--- openapi: 3.1.0 components: schemas: DataEncoding: description: Choice of additional encoding of the data. type: string enum: - NONE - BASE64 ErrorMessage400: type: object properties: error: type: string examples: - Bad request from the client ErrorMessage403: type: object properties: error: type: string examples: - Access is forbidden! ErrorMessage404: type: object properties: error: type: string examples: - No such worker ErrorMessage405: type: object properties: error: type: string examples: - Method not allowed. ErrorMessage406: type: object properties: error: type: string examples: - Not Acceptable ErrorMessage409: type: object properties: error: type: string examples: - Worker already exists. ErrorMessage500: type: object properties: error: type: string examples: - The server were unable to process the request. See server-side logs for more details. ErrorMessage503: type: object properties: error: type: string examples: - Crypto Token not available ListWorkersResponse: description: POJO representing a response listing the workers type: object properties: workers: type: array items: $ref: "#/components/schemas/Worker" description: Workers list. Array with worker ID/name pairs. Empty when no workers available ProcessRequest: description: POJO that represents a process request. type: object required: - data properties: data: type: string description: The input data to be processed (i.e. signed). examples: - 8sobtsfpB9Btr+Roflefznazfk6Tt2BQItpS5szCb9I= encoding: description: Additional encoding of the input data. type: string examples: - BASE64 $ref: "#/components/schemas/DataEncoding" metaData: type: object additionalProperties: type: string description: Additional request metadata for the worker. examples: - USING_CLIENTSUPPLIED_HASH: "true" CLIENTSIDE_HASHDIGESTALGORITHM: SHA256 ProcessResponse: description: POJO that represents a process response. type: object properties: data: type: string description: The resulting data (i.e the signature) in Base64 encoding examples: - MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADALBgkqhkiG9w0BBwGggDCCA5cwggJ/oAMCAQICCDnT2xJUGyYXMA0GCSqGSIb3DQEBCwUAMEwxFjAUBgNVBAMMDURTUyBTdWIgQ0EgMTExEDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAoMClNpZ25TZXJ2ZXIxCzAJBgNVBAYTAlNFMB4XDTE2MDMwMzA4MjUwNFoXDTM2MDIyNzA4MjUwNFowSjEUMBIGA1UEAwwLc2lnbmVyMDAwMDMxEDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAoMClNpZ25TZXJ2ZXIxCzAJBgNVBAYTAlNFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshSqsMIh0tqODzt86L6gvoxriBC542tYgJYP4cq0advJhegThlWihOmc20CDJpiAkc/hHqlzdVvIMghIek9qjd0L10wBfZq61CN4RuF5/w2r4LJZ/LGkRNM7eOcsuO3T6uWKH2CVliHVv+qrLIl/gKXD6rYQkH5IK2lEmoEv0XqstFk/wNpcCodeOxgffjMYYXrJECD2ikGrDqSO7xn83svhp5Bz7H1NtYq0tpwvLs7+oXdBuoTWFBJibSIff+VnmzKDIhhatbMnU7Wae6SYpXz8sawJB1xMDFBBDHFZRPyEgqCjLbZyzFE/xdNHB3rFOA9sjZeoHEo6TI+EP4hfoQIDAQABo38wfTAdBgNVHQ4EFgQUNv1mNy5+7XVJg608r7b0mcAYPGMwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBQcYEFK3pit5dYDiuhmgql+sPIChzAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4IBAQCFIepJAjHNBbOlPksOjbNGHdvBW+UjP/5xOpqt5n9Ug+JQMgoVaxb5ajGSWqniZZFXh3PRPighOW19a9ohgvK5xPQ7iLSNKSjK4BbeHG0mw8IKL5065IiIbqj9qY3YZqx7ZS6mQUfHtenOMRkp+l1iifLz88dgCZezGN7GN2eGj3JARTYxtZcx9Yp6uVjP/lmi4ITkEJ4Gl3lPklqaADO3FIwfFMo39kK9hnqyOAGWSTLgugbrzHRTMl1+/Je3PapryvQa3vkhSnbXDAIJ4JS87tJcjxz8GC9EfqcHOXRTiYqWn8XqnhxqZGU1zLHTJ+n9VEkc55Rm0Vq7uvP1zjhVMIIEfjCCAmagAwIBAgIINRnImL/vDX4wDQYJKoZIhvcNAQELBQAwTTEXMBUGA1UEAwwORFNTIFJvb3QgQ0EgMTAxEDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAoMClNpZ25TZXJ2ZXIxCzAJBgNVBAYTAlNFMB4XDTExMTEwMzIxMzUwOVoXDTM2MDUyNzA4MTQyN1owTDEWMBQGA1UEAwwNRFNTIFN1YiBDQSAxMTEQMA4GA1UECwwHVGVzdGluZzETMBEGA1UECgwKU2lnblNlcnZlcjELMAkGA1UEBhMCU0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg4ovlcxaRM8g3RJrOUrSCH7bJhWnNN54EZ3a4aIAGBYjN7B8+CtnFDNaaC57mCLI5U64vRzYRTbphA5X5XiHsz+eEaHFkwKS+EovvjOWUPzYuReRpyRaDyxEUYfmVqSa3fFa6Vn7vsE8N9mfwyNMT/q56SLuNO7Un2EAgvoTdaMen6UbISg4ONNI7XmhtaDQvBe5+px0NIBCFw5qnvAMUz4nRJcKRZ6QKvRFJPux9R048WSrBfAxkKBPzIiKtkAfeOs3E2anPIDwiaPdWD4AjraFjSfTOVxzNrp0D/+1s3zVvQDBGQoAw8QAUnb3bZS8siY0Oo943j4McSBFI3VHNAgMBAAGjYzBhMB0GA1UdDgQWBBQcYEFK3pit5dYDiuhmgql+sPIChzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFCB6Id7orbsCqPtxWKQJYrnYWAWiMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAMW0jL9WGrV6Hn5ZaNmAu2XPOF25vuiVFCgfmKInFPROkvxIOPBOgAumX43jcL1ATWV6zoRscPxflp5E1C55W5xaxVd4YMuxjZhxZj3qOHbkCjJd5V47nFEiqazgdnFdFE0APpe5/gWhjY5fYc2erS+RnojM//qzeeivd7QD2SC9FJ79cBsclzUgtZ2hdtwaKFFKzxYDkMelJa+SZMBEw1FgF8abynbkga8hFHVvnIsUxrIEGIPxHXC/gvpMpOLu/hAg+p+negdQKnM6HNpl+TmJdaz37fe49mzylS9GwSj+iVPvHy2H9eEL9MuXRGpTRJbzBKLlq3q3Rx5udtZfalN6EcKCr7yTKumF5SjcMPoF1LLYKO70FZ4dSSi3lyMlTThqb0pr4XF0zq/4j8KHiYboomxrG+LVhbqT0x51D1UebOPd8S5VK2l0NEC6xQDqDvuWjveI/wwYXDIWXj/6UzQGvVZ+vKb6DXFUJ9oPw4LD+vFppv90XeIzwzm7EMV3GrzEvfW5rLmCVGgTggPHowPWdNgtFE/n29uxO58V73Com1cFnfryfwGp1efkMxj9yBjZwAgYUDCteLbKLgL6GH//J5r9nAQ8r3z76mtdtE0aU1swza03wVsJySOdCNFI9iZAJLe7SZ4k7YCqevF5p2S8Eu/5niX2igtu5iNzcReAwggV/MIIDZ6ADAgECAggyTUE4rwLBPDANBgkqhkiG9w0BAQsFADBNMRcwFQYDVQQDDA5EU1MgUm9vdCBDQSAxMDEQMA4GA1UECwwHVGVzdGluZzETMBEGA1UECgwKU2lnblNlcnZlcjELMAkGA1UEBhMCU0UwHhcNMTEwNTI3MDgxNDI3WhcNMzYwNTI3MDgxNDI3WjBNMRcwFQYDVQQDDA5EU1MgUm9vdCBDQSAxMDEQMA4GA1UECwwHVGVzdGluZzETMBEGA1UECgwKU2lnblNlcnZlcjELMAkGA1UEBhMCU0UwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCBuWCNNOQynVACGBYOmuG+oT3NfVTH8D9FM67gbh/oJOR3okQSRt0pm/4Iq/hxGhUK187fCc6iQVHD/UkyYceJDVn/+4OgOOjyOTyd6TQCsUT1Hk1PTbAwkJBr+Y/XBT1lKXW3HeNBFQUH6tM14Jw9N+37UUvtSNgx2RHOXbrUg6WZfMMwD4RggYnZzbBiE6/YOp9DKA3PkY5/QQWqVBki3+nOilJL7QryY1vndE6GD0Ym6PDO6BIfln6vR+xUdsJXRBSRkF+RGj0oxx1oMQ9rzGlhOOwU+pTpFycaRUAGGfw5LxIhbDat7V/6G2Pqn0QZuTWbQj2lYYED2S1aeuqWoNdX60SGGHU7h/4seJ6jGKxysXtFfGVirJqbqhpt9exfdUALQzVSTAhyITzADVKP/52ChIyq8QM0N/CkRi3qXxnxzMNNYOLswza7lVjSc/f4D496kqs62t1oZI/f3p/hrsDe6fWjqdBYezJZDuRzwYifzM3mfKRBqCEbJiUcdh7VdRI+0ebGNt2zLO2uQiKzdx+MWd7ReA8CJC5jHdP8H6mj0GEYhTAJXRCL+BZU3o2TJ2xvMx5FcQtBjIr6UeAgaIRoHNBFG1ducH7BBeLYhpwk10qogLAOyX8++9xkj1lXqkH8ojMH7wgmbQItjbgrQ5cmzcGqKPyCam9sj6jTBQIDAQABo2MwYTAdBgNVHQ4EFgQUIHoh3uituwKo+3FYpAliudhYBaIwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBQgeiHe6K27Aqj7cVikCWK52FgFojAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBADEW+k5kXoqiXjxxB4pZDjxUB76Hl2bIox8MsNlfnUhHN8oqwcukU/HMY3Di31S/hg5HQIP3PzV1H5z3e3WXDAikpvH1CaryNWIcQcpgP0VdOEz5xWmxPbmmDfmbc415Rf9v76XZ37ZA01NYy92wK1pB3JtmptgUiTQiM/Asup2wDwijrSS4RLgmdBqE90uR+bvSuAB2ZEOjM59INppYdjbQOi+R+8pRiM9HowYA8PnD10RvjCn9mMBNuXJmcf4tN+XB9+1QCieYDDjoTRmCDXjew7pF846dvCNcRz4pd38pDqRNDnrSaXJF3qrsQgNhF8PifhqApXZHmC9U+EwPT4gruRqCoo19Zr3PxR7Y3cx53Jadv3C/jALr2oWd0Zoh9gAORTKSg7IuxVW14nvQ9Uk9c7uzrou5x8PZHTCjYym45gKxM6bscdL65n1WMeXapDRlAbz1ef4BefM9uTUg17bPSWreHMJbkNNgEqwkR7ESvMykvCISpRglR9H0R4IzxQ8y0tKrPW610+ghiFQsbO3mVIkSkwcxuq5h9YnFCIoJu9/FCw/l0tQwQipOCM12j3w6UztnvONgf0qKbPfCAApIAihBmvs7LV0wc7kYriMG1nzCCzLJDoPNBDtHrxcVUpqshbxIBN7K5sA/5aN0zCT9lfOwOMxkS0Q1oFfMB59gAAAxggIeMIICGgIBATBYMEwxFjAUBgNVBAMMDURTUyBTdWIgQ0EgMTExEDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAoMClNpZ25TZXJ2ZXIxCzAJBgNVBAYTAlNFAgg509sSVBsmFzANBglghkgBZQMEAgEFAKCBmDAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yNTA1MTMwODUxMjlaMC0GCSqGSIb3DQEJNDEgMB4wDQYJYIZIAWUDBAIBBQChDQYJKoZIhvcNAQELBQAwLwYJKoZIhvcNAQkEMSIEIPLKG7bH6QfQba/kaH5Xn852s35Ok7dgUCLaUubMwm/SMA0GCSqGSIb3DQEBCwUABIIBAK2ulT/5NLRjGTN1G4Ub+IHpEpq/5Rlgi+l//gsVhMOaV3wQy8K+K7tbwoO6tbVF35DKtvPhQZc4RiLZ8HWB4jQlWxXoRxek6VDXt5D6XyMaIiRKJMqrbUwPUfMif59W9tPb5xlH13Bl2wAgZp2CZHCGnlrW2f6aoIBGGgRvEpyBaMKT0xjiQfYUsB74J6FgACY1L+WJKDXWN5atwG/16n6TXqP6QBWsSXXzmL1WWEz7ix8du2nPxf5o0lC8+7dPaLRwP7lfB6Ctb+935XCgCT1V7vcUaL83fN+9+bCPK9BgnVdSx+Vcn4jyKMKiwmrIxKNj8cYSGKf9Uefc27PDEpkAAAAAAAA= requestId: type: string examples: - "457529920" archiveId: type: string examples: - 61f5414b202a8c4006a1f9e7486af0181f73d710 signerCertificate: type: string examples: - MIIDlzCCAn+gAwIBAgIIOdPbElQbJhcwDQYJKoZIhvcNAQELBQAwTDEWMBQGA1UEAwwNRFNTIFN1YiBDQSAxMTEQMA4GA1UECwwHVGVzdGluZzETMBEGA1UECgwKU2lnblNlcnZlcjELMAkGA1UEBhMCU0UwHhcNMTYwMzAzMDgyNTA0WhcNMzYwMjI3MDgyNTA0WjBKMRQwEgYDVQQDDAtzaWduZXIwMDAwMzEQMA4GA1UECwwHVGVzdGluZzETMBEGA1UECgwKU2lnblNlcnZlcjELMAkGA1UEBhMCU0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyFKqwwiHS2o4PO3zovqC+jGuIELnja1iAlg/hyrRp28mF6BOGVaKE6ZzbQIMmmICRz+EeqXN1W8gyCEh6T2qN3QvXTAF9mrrUI3hG4Xn/Davgsln8saRE0zt45yy47dPq5YofYJWWIdW/6qssiX+ApcPqthCQfkgraUSagS/Reqy0WT/A2lwKh147GB9+MxhheskQIPaKQasOpI7vGfzey+GnkHPsfU21irS2nC8uzv6hd0G6hNYUEmJtIh9/5WebMoMiGFq1sydTtZp7pJilfPyxrAkHXEwMUEEMcVlE/ISCoKMttnLMUT/F00cHesU4D2yNl6gcSjpMj4Q/iF+hAgMBAAGjfzB9MB0GA1UdDgQWBBQ2/WY3Ln7tdUmDrTyvtvSZwBg8YzAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFBxgQUremK3l1gOK6GaCqX6w8gKHMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAIUh6kkCMc0Fs6U+Sw6Ns0Yd28Fb5SM//nE6mq3mf1SD4lAyChVrFvlqMZJaqeJlkVeHc9E+KCE5bX1r2iGC8rnE9DuItI0pKMrgFt4cbSbDwgovnTrkiIhuqP2pjdhmrHtlLqZBR8e16c4xGSn6XWKJ8vPzx2AJl7MY3sY3Z4aPckBFNjG1lzH1inq5WM/+WaLghOQQngaXeU+SWpoAM7cUjB8Uyjf2Qr2GerI4AZZJMuC6BuvMdFMyXX78l7c9qmvK9Bre+SFKdtcMAgnglLzu0lyPHPwYL0R+pwc5dFOJipafxeqeHGpkZTXMsdMn6f1USRznlGbRWru68/XOOFU= metaData: type: object additionalProperties: type: string examples: - {} ReloadRequest: description: Represents a reload request. type: object required: - workerIDs properties: workerIDs: type: array items: type: integer format: int32 description: List of worker IDs to reload. Worker: type: object properties: id: type: integer format: int32 examples: - 1 name: type: string examples: - PlainSigner WorkerConfigResponse: description: POJO that represents a get configuration response. type: object properties: properties: type: object additionalProperties: type: string description: Worker properties list WorkerRequest: description: Represents a worker request. type: object properties: properties: type: object additionalProperties: type: string description: Worker properties list WorkerResponse: description: Represents a worker response. type: object properties: responseMessage: type: string info: title: SignServer REST Interface version: 1.4.1 paths: /signserver/rest/v1/workers: get: summary: Request to get list of workers description: "Required role: admin role \n\n" parameters: - description: This protects SignServer REST endpoints from being maliciously invoked from administrator machines by clickjacking or CSRF methods. in: header name: X-Keyfactor-Requested-With required: true responses: "200": description: OK content: application/json: schema: $ref: "#/components/schemas/ListWorkersResponse" "403": description: Access is forbidden! content: application/json: schema: $ref: "#/components/schemas/ErrorMessage403" "500": description: The server were unable to process the request. See server-side logs for more details. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage500" post: summary: Submit data for adding a new worker from multiple properties description: "Required role: admin role \n\nSubmit a worker ID and a list of\ \ worker properties to add a new worker." parameters: - description: This protects SignServer REST endpoints from being maliciously invoked from administrator machines by clickjacking or CSRF methods. in: header name: X-Keyfactor-Requested-With required: true requestBody: description: The request content: application/json: examples: PlainSigner: value: properties: CRYPTOTOKEN: CryptoTokenP12 AUTHTYPE: NOAUTH IMPLEMENTATION_CLASS: org.signserver.module.cmssigner.PlainSigner DEFAULTKEY: signer00003 TYPE: PROCESSABLE DISABLEKEYUSAGECOUNTER: "true" NAME: PlainSigner CryptoTokenP12: value: properties: KEYSTOREPATH: /opt/signserver/res/test/dss10/dss10_keystore.p12 IMPLEMENTATION_CLASS: org.signserver.server.signers.CryptoWorker KEYSTORETYPE: PKCS12 KEYSTOREPASSWORD: foo123 TYPE: CRYPTO_WORKER CRYPTOTOKEN_IMPLEMENTATION_CLASS: org.signserver.server.cryptotokens.KeystoreCryptoToken NAME: CryptoTokenP12 schema: $ref: "#/components/schemas/WorkerRequest" required: true responses: "201": description: "" "400": description: Bad request from the client content: application/json: schema: $ref: "#/components/schemas/ErrorMessage400" "403": description: Access is forbidden! content: application/json: schema: $ref: "#/components/schemas/ErrorMessage403" "405": description: Method not allowed. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage405" "409": description: Worker already exists. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage409" "500": description: The server were unable to process the request. See server-side logs for more details. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage500" /signserver/rest/v1/workers/reload: post: parameters: - description: This protects SignServer REST endpoints from being maliciously invoked from administrator machines by clickjacking or CSRF methods. in: header name: X-Keyfactor-Requested-With required: true responses: "200": description: Workers successfully reloaded content: application/json: {} "403": description: Access is forbidden! content: application/json: schema: $ref: "#/components/schemas/ErrorMessage403" "500": description: The server were unable to process the request. See server-side logs for more details. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage500" "400": description: Bad request from the client content: application/json: schema: $ref: "#/components/schemas/ErrorMessage400" "404": description: No such worker content: application/json: schema: $ref: "#/components/schemas/ErrorMessage404" summary: Reload workers description: "Required role: admin role \n\nSubmit a list of worker IDs to reload\ \ configurations from the database. The request without body reloads all the\ \ workers." requestBody: description: The request content: application/json: examples: Reload one worker: value: workerIDs: - 1 Reload several workers: value: workerIDs: - 1 - 2 schema: $ref: "#/components/schemas/WorkerRequest" required: true /signserver/rest/v1/workers/{idOrName}/process: post: summary: Submit data for processing description: "Required role: set by AUTHTYPE in worker \n\nSubmit data/document/file\ \ for processing such as for instance signing and get back the result (i.e.\ \ signature)." parameters: - description: Worker Id or name of the worker example: ExampleSigner1 name: idOrName in: path required: true schema: type: string - description: This protects SignServer REST endpoints from being maliciously invoked from administrator machines by clickjacking or CSRF methods. in: header name: X-Keyfactor-Requested-With required: true requestBody: description: The request required: true content: application/json: schema: $ref: "#/components/schemas/ProcessRequest" multipart/form-data: schema: type: object properties: file: type: object responses: "400": description: Bad request from the client content: application/json: schema: $ref: "#/components/schemas/ErrorMessage400" "403": description: Access is forbidden! content: application/json: schema: $ref: "#/components/schemas/ErrorMessage403" "404": description: No such worker content: application/json: schema: $ref: "#/components/schemas/ErrorMessage404" "500": description: The server were unable to process the request. See server-side logs for more details. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage500" "503": description: Crypto Token not available content: application/json: schema: $ref: "#/components/schemas/ErrorMessage503" "200": description: The response data content: application/json: schema: $ref: "#/components/schemas/ProcessResponse" application/octet-stream: schema: $ref: "#/components/schemas/ProcessResponse" "406": description: Not Acceptable content: application/json: schema: $ref: "#/components/schemas/ErrorMessage406" /signserver/rest/v1/workers/{id}: patch: summary: Submit data for update and delete worker properties description: "Required role: admin role \n\nSubmit a worker ID and a list of\ \ worker properties to update or delete." parameters: - description: Worker id example: 1 name: id in: path required: true schema: type: integer format: int32 - description: This protects SignServer REST endpoints from being maliciously invoked from administrator machines by clickjacking or CSRF methods. in: header name: X-Keyfactor-Requested-With required: true requestBody: description: The request content: application/json: examples: Change existing property name: value: properties: NAME: NewPlainSigner Add new properties for clientside hashing: value: properties: CLIENTSIDEHASHING: "true" ACCEPTED_HASH_DIGEST_ALGORITHMS: "SHA-256,SHA-384,SHA-512" schema: $ref: "#/components/schemas/WorkerRequest" required: true responses: "200": description: Worker properties successfully updated content: application/json: {} "400": description: Bad request from the client content: application/json: schema: $ref: "#/components/schemas/ErrorMessage400" "403": description: Access is forbidden! content: application/json: schema: $ref: "#/components/schemas/ErrorMessage403" "405": description: Method not allowed. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage405" "409": description: Worker already exists. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage409" "500": description: The server were unable to process the request. See server-side logs for more details. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage500" put: summary: Submit data for replace worker properties with the new properties description: "Required role: admin role \n\nSubmit a worker ID and a list of\ \ worker properties to replace with current worker properties." parameters: - description: Worker id example: 1 name: id in: path required: true schema: type: integer format: int32 - description: This protects SignServer REST endpoints from being maliciously invoked from administrator machines by clickjacking or CSRF methods. in: header name: X-Keyfactor-Requested-With required: true requestBody: description: The request content: application/json: examples: PlainSigner: value: properties: CRYPTOTOKEN: CryptoTokenP12 AUTHTYPE: NOAUTH IMPLEMENTATION_CLASS: org.signserver.module.cmssigner.PlainSigner DEFAULTKEY: signer00003 TYPE: PROCESSABLE DISABLEKEYUSAGECOUNTER: "true" NAME: PlainSigner CryptoTokenP12: value: properties: KEYSTOREPATH: /opt/signserver/res/test/dss10/dss10_keystore.p12 IMPLEMENTATION_CLASS: org.signserver.server.signers.CryptoWorker KEYSTORETYPE: PKCS12 KEYSTOREPASSWORD: foo123 TYPE: CRYPTO_WORKER CRYPTOTOKEN_IMPLEMENTATION_CLASS: org.signserver.server.cryptotokens.KeystoreCryptoToken NAME: CryptoTokenP12 schema: $ref: "#/components/schemas/WorkerRequest" required: true responses: "200": description: Worker properties successfully replaced content: application/json: {} "400": description: Bad request from the client content: application/json: schema: $ref: "#/components/schemas/ErrorMessage400" "403": description: Access is forbidden! content: application/json: schema: $ref: "#/components/schemas/ErrorMessage403" "404": description: No such worker content: application/json: schema: $ref: "#/components/schemas/ErrorMessage404" "405": description: Method not allowed. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage405" "409": description: Worker already exists. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage409" "500": description: The server were unable to process the request. See server-side logs for more details. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage500" delete: summary: Removing worker description: "Required role: admin role \n\nRemoving worker by ID." parameters: - description: Worker id example: 1 name: id in: path required: true schema: type: integer format: int32 - description: This protects SignServer REST endpoints from being maliciously invoked from administrator machines by clickjacking or CSRF methods. in: header name: X-Keyfactor-Requested-With required: true responses: "200": description: Worker removed successfully content: application/json: {} "400": description: Bad request from the client content: application/json: schema: $ref: "#/components/schemas/ErrorMessage400" "404": description: No such worker content: application/json: schema: $ref: "#/components/schemas/ErrorMessage404" "403": description: Access is forbidden! content: application/json: schema: $ref: "#/components/schemas/ErrorMessage403" "405": description: Method not allowed. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage405" "500": description: The server were unable to process the request. See server-side logs for more details. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage500" get: summary: Request to get worker configuration description: "Required role: admin role \n\n" parameters: - description: Worker id example: 1 name: id in: path required: true schema: type: integer format: int32 - description: This protects SignServer REST endpoints from being maliciously invoked from administrator machines by clickjacking or CSRF methods. in: header name: X-Keyfactor-Requested-With required: true responses: "200": description: OK content: application/json: example: properties: CRYPTOTOKEN: CryptoTokenP12 AUTHTYPE: NOAUTH IMPLEMENTATION_CLASS: org.signserver.module.cmssigner.PlainSigner DEFAULTKEY: signer00003 TYPE: PROCESSABLE DISABLEKEYUSAGECOUNTER: "true" NAME: PlainSigner schema: $ref: "#/components/schemas/WorkerConfigResponse" "403": description: Access is forbidden! content: application/json: schema: $ref: "#/components/schemas/ErrorMessage403" "404": description: No such worker content: application/json: schema: $ref: "#/components/schemas/ErrorMessage404" "500": description: The server were unable to process the request. See server-side logs for more details. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage500" post: summary: Submit data for adding a new worker from multiple properties description: "Required role: admin role \n\nSubmit a worker ID and a list of\ \ worker properties to add a new worker." parameters: - description: Worker id example: 1 name: id in: path required: true schema: type: integer format: int32 - description: This protects SignServer REST endpoints from being maliciously invoked from administrator machines by clickjacking or CSRF methods. in: header name: X-Keyfactor-Requested-With required: true requestBody: description: The request content: application/json: examples: PlainSigner: value: properties: CRYPTOTOKEN: CryptoTokenP12 AUTHTYPE: NOAUTH IMPLEMENTATION_CLASS: org.signserver.module.cmssigner.PlainSigner DEFAULTKEY: signer00003 TYPE: PROCESSABLE DISABLEKEYUSAGECOUNTER: "true" NAME: PlainSigner CryptoTokenP12: value: properties: KEYSTOREPATH: /opt/signserver/res/test/dss10/dss10_keystore.p12 IMPLEMENTATION_CLASS: org.signserver.server.signers.CryptoWorker KEYSTORETYPE: PKCS12 KEYSTOREPASSWORD: foo123 TYPE: CRYPTO_WORKER CRYPTOTOKEN_IMPLEMENTATION_CLASS: org.signserver.server.cryptotokens.KeystoreCryptoToken NAME: CryptoTokenP12 schema: $ref: "#/components/schemas/WorkerRequest" required: true responses: "201": description: "" "400": description: Bad request from the client content: application/json: schema: $ref: "#/components/schemas/ErrorMessage400" "403": description: Access is forbidden! content: application/json: schema: $ref: "#/components/schemas/ErrorMessage403" "405": description: Method not allowed. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage405" "409": description: Worker already exists. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage409" "500": description: The server were unable to process the request. See server-side logs for more details. content: application/json: schema: $ref: "#/components/schemas/ErrorMessage500"