Attestations

Update attestation

post

Updates an existing attestation record

Body
createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

uuidstringRequired

Workload Identifier, generated by the plugin

Responses
200
Attestation updated successfully
application/json
post
POST /v1/auth/ratls/attestations HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 170

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1,
  "uuid": "text"
}
{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Create attestation

put

Creates a new attestation record for a workload

Body
descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

policystringRequired

Policy for this workload

Responses
200
Attestation created successfully
application/json
put
PUT /v1/auth/ratls/attestations HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 87

{
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "policy": "text"
}
{
  "request_id": "text",
  "lease_id": "text",
  "renewable": true,
  "lease_duration": 1,
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "updated": 1,
    "uuid": "123e4567-e89b-12d3-a456-426614174000"
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

List all attestations

get

Retrieves a list of all attestation records

Query parameters
liststring · enumRequired

Must be set to 'true' to retrieve the list

Possible values:
Responses
200
Attestation list retrieved successfully
application/json
get
GET /v1/auth/ratls/attestations/ HTTP/1.1
Host: localhost:8200
Accept: */*
200

Attestation list retrieved successfully

{
  "auth": {},
  "data": {
    "keys": [
      {}
    ]
  }
}

Get attestation details

get

Retrieves detailed information about a specific attestation

Path parameters
uuidstring · uuidRequired

Unique workload identifier (must be valid UUID format)

Responses
200
Attestation details retrieved successfully
application/json
get
GET /v1/auth/ratls/attestations/{uuid} HTTP/1.1
Host: localhost:8200
Accept: */*
{
  "request_id": "text",
  "lease_id": "text",
  "renewable": true,
  "lease_duration": 1,
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "updated": 1,
    "uuid": "123e4567-e89b-12d3-a456-426614174000"
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Delete attestation

delete

Removes a specific attestation record

Path parameters
uuidstring · uuidRequired

Unique workload identifier (must be valid UUID format)

Responses
200
Attestation deleted successfully
application/json
delete
DELETE /v1/auth/ratls/attestations/{uuid} HTTP/1.1
Host: localhost:8200
Accept: */*
{
  "request_id": "text",
  "lease_id": "text",
  "renewable": true,
  "lease_duration": 1,
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "updated": 1,
    "uuid": "123e4567-e89b-12d3-a456-426614174000"
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Update attestation nonce

post

Updates the nonce value for a specific attestation

Path parameters
uuidstringRequired

Unique workload identifier

Body
createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

Responses
200
Nonce updated successfully
application/json
post
POST /v1/auth/ratls/attestations/{uuid}/nonce HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 156

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1
}
{
  "request_id": "text",
  "lease_id": "text",
  "renewable": true,
  "lease_duration": 1,
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "updated": 1,
    "uuid": "123e4567-e89b-12d3-a456-426614174000"
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Submit or verify attestation report

post

Submits a new attestation report or verifies an existing one

Path parameters
uuidstring · uuidRequired

Unique workload identifier (must be valid UUID format)

Body
reportstring · base64Required

Base64 encoded report data

Responses
200
Report processed successfully
application/json
post
POST /v1/auth/ratls/attestations/{uuid}/report HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 17

{
  "report": "text"
}
{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Was this helpful?