Nitride
HomeDocumentationTutorials
  • Nitride
  • Documentation
    • What is Nitride?
    • Use Cases
    • Setup
      • Install Nitride
      • Configure
    • Get Started
      • Attesting a MariaDB database with Cloud-Init
    • Concepts
      • Attestation
        • AMD SEV PKI
        • Intel TDX PKI
      • enclaivelet
    • Supported Technologies
  • Tutorials
    • Create identities and policies
    • Attesting a buckypaper VM
  • Developers
    • API
      • Overview
      • Identities
      • Policies
      • Totp
      • Attestations
      • Logs
      • Config
      • Annotations
  • CLI
    • Enable Auth
    • Register Identities
    • Create Policy
    • Create Attestation
    • Enable Namespacing
  • Resources
    • Blog
    • GitHub
    • Youtube
    • CCx101
Powered by GitBook
On this page

Was this helpful?

  1. Developers
  2. API

Attestations

Last updated 7 months ago

Was this helpful?

List attestations

get
Query parameters
liststring · enumRequired

Must be set to true

Possible values:
Responses
200
OK
application/json
get
GET /v1/auth/ratls/attestations/?list=true HTTP/1.1
Host: 
Accept: */*
200

OK

{
  "auth": {},
  "data": {
    "keys": [
      {}
    ]
  }
}

Read attestation

get
Path parameters
uuidstringRequired

Workload Identifier, generated by the plugin

Responses
200
OK
application/json
get
GET /v1/auth/ratls/attestations/{uuid} HTTP/1.1
Host: 
Accept: */*
200

OK

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Delete attestation

delete
Path parameters
uuidstringRequired

Workload Identifier, generated by the plugin

Responses
200
OK
delete
DELETE /v1/auth/ratls/attestations/{uuid} HTTP/1.1
Host: 
Accept: */*
200

OK

No content

  • PUTCreate attestation
  • POSTUpdate attestation
  • GETList attestations
  • GETRead attestation
  • DELETEDelete attestation
  • POSTUpdate nonce
  • POSTWrite or verify report

Create attestation

put
Body
createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

uuidstringRequired

Workload Identifier, generated by the plugin

Responses
200
OK
application/json
put
PUT /v1/auth/ratls/attestations HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 170

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1,
  "uuid": "text"
}
200

OK

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Update attestation

post
Body
createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

uuidstringRequired

Workload Identifier, generated by the plugin

Responses
200
OK
application/json
post
POST /v1/auth/ratls/attestations HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 170

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1,
  "uuid": "text"
}
200

OK

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Update nonce

post
Path parameters
uuidstringRequired

Workload Identifier, generated by the plugin

Body
createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

Responses
200
OK
application/json
post
POST /v1/auth/ratls/attestations/{uuid}/nonce HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 156

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1
}
200

OK

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}

Write or verify report

post
Path parameters
uuidstringRequired

Workload Identifier, generated by the plugin

Body
createdinteger · int64Required

Creation timestamp, set by the plugin

descriptionstringRequired

Description for this workload

eventsstringRequired

A URL to a webhook that is called with the attestation result

namestringRequired

Name for this workload

namespacestringRequired

The target namespace for the auth token after verification

noncestringRequired

Nonce for the report

policystringRequired

Policy for this workload

reportstringOptional

Request only. The report to verify, encoded as base64

totpstringOptional

Request only. The update totp for the policy of the workload

updatedinteger · int64Required

Update timestamp, set by the plugin whenever a change is made to the workload

Responses
200
OK
application/json
post
POST /v1/auth/ratls/attestations/{uuid}/report HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 156

{
  "created": 1,
  "description": "text",
  "events": "text",
  "name": "text",
  "namespace": "text",
  "nonce": "text",
  "policy": "text",
  "report": "text",
  "totp": "text",
  "updated": 1
}
200

OK

{
  "auth": {},
  "data": {
    "created": 1,
    "description": "text",
    "events": "text",
    "name": "text",
    "namespace": "text",
    "nonce": "text",
    "policy": "text",
    "report": "text",
    "totp": "text",
    "updated": 1,
    "uuid": "text"
  }
}