openAPI-3-schema.yaml

Reference for the openAPI-3-schema.yaml

Security Designer REST API Controller
 1.0.0 
OAS3

/openapi/developer-tier/security-designer/openAPI-3-schema.yaml

Security Designer (SD) REST API definitions for domain models, user system models and usage by other applications.
For loading of the entire model, first send a models/{modelId} GET request to find the loadingId, and then use this ID in a /models/{modelId}/{loadingId}/loadingprogress GET request.

Servers

Authentication

Available authentication methods of API Controller.

POST​/auth
Send a request to authenticate user, returning a cookie.

Models

Includes all operations of the Model Controller Service.

GET​/models
Returns a list of models for the user.
POST​/models
Send a request to create a new blank model for the user
POST​/models​/import
Import a model model in .nq.gz or .nq format. returns list of models for the user
GET​/models​/{modelId}
Return the model info for the given ID.
PUT​/models​/{modelId}
Update a model given the model parameters and ID.
DELETE​/models​/{modelId}
Delete the model given the ID.
GET​/models​/{modelId}​/{loadingId}​/loadingprogress
Get an update on loading the model given the ID and loadingID of the model.
GET​/models​/{modelId}​/export
Return an export of the model in .nq.gz format.
GET​/models​/{modelId}​/exportAsserted
Return an export of model excluding inferred assets, relations, controls etc... in .nq.gz format.
GET​/models​/{modelId}​/palette
Return the palette available for the model given the ID of the model.
GET​/models​/{modelId}​/issues
Get a list of issues for the model.

Risk

Requests that can operate on the risk calculation procedure.

GET​/models​/{modelId}​/calc_risks
Initiate a risk calculation operation for the model given the ID of the model.
GET​/models​/{modelId}​/riskcalcprogress
Get an update on the risk calculation operation running the model given the ID of the model.

Validation

Requests that can operate on the validation procedure.

GET​/models​/{modelId}​/validated
Initiate a validation operation for the model given the ID of the model.
GET​/models​/{modelId}​/validationprogress
Get an update on the validation operation running the model given the ID of the model.

Relations

Includes all operations possible on Relations between Assets.

GET​/models​/{modelId}​/relations
Get a list of Relation present in the model.
POST​/models​/{modelId}​/relations
Submit a new relation to be created.
GET​/models​/{modelId}​/relations​/{relationId}
Get information about a relation.
PUT​/models​/{modelId}​/relations​/{relationId}
Update information about a relation.
DELETE​/models​/{modelId}​/relations​/{relationId}
Delete a relation given the model and relation IDs.

Assets

Includes all operations possible on Assets.

GET​/models​/{modelId}​/assets
Get a list of all assets.
POST​/models​/{modelId}​/assets
Post a new asset to be created.
GET​/models​/{modelId}​/assets​/{assetId}
Get extended information beloning to an asset, given its ID.
DELETE​/models​/{modelId}​/assets​/{assetId}
Delete the asset from the model.
PUT​/models​/{modelId}​/assets​/{assetId}​/twas
Update Trustworthiness Assignment for an asset. Used mainly in the Trustworthiness assignment operations.
GET​/models​/{modelId}​/assets​/{assetId}​/meta
Get all metadata pairs associated with a single asset in a model.
DELETE​/models​/{modelId}​/assets​/{assetId}​/meta
Delete all metadata associated with a single asset
GET​/models​/{modelId}​/assets​/meta
Query assets by their metadata. A query is constructed from a list of metadata pairs. Each asset returned will have (in its metadata) at least one of the specified values for each specified key
PUT​/models​/{modelId}​/assets​/meta
Replace all metadata on an asset.
PATCH​/models​/{modelId}​/assets​/meta
Add metadata on an asset.
PUT​/models​/{modelId}​/assets​/updateLocations
Update location for a set of assets. Used mainly by the Canvas user operaitons.

Threats and Controls

Includes all operations regarding the threats and their controls within the model.

PUT​/models​/{modelId}​/assets​/{assetId}​/control
Update a control for an asset. Used mainly in the control set operations.
GET​/models​/{modelId}​/assets​/{assetId}​/controls_and_threats
Receive all controls and threats for a single asset. Can be used for more compact model information retrieval.
PUT​/models​/{modelId}​/assets​/controls
Update controls for all assets. Used mainly in the control strategy operations.
GET​/models​/{modelId}​/threats
Find the list of threats available for the model.
PUT​/models​/{modelId}​/misbehaviours​/{misbehaviourId}​/impact
Update impact information about a misbehaviour associated with a threat.

Report

GET​/models​/{modelId}​/report
Get a JSON report for the model

Schemas

Issue
RelationAdditional
Parent
ComplianceSet
MisbehaviourSet
Node
Risk
LinkURIs
AssetAdditional
ControlStrategy
AssetLocation
Relation
Cause
Asset
ModelProgress
Pattern
Progress
Error
ControlSet
LinkIssue
AssetTemplate
Model
Level
AssetDomainTemplate
Threat
TrustworthinessAssignment
MetadataPair
Report
Last modified March 1, 2021