Platform Admin API

note

Read this page in wide view mode from here

• Core
  • patchUpdate the status of a hook
  • postRegister a Tech Adapter
  • postExchange an access token for a short-lived JWT

API docs by Redocly

Core API (0.1.0)

The Core API serves as the central point for interacting with Witboost.

Core

Update the status of a hook

Witboost Hooks model third-party approval workflows.

Hooks are used, for instance, to model the Access Control workflow, where an Data Consumer asks access to a Data Owner. In case an Access Control request is forwarded to third-party ticketing systems, this endpoint helps Witboost understand whether the request is still pending, completed or rejected/failed.

In general, outside of the Access Control workflow, this endpoint is used to update the status of a hook, so that the Witboost platform knows how to proceed with a pending request.

path Parameters

id required

string Request ID as provided by the Witboost platform in the respondToUrl field.

Request Body schema: application/json

required

A resource to be evaluated

One of

status required	string (RequestedHookState) Enum: "KO" "OK" Represents the desired state of the hook. OK means the third-party interaction has been completed with a positive result, KO on the other hand can be used to represent a negative result. If the hook is attached to an action, signaling KO could prevent the action's callback to be invoked
hookInfo	object A free-form object that will be stored as the hook's response data

Responses

https://docs.witboost.com/api/actionHandler/hooks/{id}

Request samples

• Payload

Content type

application/json

Example

acceptrejectacceptWithTrackingaccept

{

• "status": "OK",
• "hookInfo": {

  • "message": "The request has been accepted on the external system"

  }

}

Response samples

• 200
• 404
• 409
• 500

Content type

application/json

Example

acceptedrejectedaccepted

{

• "hookId": "34797dd1-1f25-48b0-89c7-14d2ce04a78b",
• "hookName": "RemoteRequestHook",
• "actionId": "0298b78f-4d77-45f7-a7a4-f16278144141",
• "actionName": "AccessControlAction",
• "creationAt": "2021-09-01T12:00:00Z",
• "updateAt": "2021-09-01T12:00:00Z",
• "status": "OK"

}

Register a Tech Adapter

This endpoint is used to register the Technology Adapter's URL and link it to the infrastructureTemplateId.

After deploying a new Technology Adapter into the infrastructure, all the components with a your chosen infrastructureTemplateId should invoke said microservice.

To do so, we need to link the infrastructureTemplateId with the Technology Adapter's URL where the microservice is located. Make sure the URL is reachable by the Witboost platform.

Request Body schema: application/json

required

id required	string Unique identifier of the Technology Adapter, in the form of a Witboost's URN, like "urn:dmb:itm:snowflake-outputport-provisioner:0"
name required	string Name of the Technology Adapter, like "Snowflake Output Port"
description required	string A description that explains the purpose of the Technology Adapter
version required	string The Technology Adapter's version, like "0". This version must be ALWAYS equal to the version defined in the URN identifier (the last section of the URN identifier after the last ":")
url required	string The URL of the Technology Adapter, like "http://my-tech-adapter:8093/snowflake-outputport-provisioner". This URL must be reachable from the provisioning coordinator (from a pod in the Kubernetes cluster where the provisioning coordinator is running)
environment required	string The environment where the Technology Adapter is running, like "production". The environment here must be one of the environments configured for the Builder module of Witboost.
	object (InfraTemplateProperties) Additional infrastructure template properties

Responses

https://docs.witboost.com/api/builder/register

Request samples

• Payload

Content type

application/json

Example

Snowflake Output PortData Contract GuardianSnowflake Output Port

{

• "id": "urn:dmb:itm:snowflake-outputport-provisioner:0",
• "name": "Snowflake Output Port",
• "description": "Provisions a Snowflake Output Port",
• "version": "0",
• "url": "http://my-tech-adapter:8093/snowflake-outputport-provisioner",
• "environment": "production"

}

Response samples

• 200
• 500

Content type

application/json

"OK"

Exchange an access token for a short-lived JWT

Exchanges a Witboost access token for a short-lived JWT to authenticate API calls.

Rules:

• duration_seconds cannot exceed the remaining lifetime of the access token. If it does, the request is rejected.
• If duration_seconds is not provided, a default duration is used (configured by backend.auth.shortLivedTokendurationSeconds, default: 5 minutes).
• The scope field accepts a space-separated list of scopes (e.g., scope1 scope2 scope3).

Request Body schema: application/json

required

access_token required	string The Witboost access token to exchange
duration_seconds	integer >= 1 Lifetime of the generated JWT in seconds. If omitted, the backend default is used (configured by backend.auth.shortLivedTokenduration_seconds, default: 5 minutes)
scope	string Space-separated list of scopes for the generated JWT

Responses

https://docs.witboost.com/api/auth/access-tokens/jwt

Request samples

• Payload

Content type

application/json

{

• "access_token": "wbat-YY4BMWsHE-tRQ5ZH5HWop_0AjukY4wOPOrx",
• "duration_seconds": 3600,
• "scope": "scope-1 scope-2 scope-3"

}

Response samples

• 200
• 500

Content type

application/json

{

• "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

}