@1claw/openapi-spec 0.11.0 → 0.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/openapi.json +39 -2
- package/openapi.yaml +29 -3
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -40,7 +40,7 @@ openapi-generator generate \
|
|
|
40
40
|
import spec from "@1claw/openapi-spec/openapi.json";
|
|
41
41
|
```
|
|
42
42
|
|
|
43
|
-
## What's in the spec (v0.
|
|
43
|
+
## What's in the spec (v0.12.0)
|
|
44
44
|
|
|
45
45
|
- **Vaults** — CRUD, CMEK enable/disable, key rotation with job tracking
|
|
46
46
|
- **Secrets** — CRUD, versioning, CMEK-encrypted flag
|
package/openapi.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"openapi": "3.1.0",
|
|
3
3
|
"info": {
|
|
4
4
|
"title": "1Claw API",
|
|
5
|
-
"version": "2.
|
|
5
|
+
"version": "2.5.0",
|
|
6
6
|
"description": "Secure secret management for AI agents. Provides vaults, secrets,\npolicy-based access control, agent identity, Intents API,\nsharing, billing, and audit logging.\n\nAll endpoints require JWT Bearer authentication unless marked with\n`security: []`.\n",
|
|
7
7
|
"contact": {
|
|
8
8
|
"email": "ops@1claw.xyz"
|
|
@@ -256,6 +256,43 @@
|
|
|
256
256
|
}
|
|
257
257
|
}
|
|
258
258
|
},
|
|
259
|
+
"/v1/auth/jwt-public-key": {
|
|
260
|
+
"get": {
|
|
261
|
+
"tags": [
|
|
262
|
+
"Authentication"
|
|
263
|
+
],
|
|
264
|
+
"summary": "Get JWT verification public key",
|
|
265
|
+
"description": "Returns the Ed25519 public key used to sign JWTs.\nUse this to verify tokens independently (e.g. in a TEE proxy or\ngateway). No authentication required.\n",
|
|
266
|
+
"operationId": "getJwtPublicKey",
|
|
267
|
+
"security": [],
|
|
268
|
+
"responses": {
|
|
269
|
+
"200": {
|
|
270
|
+
"description": "JWT public key",
|
|
271
|
+
"content": {
|
|
272
|
+
"application/json": {
|
|
273
|
+
"schema": {
|
|
274
|
+
"type": "object",
|
|
275
|
+
"required": [
|
|
276
|
+
"alg",
|
|
277
|
+
"public_key_base64"
|
|
278
|
+
],
|
|
279
|
+
"properties": {
|
|
280
|
+
"alg": {
|
|
281
|
+
"type": "string",
|
|
282
|
+
"example": "EdDSA"
|
|
283
|
+
},
|
|
284
|
+
"public_key_base64": {
|
|
285
|
+
"type": "string",
|
|
286
|
+
"description": "Base64-encoded Ed25519 public key"
|
|
287
|
+
}
|
|
288
|
+
}
|
|
289
|
+
}
|
|
290
|
+
}
|
|
291
|
+
}
|
|
292
|
+
}
|
|
293
|
+
}
|
|
294
|
+
}
|
|
295
|
+
},
|
|
259
296
|
"/v1/auth/signup": {
|
|
260
297
|
"post": {
|
|
261
298
|
"tags": [
|
|
@@ -3264,7 +3301,7 @@
|
|
|
3264
3301
|
"name": "include_signed_tx",
|
|
3265
3302
|
"in": "query",
|
|
3266
3303
|
"required": false,
|
|
3267
|
-
"description": "Set to `true` to include the raw signed transaction hex in the response. Omitted by default to reduce key exfiltration risk.\n",
|
|
3304
|
+
"description": "Set to `true` or `1` to include the raw signed transaction hex in the response. Omitted by default to reduce key exfiltration risk. Only the literal values \"true\" or \"1\" enable inclusion; any other value or omission returns responses without signed_tx.\n",
|
|
3268
3305
|
"schema": {
|
|
3269
3306
|
"type": "boolean",
|
|
3270
3307
|
"default": false
|
package/openapi.yaml
CHANGED
|
@@ -2,7 +2,7 @@ openapi: 3.1.0
|
|
|
2
2
|
|
|
3
3
|
info:
|
|
4
4
|
title: 1Claw API
|
|
5
|
-
version: 2.
|
|
5
|
+
version: 2.5.0
|
|
6
6
|
description: |
|
|
7
7
|
Secure secret management for AI agents. Provides vaults, secrets,
|
|
8
8
|
policy-based access control, agent identity, Intents API,
|
|
@@ -169,6 +169,32 @@ paths:
|
|
|
169
169
|
"401":
|
|
170
170
|
$ref: "#/components/responses/Unauthorized"
|
|
171
171
|
|
|
172
|
+
/v1/auth/jwt-public-key:
|
|
173
|
+
get:
|
|
174
|
+
tags: [Authentication]
|
|
175
|
+
summary: Get JWT verification public key
|
|
176
|
+
description: |
|
|
177
|
+
Returns the Ed25519 public key used to sign JWTs.
|
|
178
|
+
Use this to verify tokens independently (e.g. in a TEE proxy or
|
|
179
|
+
gateway). No authentication required.
|
|
180
|
+
operationId: getJwtPublicKey
|
|
181
|
+
security: []
|
|
182
|
+
responses:
|
|
183
|
+
"200":
|
|
184
|
+
description: JWT public key
|
|
185
|
+
content:
|
|
186
|
+
application/json:
|
|
187
|
+
schema:
|
|
188
|
+
type: object
|
|
189
|
+
required: [alg, public_key_base64]
|
|
190
|
+
properties:
|
|
191
|
+
alg:
|
|
192
|
+
type: string
|
|
193
|
+
example: EdDSA
|
|
194
|
+
public_key_base64:
|
|
195
|
+
type: string
|
|
196
|
+
description: Base64-encoded Ed25519 public key
|
|
197
|
+
|
|
172
198
|
/v1/auth/signup:
|
|
173
199
|
post:
|
|
174
200
|
tags: [Authentication]
|
|
@@ -2097,8 +2123,8 @@ components:
|
|
|
2097
2123
|
in: query
|
|
2098
2124
|
required: false
|
|
2099
2125
|
description: >
|
|
2100
|
-
Set to `true` to include the raw signed transaction hex in the response.
|
|
2101
|
-
Omitted by default to reduce key exfiltration risk.
|
|
2126
|
+
Set to `true` or `1` to include the raw signed transaction hex in the response.
|
|
2127
|
+
Omitted by default to reduce key exfiltration risk. Only the literal values "true" or "1" enable inclusion; any other value or omission returns responses without signed_tx.
|
|
2102
2128
|
schema:
|
|
2103
2129
|
type: boolean
|
|
2104
2130
|
default: false
|
package/package.json
CHANGED