."
|
|
AllowBindMountsForRegularUsers:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Whether non-administrator should be able to use bind mounts when creating containers"
|
|
AllowPrivilegedModeForRegularUsers:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Whether non-administrator should be able to use privileged mode when creating containers"
|
|
TLSConfiguration:
|
|
type: "object"
|
|
properties:
|
|
TLS:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Use TLS"
|
|
TLSSkipVerify:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Skip the verification of the server TLS certificate"
|
|
TLSCACertPath:
|
|
type: "string"
|
|
example: "/data/tls/ca.pem"
|
|
description: "Path to the TLS CA certificate file"
|
|
TLSCertPath:
|
|
type: "string"
|
|
example: "/data/tls/cert.pem"
|
|
description: "Path to the TLS client certificate file"
|
|
TLSKeyPath:
|
|
type: "string"
|
|
example: "/data/tls/key.pem"
|
|
description: "Path to the TLS client key file"
|
|
|
|
LDAPSearchSettings:
|
|
type: "object"
|
|
properties:
|
|
BaseDN:
|
|
type: "string"
|
|
example: "dc=ldap,dc=domain,dc=tld"
|
|
description: "The distinguished name of the element from which the LDAP server will search for users"
|
|
Filter:
|
|
type: "string"
|
|
example: "(objectClass=account)"
|
|
description: "Optional LDAP search filter used to select user elements"
|
|
UserNameAttribute:
|
|
type: "string"
|
|
example: "uid"
|
|
description: "LDAP attribute which denotes the username"
|
|
|
|
LDAPSettings:
|
|
type: "object"
|
|
properties:
|
|
ReaderDN:
|
|
type: "string"
|
|
example: "cn=readonly-account,dc=ldap,dc=domain,dc=tld"
|
|
description: "Account that will be used to search for users"
|
|
Password:
|
|
type: "string"
|
|
example: "readonly-password"
|
|
description: "Password of the account that will be used to search users"
|
|
URL:
|
|
type: "string"
|
|
example: "myldap.domain.tld:389"
|
|
description: "URL or IP address of the LDAP server"
|
|
TLSConfig:
|
|
$ref: "#/definitions/TLSConfiguration"
|
|
StartTLS:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Whether LDAP connection should use StartTLS"
|
|
SearchSettings:
|
|
type: "array"
|
|
items:
|
|
$ref: "#/definitions/LDAPSearchSettings"
|
|
|
|
Settings:
|
|
type: "object"
|
|
properties:
|
|
TemplatesURL:
|
|
type: "string"
|
|
example: "https://raw.githubusercontent.com/portainer/templates/master/templates.json"
|
|
description: "URL to the templates that will be displayed in the UI when navigating\
|
|
\ to App Templates"
|
|
LogoURL:
|
|
type: "string"
|
|
example: "https://mycompany.mydomain.tld/logo.png"
|
|
description: "URL to a logo that will be displayed on the login page as well\
|
|
\ as on top of the sidebar. Will use default Portainer logo when value is\
|
|
\ empty string"
|
|
BlackListedLabels:
|
|
type: "array"
|
|
description: "A list of label name & value that will be used to hide containers\
|
|
\ when querying containers"
|
|
items:
|
|
$ref: "#/definitions/Settings_BlackListedLabels"
|
|
DisplayDonationHeader:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Whether to display or not the donation message in the header."
|
|
DisplayExternalContributors:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Whether to display or not external templates contributions as\
|
|
\ sub-menus in the UI."
|
|
AuthenticationMethod:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Active authentication method for the Portainer instance. Valid values are: 1 for managed or 2 for LDAP."
|
|
LDAPSettings:
|
|
$ref: "#/definitions/LDAPSettings"
|
|
AllowBindMountsForRegularUsers:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Whether non-administrator should be able to use bind mounts when creating containers"
|
|
AllowPrivilegedModeForRegularUsers:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Whether non-administrator should be able to use privileged mode when creating containers"
|
|
Settings_BlackListedLabels:
|
|
properties:
|
|
name:
|
|
type: "string"
|
|
example: "com.foo"
|
|
value:
|
|
type: "string"
|
|
example: "bar"
|
|
Registry:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Registry identifier"
|
|
Name:
|
|
type: "string"
|
|
example: "my-registry"
|
|
description: "Registry name"
|
|
URL:
|
|
type: "string"
|
|
example: "registry.mydomain.tld:2375"
|
|
description: "URL or IP address of the Docker registry"
|
|
Authentication:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Is authentication against this registry enabled"
|
|
Username:
|
|
type: "string"
|
|
example: "registry_user"
|
|
description: "Username used to authenticate against this registry"
|
|
Password:
|
|
type: "string"
|
|
example: "registry_password"
|
|
description: "Password used to authenticate against this registry"
|
|
AuthorizedUsers:
|
|
type: "array"
|
|
description: "List of user identifiers authorized to use this registry"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User identifier"
|
|
AuthorizedTeams:
|
|
type: "array"
|
|
description: "List of team identifiers authorized to use this registry"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Team identifier"
|
|
Endpoint:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Endpoint identifier"
|
|
Name:
|
|
type: "string"
|
|
example: "my-endpoint"
|
|
description: "Endpoint name"
|
|
URL:
|
|
type: "string"
|
|
example: "docker.mydomain.tld:2375"
|
|
description: "URL or IP address of the Docker host associated to this endpoint"
|
|
AuthorizedUsers:
|
|
type: "array"
|
|
description: "List of user identifiers authorized to connect to this endpoint"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User identifier"
|
|
AuthorizedTeams:
|
|
type: "array"
|
|
description: "List of team identifiers authorized to connect to this endpoint"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Team identifier"
|
|
GenericError:
|
|
type: "object"
|
|
properties:
|
|
err:
|
|
type: "string"
|
|
example: "Something bad happened"
|
|
description: "Error message"
|
|
AuthenticateUserRequest:
|
|
type: "object"
|
|
required:
|
|
- "Password"
|
|
- "Username"
|
|
properties:
|
|
Username:
|
|
type: "string"
|
|
example: "admin"
|
|
description: "Username"
|
|
Password:
|
|
type: "string"
|
|
example: "mypassword"
|
|
description: "Password"
|
|
AuthenticateUserResponse:
|
|
type: "object"
|
|
properties:
|
|
jwt:
|
|
type: "string"
|
|
example: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTQ5OTM3NjE1NH0.NJ6vE8FY1WG6jsRQzfMqeatJ4vh2TWAeeYfDhP71YEE"
|
|
description: "JWT token used to authenticate against the API"
|
|
DockerHubInspectResponse:
|
|
type: "object"
|
|
properties:
|
|
Authentication:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Is authentication against DockerHub enabled"
|
|
Username:
|
|
type: "string"
|
|
example: "hub_user"
|
|
description: "Username used to authenticate against the DockerHub"
|
|
Password:
|
|
type: "string"
|
|
example: "hub_password"
|
|
description: "Password used to authenticate against the DockerHub"
|
|
DockerHubUpdateRequest:
|
|
type: "object"
|
|
required:
|
|
- "Authentication"
|
|
- "Password"
|
|
- "Username"
|
|
properties:
|
|
Authentication:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Enable authentication against DockerHub"
|
|
Username:
|
|
type: "string"
|
|
example: "hub_user"
|
|
description: "Username used to authenticate against the DockerHub"
|
|
Password:
|
|
type: "string"
|
|
example: "hub_password"
|
|
description: "Password used to authenticate against the DockerHub"
|
|
EndpointCreateRequest:
|
|
type: "object"
|
|
required:
|
|
- "Name"
|
|
- "URL"
|
|
properties:
|
|
Name:
|
|
type: "string"
|
|
example: "my-endpoint"
|
|
description: "Name that will be used to identify this endpoint"
|
|
URL:
|
|
type: "string"
|
|
example: "docker.mydomain.tld:2375"
|
|
description: "URL or IP address of a Docker host"
|
|
PublicURL:
|
|
type: "string"
|
|
example: "docker.mydomain.tld:2375"
|
|
description: "URL or IP address where exposed containers will be reachable.\
|
|
\ Defaults to URL if not specified"
|
|
TLS:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Require TLS to connect against this endpoint"
|
|
TLSSkipVerify:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Skip server verification when using TLS"
|
|
TLSSkipClientVerify:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Skip client verification when using TLS"
|
|
EndpointCreateResponse:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Id of the endpoint"
|
|
EndpointListResponse:
|
|
type: "array"
|
|
items:
|
|
$ref: "#/definitions/Endpoint"
|
|
EndpointUpdateRequest:
|
|
type: "object"
|
|
properties:
|
|
Name:
|
|
type: "string"
|
|
example: "my-endpoint"
|
|
description: "Name that will be used to identify this endpoint"
|
|
URL:
|
|
type: "string"
|
|
example: "docker.mydomain.tld:2375"
|
|
description: "URL or IP address of a Docker host"
|
|
PublicURL:
|
|
type: "string"
|
|
example: "docker.mydomain.tld:2375"
|
|
description: "URL or IP address where exposed containers will be reachable.\
|
|
\ Defaults to URL if not specified"
|
|
TLS:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Require TLS to connect against this endpoint"
|
|
TLSSkipVerify:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Skip server verification when using TLS"
|
|
TLSSkipClientVerify:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Skip client verification when using TLS"
|
|
EndpointAccessUpdateRequest:
|
|
type: "object"
|
|
properties:
|
|
AuthorizedUsers:
|
|
type: "array"
|
|
description: "List of user identifiers authorized to connect to this endpoint"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User identifier"
|
|
AuthorizedTeams:
|
|
type: "array"
|
|
description: "List of team identifiers authorized to connect to this endpoint"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Team identifier"
|
|
RegistryCreateRequest:
|
|
type: "object"
|
|
required:
|
|
- "Authentication"
|
|
- "Name"
|
|
- "Password"
|
|
- "URL"
|
|
- "Username"
|
|
properties:
|
|
Name:
|
|
type: "string"
|
|
example: "my-registry"
|
|
description: "Name that will be used to identify this registry"
|
|
URL:
|
|
type: "string"
|
|
example: "registry.mydomain.tld:2375"
|
|
description: "URL or IP address of the Docker registry"
|
|
Authentication:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Is authentication against this registry enabled"
|
|
Username:
|
|
type: "string"
|
|
example: "registry_user"
|
|
description: "Username used to authenticate against this registry"
|
|
Password:
|
|
type: "string"
|
|
example: "registry_password"
|
|
description: "Password used to authenticate against this registry"
|
|
RegistryCreateResponse:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Id of the registry"
|
|
RegistryListResponse:
|
|
type: "array"
|
|
items:
|
|
$ref: "#/definitions/Registry"
|
|
RegistryUpdateRequest:
|
|
type: "object"
|
|
required:
|
|
- "Name"
|
|
- "URL"
|
|
properties:
|
|
Name:
|
|
type: "string"
|
|
example: "my-registry"
|
|
description: "Name that will be used to identify this registry"
|
|
URL:
|
|
type: "string"
|
|
example: "registry.mydomain.tld:2375"
|
|
description: "URL or IP address of the Docker registry"
|
|
Authentication:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Is authentication against this registry enabled"
|
|
Username:
|
|
type: "string"
|
|
example: "registry_user"
|
|
description: "Username used to authenticate against this registry"
|
|
Password:
|
|
type: "string"
|
|
example: "registry_password"
|
|
description: "Password used to authenticate against this registry"
|
|
RegistryAccessUpdateRequest:
|
|
type: "object"
|
|
properties:
|
|
AuthorizedUsers:
|
|
type: "array"
|
|
description: "List of user identifiers authorized to use thi registry"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User identifier"
|
|
AuthorizedTeams:
|
|
type: "array"
|
|
description: "List of team identifiers authorized to use thi registry"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Team identifier"
|
|
ResourceControlCreateRequest:
|
|
type: "object"
|
|
required:
|
|
- "ResourceID"
|
|
- "Type"
|
|
properties:
|
|
ResourceID:
|
|
type: "string"
|
|
example: "617c5f22bb9b023d6daab7cba43a57576f83492867bc767d1c59416b065e5f08"
|
|
description: "Docker resource identifier on which access control will be applied"
|
|
Type:
|
|
type: "string"
|
|
example: "container"
|
|
description: "Type of Docker resource. Valid values are: container, volume\
|
|
\ or service"
|
|
AdministratorsOnly:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Restrict access to the associated resource to administrators\
|
|
\ only"
|
|
Users:
|
|
type: "array"
|
|
description: "List of user identifiers with access to the associated resource"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User identifier"
|
|
Teams:
|
|
type: "array"
|
|
description: "List of team identifiers with access to the associated resource"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Team identifier"
|
|
SubResourceIDs:
|
|
type: "array"
|
|
description: "List of Docker resources that will inherit this access control"
|
|
items:
|
|
type: "string"
|
|
example: "617c5f22bb9b023d6daab7cba43a57576f83492867bc767d1c59416b065e5f08"
|
|
description: "Docker resource identifier"
|
|
ResourceControlUpdateRequest:
|
|
type: "object"
|
|
properties:
|
|
AdministratorsOnly:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Restrict access to the associated resource to administrators\
|
|
\ only"
|
|
Users:
|
|
type: "array"
|
|
description: "List of user identifiers with access to the associated resource"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User identifier"
|
|
Teams:
|
|
type: "array"
|
|
description: "List of team identifiers with access to the associated resource"
|
|
items:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Team identifier"
|
|
SettingsUpdateRequest:
|
|
type: "object"
|
|
required:
|
|
- "TemplatesURL"
|
|
- "AuthenticationMethod"
|
|
properties:
|
|
TemplatesURL:
|
|
type: "string"
|
|
example: "https://raw.githubusercontent.com/portainer/templates/master/templates.json"
|
|
description: "URL to the templates that will be displayed in the UI when navigating\
|
|
\ to App Templates"
|
|
LogoURL:
|
|
type: "string"
|
|
example: "https://mycompany.mydomain.tld/logo.png"
|
|
description: "URL to a logo that will be displayed on the login page as well\
|
|
\ as on top of the sidebar. Will use default Portainer logo when value is\
|
|
\ empty string"
|
|
BlackListedLabels:
|
|
type: "array"
|
|
description: "A list of label name & value that will be used to hide containers\
|
|
\ when querying containers"
|
|
items:
|
|
$ref: "#/definitions/Settings_BlackListedLabels"
|
|
DisplayDonationHeader:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Whether to display or not the donation message in the header."
|
|
DisplayExternalContributors:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Whether to display or not external templates contributions as\
|
|
\ sub-menus in the UI."
|
|
AuthenticationMethod:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Active authentication method for the Portainer instance. Valid values are: 1 for managed or 2 for LDAP."
|
|
LDAPSettings:
|
|
$ref: "#/definitions/LDAPSettings"
|
|
AllowBindMountsForRegularUsers:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Whether non-administrator users should be able to use bind mounts when creating containers"
|
|
AllowPrivilegedModeForRegularUsers:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Whether non-administrator users should be able to use privileged mode when creating containers"
|
|
UserCreateRequest:
|
|
type: "object"
|
|
required:
|
|
- "Password"
|
|
- "Role"
|
|
- "Username"
|
|
properties:
|
|
Username:
|
|
type: "string"
|
|
example: "bob"
|
|
description: "Username"
|
|
Password:
|
|
type: "string"
|
|
example: "cg9Wgky3"
|
|
description: "Password"
|
|
Role:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User role (1 for administrator account and 2 for regular account)"
|
|
UserCreateResponse:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Id of the user"
|
|
UserListResponse:
|
|
type: "array"
|
|
items:
|
|
$ref: "#/definitions/User"
|
|
UserUpdateRequest:
|
|
type: "object"
|
|
properties:
|
|
Password:
|
|
type: "string"
|
|
example: "cg9Wgky3"
|
|
description: "Password"
|
|
Role:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User role (1 for administrator account and 2 for regular account)"
|
|
UserMembershipsResponse:
|
|
type: "array"
|
|
items:
|
|
$ref: "#/definitions/TeamMembership"
|
|
UserPasswordCheckRequest:
|
|
type: "object"
|
|
required:
|
|
- "Password"
|
|
properties:
|
|
Password:
|
|
type: "string"
|
|
example: "cg9Wgky3"
|
|
description: "Password"
|
|
UserPasswordCheckResponse:
|
|
type: "object"
|
|
properties:
|
|
valid:
|
|
type: "boolean"
|
|
example: true
|
|
description: "Is the password valid"
|
|
TeamCreateRequest:
|
|
type: "object"
|
|
required:
|
|
- "Name"
|
|
properties:
|
|
Name:
|
|
type: "string"
|
|
example: "developers"
|
|
description: "Name"
|
|
TeamCreateResponse:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Id of the team"
|
|
TeamListResponse:
|
|
type: "array"
|
|
items:
|
|
$ref: "#/definitions/Team"
|
|
TeamUpdateRequest:
|
|
type: "object"
|
|
required:
|
|
- "Name"
|
|
properties:
|
|
Name:
|
|
type: "string"
|
|
example: "developers"
|
|
description: "Name"
|
|
TeamMembershipsResponse:
|
|
type: "array"
|
|
items:
|
|
$ref: "#/definitions/TeamMembership"
|
|
|
|
TeamMembershipCreateRequest:
|
|
type: "object"
|
|
required:
|
|
- "UserID"
|
|
- "TeamID"
|
|
- "Role"
|
|
properties:
|
|
UserID:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User identifier"
|
|
TeamID:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Team identifier"
|
|
Role:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Role for the user inside the team (1 for leader and 2 for regular member)"
|
|
TeamMembershipCreateResponse:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Id of the team membership"
|
|
TeamMembershipListResponse:
|
|
type: "array"
|
|
items:
|
|
$ref: "#/definitions/TeamMembership"
|
|
TeamMembershipUpdateRequest:
|
|
type: "object"
|
|
required:
|
|
- "UserID"
|
|
- "TeamID"
|
|
- "Role"
|
|
properties:
|
|
UserID:
|
|
type: "integer"
|
|
example: 1
|
|
description: "User identifier"
|
|
TeamID:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Team identifier"
|
|
Role:
|
|
type: "integer"
|
|
example: 1
|
|
description: "Role for the user inside the team (1 for leader and 2 for regular member)"
|
|
SettingsLDAPCheckRequest:
|
|
type: "object"
|
|
properties:
|
|
LDAPSettings:
|
|
$ref: "#/definitions/LDAPSettings"
|
|
UserAdminInitRequest:
|
|
type: "object"
|
|
properties:
|
|
Username:
|
|
type: "string"
|
|
example: "admin"
|
|
description: "Username for the admin user"
|
|
Password:
|
|
type: "string"
|
|
example: "admin-password"
|
|
description: "Password for the admin user"
|
|
TemplateListResponse:
|
|
type: "array"
|
|
items:
|
|
$ref: "#/definitions/Template"
|
|
Template:
|
|
type: "object"
|
|
properties:
|
|
title:
|
|
type: "string"
|
|
example: "Nginx"
|
|
description: "Title of the template"
|
|
description:
|
|
type: "string"
|
|
example: "High performance web server"
|
|
description: "Description of the template"
|
|
logo:
|
|
type: "string"
|
|
example: "https://cloudinovasi.id/assets/img/logos/nginx.png"
|
|
description: "URL of the template's logo"
|
|
image:
|
|
type: "string"
|
|
example: "nginx:latest"
|
|
description: "The Docker image associated to the template"
|
|
StackCreateRequest:
|
|
type: "object"
|
|
required:
|
|
- "Name"
|
|
- "SwarmID"
|
|
properties:
|
|
Name:
|
|
type: "string"
|
|
example: "myStack"
|
|
description: "Name of the stack"
|
|
SwarmID:
|
|
type: "string"
|
|
example: "jpofkc0i9uo9wtx1zesuk649w"
|
|
description: "Cluster identifier of the Swarm cluster"
|
|
StackFileContent:
|
|
type: "string"
|
|
example: "version: 3\n services:\n web:\n image:nginx"
|
|
description: "Content of the Stack file. Required when using the 'string' deployment method."
|
|
GitRepository:
|
|
type: "string"
|
|
example: "https://github.com/openfaas/faas"
|
|
description: "URL of a public Git repository hosting the Stack file. Required when using the 'repository' deployment method."
|
|
PathInRepository:
|
|
type: "string"
|
|
example: "docker-compose.yml"
|
|
description: "Path to the Stack file inside the Git repository. Required when using the 'repository' deployment method."
|
|
Env:
|
|
type: "array"
|
|
description: "A list of environment variables used during stack deployment"
|
|
items:
|
|
$ref: "#/definitions/Stack_Env"
|
|
Stack_Env:
|
|
properties:
|
|
name:
|
|
type: "string"
|
|
example: "MYSQL_ROOT_PASSWORD"
|
|
value:
|
|
type: "string"
|
|
example: "password"
|
|
StackCreateResponse:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "string"
|
|
example: "myStack_jpofkc0i9uo9wtx1zesuk649w"
|
|
description: "Id of the stack"
|
|
StackListResponse:
|
|
type: "array"
|
|
items:
|
|
$ref: "#/definitions/Stack"
|
|
Stack:
|
|
type: "object"
|
|
properties:
|
|
Id:
|
|
type: "string"
|
|
example: "myStack_jpofkc0i9uo9wtx1zesuk649w"
|
|
description: "Stack identifier"
|
|
Name:
|
|
type: "string"
|
|
example: "myStack"
|
|
description: "Stack name"
|
|
EntryPoint:
|
|
type: "string"
|
|
example: "docker-compose.yml"
|
|
description: "Path to the Stack file"
|
|
SwarmID:
|
|
type: "string"
|
|
example: "jpofkc0i9uo9wtx1zesuk649w"
|
|
description: "Cluster identifier of the Swarm cluster where the stack is deployed"
|
|
ProjectPath:
|
|
type: "string"
|
|
example: "/data/compose/myStack_jpofkc0i9uo9wtx1zesuk649w"
|
|
description: "Path on disk to the repository hosting the Stack file"
|
|
Env:
|
|
type: "array"
|
|
description: "A list of environment variables used during stack deployment"
|
|
items:
|
|
$ref: "#/definitions/Stack_Env"
|
|
StackUpdateRequest:
|
|
type: "object"
|
|
properties:
|
|
StackFileContent:
|
|
type: "string"
|
|
example: "version: 3\n services:\n web:\n image:nginx"
|
|
description: "New content of the Stack file."
|
|
Env:
|
|
type: "array"
|
|
description: "A list of environment variables used during stack deployment"
|
|
items:
|
|
$ref: "#/definitions/Stack_Env"
|
|
Prune:
|
|
type: "boolean"
|
|
example: false
|
|
description: "Prune services that are no longer referenced"
|
|
StackFileInspectResponse:
|
|
type: "object"
|
|
properties:
|
|
StackFileContent:
|
|
type: "string"
|
|
example: "version: 3\n services:\n web:\n image:nginx"
|
|
description: "Content of the Stack file."
|