Attestations | Nitride

Nitride

Documentation Tutorials

List all attestations

get

Retrieves a list of all attestation records

Query parameters

liststring · enumRequired

Must be set to 'true' to retrieve the list

Possible values:

Responses

200

Attestation list retrieved successfully

application/json

get

GET /v1/auth/ratls/attestations/ HTTP/1.1
Host: localhost:8200
Accept: */*

200

Attestation list retrieved successfully

{
  "auth": {},
  "data": {
    "keys": [
      {}
    ]
  }
}

Get attestation details

get

Retrieves detailed information about a specific attestation

Path parameters

uuidstring · uuidRequired

Unique workload identifier (must be valid UUID format)

Responses

200

Attestation details retrieved successfully

application/json

400

Invalid UUID format or attestation not found

application/json

get

GET /v1/auth/ratls/attestations/{uuid} HTTP/1.1
Host: localhost:8200
Accept: */*

{
  "request_id": "text",
  "lease_id": "text",
  "renewable": true,
  "lease_duration": 1,
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "updated": 1,
    "uuid": "123e4567-e89b-12d3-a456-426614174000"
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Delete attestation

delete

Removes a specific attestation record

Path parameters

uuidstring · uuidRequired

Unique workload identifier (must be valid UUID format)

Responses

200

Attestation deleted successfully

application/json

400

Invalid UUID format or attestation not found

application/json

delete

DELETE /v1/auth/ratls/attestations/{uuid} HTTP/1.1
Host: localhost:8200
Accept: */*

{
  "request_id": "text",
  "lease_id": "text",
  "renewable": true,
  "lease_duration": 1,
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "updated": 1,
    "uuid": "123e4567-e89b-12d3-a456-426614174000"
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Update attestation

post

Updates an existing attestation record

Body

createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

uuidstringRequired

Workload Identifier, generated by the plugin

Responses

200

Attestation updated successfully

application/json

400

Invalid request body

404

Attestation not found

post

POST /v1/auth/ratls/attestations HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 170

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1,
  "uuid": "text"
}

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Create attestation

put

Creates a new attestation record for a workload

Body

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

policystringRequired

Policy for this workload

Responses

200

Attestation created successfully

application/json

400

Invalid request body

put

PUT /v1/auth/ratls/attestations HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 87

{
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "policy": "text"
}

{
  "request_id": "text",
  "lease_id": "text",
  "renewable": true,
  "lease_duration": 1,
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "updated": 1,
    "uuid": "123e4567-e89b-12d3-a456-426614174000"
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Update attestation nonce

post

Updates the nonce value for a specific attestation

Path parameters

uuidstringRequired

Unique workload identifier

Body

createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

Responses

200

Nonce updated successfully

application/json

400

Invalid request body

404

Attestation not found

post

POST /v1/auth/ratls/attestations/{uuid}/nonce HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 156

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1
}

{
  "request_id": "text",
  "lease_id": "text",
  "renewable": true,
  "lease_duration": 1,
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "updated": 1,
    "uuid": "123e4567-e89b-12d3-a456-426614174000"
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Submit or verify attestation report

post

Submits a new attestation report or verifies an existing one

Path parameters

uuidstring · uuidRequired

Unique workload identifier (must be valid UUID format)

Body

reportstring · base64Required

Base64 encoded report data

Responses

200

Report processed successfully

application/json

400

Invalid base64 report data or invalid UUID format

application/json

404

Attestation not found

application/json

post

POST /v1/auth/ratls/attestations/{uuid}/report HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 17

{
  "report": "text"
}

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}