Attestations

Last updated 7 months ago

Was this helpful?

List attestations

get

Query parameters

liststring · enumRequired

Must be set to true

Possible values:

Responses

get

GET /v1/auth/ratls/attestations/?list=true HTTP/1.1
Host: 
Accept: */*

200

{
  "auth": {},
  "data": {
    "keys": [
      {}
    ]
  }
}

Read attestation

get

Path parameters

uuidstringRequired

Workload Identifier, generated by the plugin

Responses

get

GET /v1/auth/ratls/attestations/{uuid} HTTP/1.1
Host: 
Accept: */*

200

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Delete attestation

delete

Path parameters

uuidstringRequired

Workload Identifier, generated by the plugin

Responses

delete

DELETE /v1/auth/ratls/attestations/{uuid} HTTP/1.1
Host: 
Accept: */*

200

No content

Create attestation

put

Body

createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

uuidstringRequired

Workload Identifier, generated by the plugin

Responses

put

PUT /v1/auth/ratls/attestations HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 170

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1,
  "uuid": "text"
}

200

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Update attestation

post

Body

createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

uuidstringRequired

Workload Identifier, generated by the plugin

Responses

post

POST /v1/auth/ratls/attestations HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 170

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1,
  "uuid": "text"
}

200

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Update nonce

post

Path parameters

uuidstringRequired

Workload Identifier, generated by the plugin

Body

createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

Responses

post

POST /v1/auth/ratls/attestations/{uuid}/nonce HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 156

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1
}

200

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Write or verify report

post

Path parameters

uuidstringRequired

Workload Identifier, generated by the plugin

Body

createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

Responses

post

POST /v1/auth/ratls/attestations/{uuid}/report HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 156

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1
}

200

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}