Attestations

Last updated 5 months ago

Was this helpful?

Create attestation

put

/v1/auth/ratls/attestations

Body

createdinteger · int64required

Creation timestamp, set by the plugin

descriptionstringrequired

Description for this workload

eventsstringrequired

A URL to a webhook that is called with the attestation result

namestringrequired

Name for this workload

namespacestringrequired

The target namespace for the auth token after verification

noncestringrequired

Nonce for the report

policystringrequired

Policy for this workload

reportstring

Request only. The report to verify, encoded as base64

totpstring

Request only. The update totp for the policy of the workload

updatedinteger · int64required

Update timestamp, set by the plugin whenever a change is made to the workload

uuidstringrequired

Workload Identifier, generated by the plugin

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url '/v1/auth/ratls/attestations' \
  --header 'Content-Type: application/json' \
  --data '{"created":1,"description":"text","events":"text","name":"text","namespace":"text","nonce":"text","policy":"text","updated":1,"uuid":"text"}'

200

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Update attestation

post

/v1/auth/ratls/attestations

Body

createdinteger · int64required

Creation timestamp, set by the plugin

descriptionstringrequired

Description for this workload

eventsstringrequired

A URL to a webhook that is called with the attestation result

namestringrequired

Name for this workload

namespacestringrequired

The target namespace for the auth token after verification

noncestringrequired

Nonce for the report

policystringrequired

Policy for this workload

reportstring

Request only. The report to verify, encoded as base64

totpstring

Request only. The update totp for the policy of the workload

updatedinteger · int64required

Update timestamp, set by the plugin whenever a change is made to the workload

uuidstringrequired

Workload Identifier, generated by the plugin

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '/v1/auth/ratls/attestations' \
  --header 'Content-Type: application/json' \
  --data '{"created":1,"description":"text","events":"text","name":"text","namespace":"text","nonce":"text","policy":"text","updated":1,"uuid":"text"}'

200

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

List attestations

get

/v1/auth/ratls/attestations/

Query parameters

liststring · enumrequired

Must be set to true

Options: true

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --url '/v1/auth/ratls/attestations/?list=true'

200

{
  "auth": {},
  "data": {
    "keys": []
  }
}

Read attestation

get

/v1/auth/ratls/attestations/{uuid}

Path parameters

uuidstringrequired

Workload Identifier, generated by the plugin

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --url '/v1/auth/ratls/attestations/{uuid}'

200

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Delete attestation

delete

/v1/auth/ratls/attestations/{uuid}

Path parameters

uuidstringrequired

Workload Identifier, generated by the plugin

Responses

cURL

JavaScript

Python

HTTP

curl -L \
  --request DELETE \
  --url '/v1/auth/ratls/attestations/{uuid}'

200

No body

Update nonce

post

/v1/auth/ratls/attestations/{uuid}/nonce

Path parameters

uuidstringrequired

Workload Identifier, generated by the plugin

Body

createdinteger · int64required

Creation timestamp, set by the plugin

descriptionstringrequired

Description for this workload

eventsstringrequired

A URL to a webhook that is called with the attestation result

namestringrequired

Name for this workload

namespacestringrequired

The target namespace for the auth token after verification

noncestringrequired

Nonce for the report

policystringrequired

Policy for this workload

reportstring

Request only. The report to verify, encoded as base64

totpstring

Request only. The update totp for the policy of the workload

updatedinteger · int64required

Update timestamp, set by the plugin whenever a change is made to the workload

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '/v1/auth/ratls/attestations/{uuid}/nonce' \
  --header 'Content-Type: application/json' \
  --data '{"created":1,"description":"text","events":"text","name":"text","namespace":"text","nonce":"text","policy":"text","updated":1}'

200

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Write or verify report

post

/v1/auth/ratls/attestations/{uuid}/report

Path parameters

uuidstringrequired

Workload Identifier, generated by the plugin

Body

createdinteger · int64required

Creation timestamp, set by the plugin

descriptionstringrequired

Description for this workload

eventsstringrequired

A URL to a webhook that is called with the attestation result

namestringrequired

Name for this workload

namespacestringrequired

The target namespace for the auth token after verification

noncestringrequired

Nonce for the report

policystringrequired

Policy for this workload

reportstring

Request only. The report to verify, encoded as base64

totpstring

Request only. The update totp for the policy of the workload

updatedinteger · int64required

Update timestamp, set by the plugin whenever a change is made to the workload

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '/v1/auth/ratls/attestations/{uuid}/report' \
  --header 'Content-Type: application/json' \
  --data '{"created":1,"description":"text","events":"text","name":"text","namespace":"text","nonce":"text","policy":"text","updated":1}'

200

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}