{ "openapi": "3.1.0", "info": { "version": "1.6.2", "title": "regfish DNS & TLS API", "description": "Manage your Domains, DNS, and TLS certificates", "termsOfService": "https://regfish.com/terms", "contact": { "name": "API Support", "url": "https://regfish.com/docs", "email": "support@regfish.com" } }, "servers": [ { "url": "https://api.regfish.com", "description": "Production Server" } ], "tags": [ { "name": "Meta", "description": "Metadata and API specification endpoints." }, { "name": "Domains", "description": "Customer domain portfolio and registrar metadata." }, { "name": "DNS", "description": "DNS zone and resource record operations." }, { "name": "TLS", "description": "TLS certificate and product operations." } ], "paths": { "/openapi.yaml": { "x-controller": "OpenAPISpec", "get": { "tags": [ "Meta" ], "summary": "Download OpenAPI specification", "description": "Download the current OpenAPI specification as YAML.", "operationId": "DownloadOpenAPISpec", "responses": { "200": { "description": "The current OpenAPI YAML document", "content": { "application/yaml": { "schema": { "type": "string" }, "example": "openapi: '3.1.0'\ninfo:\n version: '1.4.0'" } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/domains": { "x-controller": "Domains", "parameters": [ { "name": "search", "in": "query", "required": false, "description": "Case-insensitive partial match against the domain name, owner label, or primary nameserver.", "schema": { "type": "string" } }, { "name": "filter", "in": "query", "required": false, "description": "Comma-separated list of filters. Supported values are `cancelled` and `dnssec-inactive`.", "schema": { "type": "string" } }, { "name": "sortBy", "in": "query", "required": false, "description": "Sort by one of the public response fields listed in `domainListSortKey`.", "schema": { "$ref": "#/components/schemas/domainListSortKey" } }, { "name": "sortOrder", "in": "query", "required": false, "schema": { "$ref": "#/components/schemas/sortOrder" } }, { "name": "page", "in": "query", "required": false, "schema": { "type": "integer", "minimum": 1, "default": 1 } }, { "name": "pageSize", "in": "query", "required": false, "schema": { "type": "integer", "enum": [ 10, 25, 50, 100 ], "default": 100 } } ], "get": { "tags": [ "Domains" ], "summary": "List customer domains", "description": "List registered domains together with key portfolio details such as owner label,\nDNSSEC status, renewal status, and expiry date.\n\nSupports text search, filtering, sorting, and pagination.\n", "operationId": "ListDomains", "responses": { "200": { "description": "Customer domain list", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/domainListResponse" } } } ] } } } }, "400": { "description": "Invalid query parameters", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/dns/rr/{rrid}": { "x-controller": "ResourceRecordsByID", "parameters": [ { "name": "rrid", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/rrid" } } ], "get": { "tags": [ "DNS" ], "summary": "Get DNS record", "description": "Retrieve details about a specific Resource Record (`rrid`).", "operationId": "GetRecordByRRID", "responses": { "200": { "description": "The record corresponding to the provided `rrid`", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/recordResponse" } } } ] } } } }, "400": { "description": "Invalid request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "DNS record not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } }, "patch": { "tags": [ "DNS" ], "summary": "Update DNS record", "description": "Update a specific Resource Record (`rrid`). This is useful for modifying the record’s name or type, or when managing multiple records with the same name and type combination.", "operationId": "PatchRecordByRRID", "requestBody": { "description": "Data object for the record", "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/recordRequest" } } } }, "responses": { "200": { "description": "The updated record", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/recordResponse" } } } ] } } } }, "400": { "description": "Invalid request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "DNS record not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "417": { "description": "DNS record update violates a zone constraint", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } }, "delete": { "tags": [ "DNS" ], "summary": "Delete DNS record", "description": "Delete a specific Resource Record (`rrid`).", "operationId": "DeleteRecordByRRID", "responses": { "200": { "description": "The updated record", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" } ] } } } }, "400": { "description": "Invalid request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "DNS record not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/dns/{domain}/rr": { "parameters": [ { "name": "domain", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/fqdn_relaxed" } } ], "x-controller": "ResourceRecordsByDomain", "get": { "tags": [ "DNS" ], "summary": "Get DNS records", "description": "List all DNS records stored in the zone for the specified domain.", "operationId": "GetRecordsByDomain", "responses": { "200": { "description": "The record created, with its new ID", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "type": "array", "items": { "$ref": "#/components/schemas/recordResponse" } } } } ] } } } }, "400": { "description": "Invalid request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "DNS zone or records not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/dns/zones": { "x-controller": "DNSZones", "get": { "tags": [ "DNS" ], "summary": "List DNS zones", "description": "List DNS zones with SOA data, delegated nameservers, DNSSEC status, and record counts.", "operationId": "ListDNSZones", "responses": { "200": { "description": "DNS zone list", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "type": "array", "items": { "$ref": "#/components/schemas/dnsZoneSummaryResponse" } } } } ] } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/dns/zones/{domain}": { "parameters": [ { "name": "domain", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/fqdn_relaxed" } } ], "x-controller": "DNSZonesByDomain", "get": { "tags": [ "DNS" ], "summary": "Get DNS zone details", "description": "Retrieve the complete DNS zone for the specified domain.\n\nThe response includes SOA metadata, delegated nameservers, DNSSEC status,\nrecord counts, and all records stored in the zone, including `NS` records.\n", "operationId": "GetDNSZoneByDomain", "responses": { "200": { "description": "Detailed DNS zone", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/dnsZoneDetailResponse" } } } ] } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "DNS zone not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/dns/zones/{domain}/export": { "parameters": [ { "name": "domain", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/fqdn_relaxed" } } ], "x-controller": "DNSZoneExportsByDomain", "get": { "tags": [ "DNS" ], "summary": "Export DNS zone as BIND file", "description": "Export the specified zone as a BIND-compatible zone file.\n\nNon-standard `ALIAS` records are included as comments and, when possible,\nas resolved `A` records.\n", "operationId": "ExportDNSZoneBindByDomain", "responses": { "200": { "description": "BIND zone file", "headers": { "Content-Disposition": { "schema": { "type": "string" } }, "Cache-Control": { "schema": { "type": "string" } } }, "content": { "text/plain": { "schema": { "type": "string" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "DNS zone not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/dns/rr": { "x-controller": "ResourceRecords", "post": { "tags": [ "DNS" ], "summary": "Create DNS record", "description": "Create a new DNS record and automatically detect the zone based on the `fqdn` specified in the `name` parameter.", "operationId": "AddRecord", "requestBody": { "description": "Data object for the record", "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/recordRequestFQDN" } } } }, "responses": { "200": { "description": "The record created, with its new ID", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/recordResponse" } } } ] } } } }, "400": { "description": "Invalid request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "No matching DNS zone found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "417": { "description": "DNS record creation violates a zone constraint", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } }, "patch": { "tags": [ "DNS" ], "summary": "Update DNS record", "description": "Update a DNS record and automatically detect the record based on the `name` and `type` specified in the parameters. If you want to update the `name` or `type` attribute, please refer to the `PATCH /dns/rr/{rrid}` endpoint.", "operationId": "PatchRecord", "requestBody": { "description": "Data object for the record", "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/recordRequestFQDN" } } } }, "responses": { "200": { "description": "The record corresponding to the provided `name`/`type` combination", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/recordResponse" } } } ] } } } }, "400": { "description": "Invalid request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "No record found for the provided `name`/`type` combination", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "417": { "description": "DNS record update violates a zone constraint", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/dns/{domain}/dnssec": { "parameters": [ { "name": "domain", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/fqdn_relaxed" } } ], "x-controller": "DomainDNSSECByDomain", "get": { "tags": [ "DNS" ], "summary": "Get DNSSEC configuration", "description": "Retrieve the current DNSSEC configuration and status for the specified domain.\n\nImportant response fields:\n- `desired_state`: the target DNSSEC state\n- `live_state`: the last state observed from the registry and delegation checks\n- `dnssec_state`: high-level status for quick status checks (`active`, `pending`, `inactive`)\n- `pending_job`: the current DNSSEC transition job, if processing is still in progress\n\nDNSSEC changes can be asynchronous, so `desired_state` and `live_state` may differ temporarily.\n", "operationId": "GetDNSSECByDomain", "responses": { "200": { "description": "DNSSEC configuration", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/dnssecResponse" } } } ] } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "Domain not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } }, "put": { "tags": [ "DNS" ], "summary": "Upsert DNSSEC configuration", "description": "Enable, disable, or update registry DNSSEC for the specified domain.\n\nUse `mode=regfish` only when the domain uses regfish authoritative nameservers.\nUse `mode=external` only when DNSSEC data must be supplied for external nameservers.\nUse `mode=none` together with `state=disabled` to disable registry DNSSEC.\n\nThe response may already be final, or it may include a `pending_job` while\nthe registry or DNS delegation is still converging.\nIf the update cannot be completed, the response returns the last stable DNSSEC state.\n", "operationId": "PutDNSSECByDomain", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/dnssecRequest" } } } }, "responses": { "200": { "description": "DNSSEC configuration accepted", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/dnssecResponse" } } } ] } } } }, "400": { "description": "Invalid DNSSEC payload", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "Domain not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "409": { "description": "DNSSEC cannot be applied in the requested mode or provider state", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "417": { "description": "DNSSEC record set is invalid for this TLD or provider", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "502": { "description": "Registry-side DNSSEC operation failed", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/dns/{domain}/dnssec/cancel": { "parameters": [ { "name": "domain", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/fqdn_relaxed" } } ], "x-controller": "DomainDNSSECCancelByDomain", "post": { "tags": [ "DNS" ], "summary": "Cancel pending DNSSEC transition", "description": "Cancel a currently pending DNSSEC activation or, for regfish-managed nameservers, a pending DNSSEC deactivation.\n\nIf no cancellable transition exists, the request fails with `409`.\n", "operationId": "CancelDNSSECByDomain", "responses": { "200": { "description": "DNSSEC transition cancelled or current stable state returned", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/dnssecResponse" } } } ] } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "Domain not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "409": { "description": "No cancellable DNSSEC transition exists for this domain or the current transition cannot be rolled back automatically", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/dns/{domain}/dnssec/verify": { "parameters": [ { "name": "domain", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/fqdn_relaxed" } } ], "x-controller": "DomainDNSSECVerifyByDomain", "post": { "tags": [ "DNS" ], "summary": "Verify DNSSEC state", "description": "Refresh registry DNSSEC state and verify whether delegation is visible.\n\nThis endpoint is useful after asynchronous registry processing or delayed DS/DNSKEY delegation.\nA successful response can still be `pending` when the target state has not propagated completely yet.\n", "operationId": "VerifyDNSSECByDomain", "responses": { "200": { "description": "DNSSEC verification result", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/dnssecResponse" } } } ] } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "Domain not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "502": { "description": "DNSSEC verification failed", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/dns/{domain}/dnssec/jobs": { "parameters": [ { "name": "domain", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/fqdn_relaxed" } } ], "x-controller": "DomainDNSSECJobsByDomain", "get": { "tags": [ "DNS" ], "summary": "List DNSSEC jobs", "description": "Retrieve recent registry DNSSEC jobs for the specified domain.", "operationId": "ListDNSSECJobsByDomain", "responses": { "200": { "description": "DNSSEC job list", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "type": "array", "items": { "$ref": "#/components/schemas/dnssecJobResponse" } } } } ] } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "Domain not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/tls/certificate": { "x-controller": "TLSCertificates", "get": { "tags": [ "TLS" ], "summary": "List TLS certificates", "description": "List TLS certificates in the current account.", "operationId": "ListCertificates", "responses": { "200": { "description": "TLS certificate list", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "type": "array", "items": { "$ref": "#/components/schemas/tlsCertificateResponse" } } } } ] } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } }, "post": { "tags": [ "TLS" ], "summary": "Order or renew TLS certificate", "description": "Create a new TLS certificate order or renew an existing certificate. When `renewal_of_certificate_id` is set, `validity_days` still describes the purchased base term. If the provider accepts the renewal, any remaining validity from the previous certificate may be added after issuance. OV and EV-style products can return `action_required=true` together with a `completion_url` when additional organization or validation details are needed before submission.", "operationId": "CreateCertificate", "requestBody": { "description": "TLS certificate order payload", "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/tlsCertificateRequest" } } } }, "responses": { "200": { "description": "TLS certificate order created", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/tlsCertificateResponse" } } } ] }, "example": { "success": true, "code": 0, "response": { "id": "ABCDEFGHJKM23", "status": "pending", "common_name": "example.com", "product": "RapidSSL", "provider": "digicert", "dns_names": [ "www.example.com" ], "order_state": "PENDING", "action_required": false, "pending_reason": "validation_pending", "pending_message": "The TLS certificate order is waiting for domain validation.", "completion_url": "", "organization_id": null, "validity_days": 199, "certificate_pem_available": false, "validation": { "method": "dns-cname-token", "dns_records": [ { "name": "_dnsauth.example.com.", "type": "CNAME", "value": "0123456789abcdef.dcv.digicert.com." } ] } } } } } }, "400": { "description": "Invalid request payload, TLS product, or CSR", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "Renewal source TLS certificate not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "409": { "description": "The TLS certificate order cannot be submitted in its current state, for example because the renewal is invalid or a usable CA organization is missing", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "502": { "description": "Upstream TLS provider error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/tls/products": { "x-controller": "TLSProducts", "get": { "tags": [ "TLS" ], "summary": "List TLS products", "description": "List available TLS certificate products together with the current account pricing.", "operationId": "ListTLSProducts", "responses": { "200": { "description": "TLS product catalog", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "type": "array", "items": { "$ref": "#/components/schemas/tlsProductResponse" } } } } ] } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/tls/organization": { "x-controller": "TLSOrganizations", "get": { "tags": [ "TLS" ], "summary": "List TLS organizations", "description": "List TLS organizations that can be used for OV and EV certificate orders, including readiness information.", "operationId": "ListOrganizations", "responses": { "200": { "description": "TLS organization list", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "type": "array", "items": { "$ref": "#/components/schemas/tlsOrganizationResponse" } } } } ] } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } }, "post": { "tags": [ "TLS" ], "summary": "Create TLS organization", "description": "Create a DigiCert-backed TLS organization including the local contact record used for OV or EV certificate ordering.", "operationId": "CreateOrganization", "requestBody": { "description": "TLS organization payload", "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/tlsOrganizationCreateRequest" } } } }, "responses": { "200": { "description": "TLS organization created", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/tlsOrganizationResponse" } } } ] } } } }, "400": { "description": "Invalid request payload", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "502": { "description": "Upstream TLS provider error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/tls/organization/{organization_id}": { "parameters": [ { "name": "organization_id", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/tlsOrganizationId" } } ], "x-controller": "TLSOrganizationsByID", "get": { "tags": [ "TLS" ], "summary": "Get TLS organization", "description": "Retrieve a single DigiCert-backed TLS organization by its public organization id.", "operationId": "GetOrganizationByID", "responses": { "200": { "description": "TLS organization details", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/tlsOrganizationResponse" } } } ] } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "TLS organization not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } }, "patch": { "tags": [ "TLS" ], "summary": "Update TLS organization", "description": "Update the local TLS organization contact data used for readiness checks and order completion.", "operationId": "PatchOrganizationByID", "requestBody": { "description": "Partial TLS organization payload", "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/tlsOrganizationPatchRequest" } } } }, "responses": { "200": { "description": "TLS organization updated", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/tlsOrganizationResponse" } } } ] } } } }, "400": { "description": "Invalid request payload", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "TLS organization not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/tls/certificate/{certificate_id}": { "parameters": [ { "name": "certificate_id", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/tlsCertificateId" } } ], "x-controller": "TLSCertificatesByID", "get": { "tags": [ "TLS" ], "summary": "Get TLS certificate", "description": "Retrieve a single TLS certificate including staged/action-required state, validation details, and provider metadata.", "operationId": "GetCertificateByID", "responses": { "200": { "description": "TLS certificate details", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/tlsCertificateResponse" } } } ] } } } }, "400": { "description": "Invalid request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "TLS certificate not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/tls/certificate/{certificate_id}/complete": { "parameters": [ { "name": "certificate_id", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/tlsCertificateId" } } ], "x-controller": "TLSCertificatesByID", "post": { "tags": [ "TLS" ], "summary": "Complete staged TLS certificate order", "description": "Complete an action-required TLS certificate order by binding it to an existing usable DigiCert organization and submitting the provider order.", "operationId": "CompleteCertificate", "requestBody": { "description": "TLS certificate completion payload", "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/tlsCertificateCompleteRequest" } } } }, "responses": { "200": { "description": "TLS certificate order completed", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/tlsCertificateResponse" } } } ] } } } }, "400": { "description": "Invalid request payload or stored CSR", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "TLS certificate or referenced renewal source not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "409": { "description": "The TLS certificate order cannot be completed in its current state", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "502": { "description": "Upstream TLS provider error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/tls/certificate/{certificate_id}/cancel": { "parameters": [ { "name": "certificate_id", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/tlsCertificateId" } } ], "x-controller": "TLSCertificatesByID", "post": { "tags": [ "TLS" ], "summary": "Cancel TLS certificate order", "description": "Cancel a pending TLS certificate order. Use `/tls/certificate/{certificate_id}/order-cancel` when an already issued order should be revoked in full.", "operationId": "CancelCertificate", "requestBody": { "description": "Optional cancellation note", "required": false, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/tlsCertificateCancelRequest" } } } }, "responses": { "200": { "description": "TLS certificate cancellation accepted", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/tlsCertificateResponse" } } } ] } } } }, "400": { "description": "Invalid request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "TLS certificate not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "409": { "description": "Only pending TLS certificate orders can be cancelled", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "502": { "description": "Upstream TLS provider error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/tls/certificate/{certificate_id}/revoke": { "parameters": [ { "name": "certificate_id", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/tlsCertificateId" } } ], "x-controller": "TLSCertificatesByID", "post": { "tags": [ "TLS" ], "summary": "Revoke TLS certificate", "description": "Revoke only the currently selected TLS certificate while keeping the order available for later reissue.", "operationId": "RevokeCertificate", "requestBody": { "description": "Revocation request payload", "required": false, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/tlsCertificateRevokeRequest" } } } }, "responses": { "200": { "description": "TLS certificate revocation accepted", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/tlsCertificateResponse" } } } ] } } } }, "400": { "description": "Invalid request or revocation reason", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "TLS certificate not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "409": { "description": "The TLS certificate cannot be revoked in its current state", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "502": { "description": "Upstream TLS provider error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/tls/certificate/{certificate_id}/order-cancel": { "parameters": [ { "name": "certificate_id", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/tlsCertificateId" } } ], "x-controller": "TLSCertificatesByID", "post": { "tags": [ "TLS" ], "summary": "Cancel or revoke TLS certificate order", "description": "Cancel a not-yet-issued order before issuance, or revoke the complete issued order within the first 7 days after ordering. A full revocation invalidates all certificate versions on that order and prevents further reissue.", "operationId": "CancelIssuedCertificateOrder", "requestBody": { "description": "Optional order cancellation payload", "required": false, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/tlsCertificateOrderCancelRequest" } } } }, "responses": { "200": { "description": "TLS certificate order cancellation accepted", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/tlsCertificateResponse" } } } ] } } } }, "400": { "description": "Invalid request or revocation reason", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "TLS certificate not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "409": { "description": "The TLS certificate order cannot be cancelled or revoked in its current state", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "502": { "description": "Upstream TLS provider error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/tls/certificate/{certificate_id}/reissue": { "parameters": [ { "name": "certificate_id", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/tlsCertificateId" } } ], "x-controller": "TLSCertificatesByID", "post": { "tags": [ "TLS" ], "summary": "Reissue TLS certificate", "description": "Reissue an already issued or certificate-revoked TLS certificate with a new CSR while keeping the same order. Optionally, `validity_days` can request a shorter replacement certificate lifetime, but the CA only supports that for eligible multi-year plan orders and never beyond the remaining order contract.", "operationId": "ReissueCertificate", "requestBody": { "description": "Reissue request payload", "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/tlsCertificateReissueRequest" } } } }, "responses": { "200": { "description": "TLS certificate reissue accepted", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/baseResult" }, { "type": "object", "properties": { "response": { "$ref": "#/components/schemas/tlsCertificateResponse" } } } ] } } } }, "400": { "description": "Invalid request payload or CSR", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "TLS certificate not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "409": { "description": "The TLS certificate cannot be reissued in its current state", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "502": { "description": "Upstream TLS provider error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } }, "/tls/certificate/{certificate_id}/download/{format}": { "parameters": [ { "name": "certificate_id", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/tlsCertificateId" } }, { "name": "format", "required": true, "in": "path", "schema": { "$ref": "#/components/schemas/tlsCertificateDownloadFormat" } } ], "x-controller": "TLSCertificateDownloads", "get": { "tags": [ "TLS" ], "summary": "Download TLS certificate", "description": "Download the issued TLS certificate either as PEM text or as a ZIP bundle.", "operationId": "DownloadCertificate", "responses": { "200": { "description": "TLS certificate payload", "content": { "text/plain": { "schema": { "type": "string" }, "example": "-----BEGIN CERTIFICATE-----\nMIID...\n-----END CERTIFICATE-----" }, "application/zip": { "schema": { "type": "string", "format": "binary" } } } }, "400": { "description": "Invalid request", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "401": { "description": "Unauthorized", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "404": { "description": "TLS certificate not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "409": { "description": "The requested certificate artifact is not available yet", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "500": { "description": "Unexpected error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } }, "502": { "description": "Upstream TLS provider error", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Error" } } } } } } } }, "components": { "schemas": { "rrid": { "description": "Resource Record ID", "type": "number" }, "tlsCertificateId": { "description": "Public TLS certificate ID", "type": "string", "pattern": "^[ABCDEFGHJKMNPQRSTUVWXYZ23456789]{13}$", "example": "7K9QW3M2ZT8HJ" }, "tlsOrganizationId": { "description": "Public TLS organization ID", "type": "string", "pattern": "^hdl_[ABCDEFGHJKMNPQRSTUVWXYZ23456789]{13}$", "example": "hdl_7K9QW3M2ZT8HJ" }, "fqdn": { "type": "string", "description": "Fully Qualified Domain Name (FQDN, ending with a period).", "pattern": "^((?=.{1,253}$)(\\*\\.)?(_?[a-zA-Z0-9]([a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])?\\.)+[a-zA-Z]{2,}\\.)$", "example": "www.example.com." }, "fqdn_relaxed": { "type": "string", "description": "Fully Qualified Domain Name.", "pattern": "^((?=.{1,253}$)(\\*\\.)?(_?[a-zA-Z0-9]([a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])?\\.)+[a-zA-Z]{2,}(\\.)?)$", "example": "www.example.com" }, "fqdn_or_subdomain": { "type": "string", "description": "Fully Qualified Domain Name (FQDN) or subdomain. You can use the `@` symbol to represent your apex domain (e.g., example.com). Wildcards are supported.", "pattern": "^(@|(?=.{1,253}$)(\\*\\.)?(_?[a-zA-Z0-9]([a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])?(\\.)?)+[a-zA-Z]{0,}(\\.)?)$", "example": "www" }, "ipv4": { "type": "string", "example": "12.12.12.12", "pattern": "^((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])\\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])$" }, "ipv6": { "type": "string", "example": "2001:0db8:85a3:0000:0000:8a2e:0370:7334", "pattern": "^(([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4}|([0-9A-Fa-f]{1,4}:){1,7}:|([0-9A-Fa-f]{1,4}:){1,6}:[0-9A-Fa-f]{1,4}|([0-9A-Fa-f]{1,4}:){1,5}(:[0-9A-Fa-f]{1,4}){1,2}|([0-9A-Fa-f]{1,4}:){1,4}(:[0-9A-Fa-f]{1,4}){1,3}|([0-9A-Fa-f]{1,4}:){1,3}(:[0-9A-Fa-f]{1,4}){1,4}|([0-9A-Fa-f]{1,4}:){1,2}(:[0-9A-Fa-f]{1,4}){1,5}|[0-9A-Fa-f]{1,4}:((:[0-9A-Fa-f]{1,4}){1,6})|:((:[0-9A-Fa-f]{1,4}){1,7}|:))$" }, "baseResult": { "type": "object", "required": [ "success" ], "properties": { "success": { "description": "Success indicator", "type": "boolean" }, "code": { "description": "Response/Error Code", "type": "integer" } } }, "recordResponseAdditionalReqRRID": { "type": "object", "required": [ "id" ], "properties": { "id": { "$ref": "#/components/schemas/rrid" } } }, "recordResponseAdditionalReqFQDN": { "type": "object", "required": [ "name" ], "properties": { "name": { "$ref": "#/components/schemas/fqdn" } } }, "recordResponse": { "allOf": [ { "$ref": "#/components/schemas/recordType" }, { "$ref": "#/components/schemas/recordResponseAdditionalReqRRID" }, { "$ref": "#/components/schemas/recordResponseAdditionalReqFQDN" }, { "$ref": "#/components/schemas/recordResponseAdditionalState" } ] }, "recordResponseAdditionalState": { "type": "object", "required": [ "auto", "active", "ts_created", "ts_updated" ], "properties": { "auto": { "type": "boolean", "description": "Whether the DNS record is managed automatically by regfish." }, "active": { "type": "boolean", "description": "Whether the DNS record is currently active." }, "ts_created": { "type": "integer", "description": "Unix timestamp when the record was created." }, "ts_updated": { "type": "integer", "description": "Unix timestamp when the record was last updated." } } }, "recordRequest": { "$ref": "#/components/schemas/recordType" }, "recordRequestFQDN": { "allOf": [ { "$ref": "#/components/schemas/recordType" }, { "$ref": "#/components/schemas/recordResponseAdditionalReqFQDN" } ] }, "dnssecMode": { "type": "string", "description": "Requested DNSSEC operating mode.\n- `none`: no registry DNSSEC should remain active\n- `regfish`: regfish signs the zone and manages registry trust anchors\n- `external`: the caller supplies DNSSEC records for external authoritative nameservers\n", "enum": [ "none", "regfish", "external" ] }, "dnssecState": { "type": "string", "description": "Fine-grained registry DNSSEC state.", "enum": [ "disabled", "pending_enable", "enabled", "pending_disable", "error", "drift", "unknown" ] }, "dnssecDisplayState": { "type": "string", "description": "High-level DNSSEC status.", "enum": [ "active", "pending", "inactive" ] }, "dnssecRecordKind": { "type": "string", "enum": [ "ds", "dnskey" ] }, "dnssecRecord": { "type": "object", "required": [ "kind", "algorithm" ], "properties": { "kind": { "$ref": "#/components/schemas/dnssecRecordKind" }, "key_tag": { "type": "integer", "minimum": 0 }, "flags": { "type": "integer", "minimum": 0 }, "protocol": { "type": "integer", "minimum": 0 }, "algorithm": { "type": "integer", "minimum": 0 }, "digest_type": { "type": "integer", "minimum": 0 }, "digest": { "type": "string" }, "public_key": { "type": "string" }, "comment": { "type": "string" } } }, "sortOrder": { "type": "string", "enum": [ "asc", "desc" ] }, "domainListSortKey": { "type": "string", "enum": [ "domain", "expires_at", "cancelled", "primary_nameserver", "dnssec_state", "owner", "registered_at" ] }, "domainListFilter": { "type": "string", "enum": [ "cancelled", "dnssec-inactive" ] }, "domainResponse": { "type": "object", "required": [ "domain", "sld", "tld", "favorite", "owner", "primary_nameserver", "dnssec_state", "auto_renew", "cancelled", "registered_at", "expires_at" ], "properties": { "domain": { "$ref": "#/components/schemas/fqdn_relaxed" }, "sld": { "type": "string", "description": "Second-level domain label." }, "tld": { "type": "string", "description": "Top-level domain." }, "favorite": { "type": "boolean", "description": "Whether the domain is marked as a favorite." }, "owner_contact_id": { "type": "integer", "nullable": true, "description": "Registrant contact identifier, if available." }, "owner": { "type": "string", "description": "Registrant name or organization label." }, "primary_nameserver": { "type": "string", "description": "Primary delegated nameserver." }, "dnssec_state": { "$ref": "#/components/schemas/dnssecDisplayState" }, "auto_renew": { "type": "boolean", "description": "Whether the domain is set to renew automatically." }, "cancelled": { "type": "boolean", "description": "Whether the domain has been cancelled." }, "registered_at": { "type": "integer", "nullable": true, "description": "Unix timestamp when the domain was registered." }, "expires_at": { "type": "integer", "nullable": true, "description": "Unix timestamp when the domain expires." } } }, "domainListResponse": { "type": "object", "required": [ "domains", "total_items", "total_pages", "page", "page_size", "search", "filters", "sort_by", "sort_order" ], "properties": { "domains": { "type": "array", "description": "Domain list for the current result page.", "items": { "$ref": "#/components/schemas/domainResponse" } }, "total_items": { "type": "integer", "description": "Total number of matching domains." }, "total_pages": { "type": "integer", "description": "Total number of available pages." }, "page": { "type": "integer", "description": "Current page number." }, "page_size": { "type": "integer", "description": "Number of items returned per page." }, "search": { "type": "string", "description": "Applied search term." }, "filters": { "type": "array", "description": "Applied filters.", "items": { "$ref": "#/components/schemas/domainListFilter" } }, "sort_by": { "description": "Applied sort field.", "$ref": "#/components/schemas/domainListSortKey" }, "sort_order": { "description": "Applied sort direction.", "$ref": "#/components/schemas/sortOrder" } } }, "dnssecRequest": { "type": "object", "required": [ "mode", "state" ], "properties": { "mode": { "$ref": "#/components/schemas/dnssecMode" }, "state": { "type": "string", "description": "Desired high-level DNSSEC state.", "enum": [ "disabled", "enabled" ] }, "verify_after_apply": { "type": "boolean", "description": "When true, the API immediately refreshes registry state and checks DNS delegation after the update.", "default": true }, "records": { "type": "array", "description": "Required for `mode=external,state=enabled`. Ignored for regfish-managed activation and for disable operations.", "items": { "$ref": "#/components/schemas/dnssecRecord" } } } }, "dnssecCapabilities": { "type": "object", "required": [ "supported", "provider", "mode_regfish_available", "mode_external_available", "accepted_record_kinds", "min_records", "accepted_algorithms" ], "properties": { "supported": { "type": "boolean" }, "provider": { "type": "string" }, "mode_regfish_available": { "type": "boolean" }, "mode_external_available": { "type": "boolean" }, "accepted_record_kinds": { "type": "array", "items": { "$ref": "#/components/schemas/dnssecRecordKind" } }, "min_records": { "type": "integer" }, "max_records": { "type": "integer", "nullable": true }, "accepted_algorithms": { "type": "array", "items": { "type": "integer" } }, "reason_unavailable": { "type": "string" } } }, "dnssecJobResponse": { "type": "object", "required": [ "id", "action", "mode", "status", "source", "ts_created", "ts_updated" ], "properties": { "id": { "type": "integer" }, "action": { "type": "string" }, "mode": { "type": "string" }, "status": { "type": "string", "description": "Job lifecycle status such as `PENDING`, `RUNNING`, `WAITING`, `OK`, `ERROR`, or `CANCELLED`." }, "source": { "type": "string" }, "registry_name": { "type": "string", "nullable": true }, "registry_reference": { "type": "string", "nullable": true }, "error_code": { "type": "string", "nullable": true }, "error_text": { "type": "string", "nullable": true }, "ts_created": { "type": "integer" }, "ts_updated": { "type": "integer" }, "ts_started": { "type": "integer", "nullable": true }, "ts_finished": { "type": "integer", "nullable": true } } }, "dnssecResponse": { "type": "object", "required": [ "configured", "dnssec_state", "mode", "desired_state", "live_state", "capabilities", "desired_records", "live_records", "using_regfish_nameservers", "legacy_mode", "zone_signed", "zone_pending_disable" ], "properties": { "configured": { "type": "boolean", "description": "Whether DNSSEC has been configured for the domain." }, "dnssec_state": { "$ref": "#/components/schemas/dnssecDisplayState" }, "mode": { "$ref": "#/components/schemas/dnssecMode" }, "desired_state": { "$ref": "#/components/schemas/dnssecState" }, "live_state": { "$ref": "#/components/schemas/dnssecState" }, "capabilities": { "$ref": "#/components/schemas/dnssecCapabilities" }, "desired_records": { "type": "array", "items": { "$ref": "#/components/schemas/dnssecRecord" } }, "live_records": { "type": "array", "items": { "$ref": "#/components/schemas/dnssecRecord" } }, "last_error_code": { "type": "string", "nullable": true }, "last_error": { "type": "string", "nullable": true }, "last_registry_name": { "type": "string", "nullable": true }, "last_registry_reference": { "type": "string", "nullable": true }, "last_registry_status": { "type": "string", "nullable": true }, "last_verified_at": { "type": "integer", "nullable": true }, "last_applied_at": { "type": "integer", "nullable": true }, "pending_job": { "allOf": [ { "$ref": "#/components/schemas/dnssecJobResponse" } ], "nullable": true, "description": "Current DNSSEC transition job, if processing is still in progress." }, "using_regfish_nameservers": { "type": "boolean" }, "legacy_mode": { "type": "boolean" }, "zone_signed": { "type": "boolean" }, "zone_pending_disable": { "type": "boolean" }, "zone_propagated_at": { "type": "integer", "nullable": true }, "jobs": { "type": "array", "description": "Recent DNSSEC jobs for the domain. This is history, not just the current pending item.", "items": { "$ref": "#/components/schemas/dnssecJobResponse" } } } }, "dnsZoneDelegationNameserver": { "type": "object", "required": [ "host" ], "properties": { "host": { "$ref": "#/components/schemas/fqdn" }, "ipv4": { "allOf": [ { "$ref": "#/components/schemas/ipv4" } ], "nullable": true } } }, "dnsZoneSOA": { "type": "object", "required": [ "primary_nameserver", "mailbox", "serial", "refresh", "retry", "expire", "minimum", "ttl" ], "properties": { "primary_nameserver": { "$ref": "#/components/schemas/fqdn" }, "mailbox": { "$ref": "#/components/schemas/fqdn" }, "serial": { "type": "integer" }, "refresh": { "type": "integer" }, "retry": { "type": "integer" }, "expire": { "type": "integer" }, "minimum": { "type": "integer" }, "ttl": { "type": "integer" } } }, "dnsZoneCounts": { "type": "object", "required": [ "records_total", "records_active", "records_auto", "records_manual", "by_type" ], "properties": { "records_total": { "type": "integer" }, "records_active": { "type": "integer" }, "records_auto": { "type": "integer" }, "records_manual": { "type": "integer" }, "by_type": { "type": "object", "additionalProperties": { "type": "integer" } } } }, "dnsZoneRecordResponse": { "type": "object", "description": "Superset record representation returned by the detailed zone endpoint. Record-specific fields such as `priority`, `flags`, or `tag` are included when applicable.", "required": [ "id", "name", "type", "ttl", "auto", "active", "ts_created", "ts_updated" ], "properties": { "id": { "$ref": "#/components/schemas/rrid" }, "name": { "type": "string", "description": "Record owner name. Apex records are returned as `@`; other records use their fully-qualified name." }, "type": { "type": "string" }, "data": { "type": "string" }, "priority": { "type": "integer" }, "flags": { "type": "integer" }, "tag": { "type": "string" }, "ttl": { "type": "integer" }, "auto": { "type": "boolean" }, "active": { "type": "boolean" }, "annotation": { "type": "string" }, "ts_created": { "type": "integer" }, "ts_updated": { "type": "integer" } } }, "dnsZoneSummaryResponse": { "type": "object", "required": [ "domain", "origin", "active", "signed", "using_regfish_nameservers", "delegation_nameservers", "soa", "record_count", "dnssec_state" ], "properties": { "domain": { "$ref": "#/components/schemas/fqdn_relaxed" }, "origin": { "$ref": "#/components/schemas/fqdn" }, "active": { "type": "boolean" }, "signed": { "type": "boolean", "description": "Whether the regfish-hosted zone itself is signed." }, "using_regfish_nameservers": { "type": "boolean", "description": "Whether the domain currently uses regfish authoritative nameservers." }, "delegation_nameservers": { "type": "array", "items": { "$ref": "#/components/schemas/dnsZoneDelegationNameserver" } }, "soa": { "$ref": "#/components/schemas/dnsZoneSOA" }, "record_count": { "type": "integer" }, "dnssec_state": { "$ref": "#/components/schemas/dnssecDisplayState", "description": "High-level DNSSEC status for the domain and its delegation." } } }, "dnsZoneDetailResponse": { "allOf": [ { "$ref": "#/components/schemas/dnsZoneSummaryResponse" }, { "type": "object", "required": [ "dnssec", "counts", "records" ], "properties": { "dnssec": { "$ref": "#/components/schemas/dnssecResponse" }, "counts": { "$ref": "#/components/schemas/dnsZoneCounts" }, "records": { "type": "array", "items": { "$ref": "#/components/schemas/dnsZoneRecordResponse" } } } } ] }, "recordType": { "oneOf": [ { "$ref": "#/components/schemas/A" }, { "$ref": "#/components/schemas/AAAA" }, { "$ref": "#/components/schemas/CNAME" }, { "$ref": "#/components/schemas/CAA" }, { "$ref": "#/components/schemas/ALIAS" }, { "$ref": "#/components/schemas/MX" }, { "$ref": "#/components/schemas/TXT" } ], "discriminator": { "propertyName": "type" } }, "type": { "type": "string", "example": "A", "enum": [ "A", "AAAA", "CNAME", "CAA", "ALIAS", "TXT", "MX" ] }, "record": { "type": "object", "required": [ "name", "type" ], "properties": { "type": { "$ref": "#/components/schemas/type" }, "name": { "$ref": "#/components/schemas/fqdn_or_subdomain" }, "ttl": { "$ref": "#/components/schemas/ttl" }, "annotation": { "description": "A custom note for this particular record.", "type": "string" } } }, "ttl": { "description": "Time To Live (60-604800)", "type": "integer", "example": 600, "minimum": 60, "maximum": 604800 }, "tlsCertificateStatus": { "type": "string", "enum": [ "pending", "issued", "pending_cancellation", "pending_revocation", "pending_order_revocation", "cancelled", "order_cancelled", "revoked", "order_revoked", "rejected", "expired", "unknown" ] }, "tlsCertificateRevocationScope": { "type": "string", "enum": [ "certificate", "order" ] }, "tlsCertificateOrderCancellationMode": { "type": "string", "enum": [ "cancel_pending", "revoke_issued" ] }, "tlsCertificateProvider": { "type": "string", "enum": [ "digicert" ] }, "tlsProductAuthority": { "type": "string", "enum": [ "digicert", "geotrust", "rapidssl", "thawte" ] }, "tlsProductValidationType": { "type": "string", "enum": [ "DV", "OV", "EV" ] }, "tlsProductValidationLevel": { "type": "string", "enum": [ "dv", "ov", "ev" ] }, "tlsProductSpecs": { "type": "object", "properties": { "seal": { "type": "boolean" }, "san_support": { "type": "boolean" }, "www_on_apex": { "type": "boolean" }, "apex_on_wc": { "type": "boolean" }, "wc_support": { "type": "boolean" }, "san_wc_support": { "type": "boolean" }, "max_sans": { "type": "integer" }, "malware_check": { "type": "boolean" } } }, "tlsProductResponse": { "type": "object", "required": [ "sku", "name", "type", "validation_level", "organization_required", "ca", "price", "specs" ], "properties": { "sku": { "$ref": "#/components/schemas/tlsCertificateProduct" }, "name": { "type": "string" }, "type": { "$ref": "#/components/schemas/tlsProductValidationType" }, "validation_level": { "$ref": "#/components/schemas/tlsProductValidationLevel" }, "organization_required": { "type": "boolean" }, "ca": { "$ref": "#/components/schemas/tlsProductAuthority" }, "price": { "type": "object", "required": [ "yearly", "daily" ], "properties": { "yearly": { "type": "number", "format": "float" }, "daily": { "type": "number", "format": "float" } } }, "recommended": { "type": "boolean" }, "specs": { "$ref": "#/components/schemas/tlsProductSpecs" } } }, "tlsCertificateOrganization": { "type": "object", "required": [ "id", "name", "status", "usable_for_ordering" ], "properties": { "id": { "$ref": "#/components/schemas/tlsOrganizationId" }, "name": { "type": "string" }, "status": { "$ref": "#/components/schemas/tlsOrganizationStatus" }, "usable_for_ordering": { "type": "boolean" } } }, "tlsOrganizationStatus": { "type": "string", "enum": [ "ready", "incomplete" ] }, "tlsOrganizationCreateRequest": { "type": "object", "required": [ "organization", "first_name", "last_name", "address", "postal_code", "city", "country_code", "phone", "email" ], "properties": { "organization": { "type": "string" }, "first_name": { "type": "string" }, "last_name": { "type": "string" }, "address": { "type": "string" }, "postal_code": { "type": "string" }, "city": { "type": "string" }, "country_code": { "type": "string", "minLength": 2, "maxLength": 2 }, "phone": { "type": "string" }, "email": { "type": "string" } } }, "tlsOrganizationPatchRequest": { "type": "object", "minProperties": 1, "properties": { "edit_mode": { "type": "string", "enum": [ "create_replacement", "update_provider" ] }, "organization": { "type": "string" }, "first_name": { "type": "string" }, "last_name": { "type": "string" }, "address": { "type": "string" }, "postal_code": { "type": "string" }, "city": { "type": "string" }, "country_code": { "type": "string", "minLength": 2, "maxLength": 2 }, "phone": { "type": "string" }, "email": { "type": "string" } } }, "tlsOrganizationResponse": { "type": "object", "required": [ "id", "organization", "status", "usable_for_ordering", "first_name", "last_name", "address", "postal_code", "city", "country_code", "phone", "email" ], "properties": { "id": { "$ref": "#/components/schemas/tlsOrganizationId" }, "organization": { "type": "string" }, "status": { "$ref": "#/components/schemas/tlsOrganizationStatus" }, "usable_for_ordering": { "type": "boolean" }, "provider": { "type": "string" }, "provider_status": { "type": "string" }, "validation_status": { "type": "string", "enum": [ "unknown", "pending", "validated", "expired", "revalidation_required" ] }, "validation_type": { "type": "string" }, "validated_until": { "type": "string" }, "revalidation_required": { "type": "boolean" }, "first_name": { "type": "string" }, "last_name": { "type": "string" }, "address": { "type": "string" }, "postal_code": { "type": "string" }, "city": { "type": "string" }, "country_code": { "type": "string" }, "phone": { "type": "string" }, "email": { "type": "string" } } }, "tlsCertificateProduct": { "type": "string", "description": "regfish TLS certificate product identifier.", "enum": [ "RapidSSL", "RapidSSLWildcard", "QuickSSLPremium", "SSL123", "TrueBusinessID", "SecureSite", "SSLWebServer" ] }, "tlsCertificateDcvMethod": { "type": "string", "enum": [ "dns-cname-token", "email" ] }, "tlsCertificateRevocationReason": { "type": "string", "description": "Revocation reason.", "enum": [ "unspecified", "keyCompromise", "affiliationChanged", "superseded", "cessationOfOperation" ] }, "tlsCertificateDownloadFormat": { "type": "string", "enum": [ "pem", "zip" ] }, "tlsCertificateReissueStatus": { "type": "string", "enum": [ "pending", "processing", "pending_approval", "issued", "cancelled", "rejected", "failed" ] }, "csr": { "type": "string", "description": "PEM encoded certificate signing request (CSR).", "example": "-----BEGIN CERTIFICATE REQUEST-----\nMIIC...\n-----END CERTIFICATE REQUEST-----" }, "tlsValidationDnsRecord": { "type": "object", "required": [ "name", "type", "value" ], "properties": { "name": { "$ref": "#/components/schemas/fqdn" }, "type": { "type": "string", "enum": [ "CNAME" ] }, "value": { "$ref": "#/components/schemas/fqdn" } } }, "tlsValidation": { "type": "object", "required": [ "method" ], "properties": { "method": { "$ref": "#/components/schemas/tlsCertificateDcvMethod" }, "dns_records": { "type": "array", "items": { "$ref": "#/components/schemas/tlsValidationDnsRecord" } }, "email_targets": { "type": "array", "items": { "type": "string" } } } }, "tlsCertificateRequest": { "type": "object", "required": [ "sku", "common_name", "csr", "dcv_method" ], "properties": { "sku": { "$ref": "#/components/schemas/tlsCertificateProduct" }, "common_name": { "$ref": "#/components/schemas/fqdn_relaxed" }, "dns_names": { "type": "array", "items": { "$ref": "#/components/schemas/fqdn_relaxed" } }, "csr": { "$ref": "#/components/schemas/csr" }, "dcv_method": { "$ref": "#/components/schemas/tlsCertificateDcvMethod" }, "dcv_emails": { "type": "array", "items": { "type": "string" } }, "org_id": { "$ref": "#/components/schemas/tlsOrganizationId", "description": "Optional public TLS organization id to use for OV or EV ordering. Use `/tls/organization` to list or create eligible organizations." }, "renewal_of_certificate_id": { "$ref": "#/components/schemas/tlsCertificateId", "description": "Optional TLS certificate `id` to renew. When set, the order is submitted as a provider-linked renewal of the referenced certificate. Any remaining validity may increase the final issued lifetime after the provider accepts the renewal.", "example": "7K9QW3M2ZT8HJ" }, "validity_days": { "type": "integer", "minimum": 1, "maximum": 199, "default": 199, "description": "Purchased base order validity in days. For renewal orders this value is not reduced by any expected remaining-validity bonus from the previous certificate. If the provider credits remaining validity, the issued certificate may end up with a longer effective lifetime than this value." } } }, "tlsCertificateCancelRequest": { "type": "object", "properties": { "note": { "type": "string", "description": "Optional provider note stored with the cancellation request. If omitted, regfish sends a default note because the CA requires one for pending-order cancellations." } } }, "tlsCertificateCompleteRequest": { "type": "object", "required": [ "org_id" ], "properties": { "org_id": { "$ref": "#/components/schemas/tlsOrganizationId", "description": "Public TLS organization id to use for completing the staged TLS certificate order." } } }, "tlsCertificateRevokeRequest": { "type": "object", "properties": { "comment": { "type": "string", "description": "Optional provider comment for the revocation request." }, "revocation_reason": { "allOf": [ { "$ref": "#/components/schemas/tlsCertificateRevocationReason" } ], "description": "Optional revocation reason forwarded to the CA. Defaults to `unspecified` when omitted.", "example": "cessationOfOperation" } } }, "tlsCertificateOrderCancelRequest": { "type": "object", "properties": { "comment": { "type": "string", "description": "Optional provider comment for the full order cancellation request. If the request resolves to a pending-order cancellation, regfish sends a default provider note when this field is omitted." }, "revocation_reason": { "allOf": [ { "$ref": "#/components/schemas/tlsCertificateRevocationReason" } ], "description": "Optional revocation reason. Defaults to `unspecified`.", "example": "unspecified" } } }, "tlsCertificateReissueRequest": { "type": "object", "required": [ "csr", "dcv_method" ], "properties": { "csr": { "$ref": "#/components/schemas/csr" }, "common_name": { "$ref": "#/components/schemas/fqdn_relaxed", "description": "Optional. If provided, it must match the current order common name exactly." }, "dns_names": { "type": "array", "items": { "$ref": "#/components/schemas/fqdn_relaxed" }, "description": "Optional. If provided, the SAN list must match the current order exactly." }, "dcv_method": { "$ref": "#/components/schemas/tlsCertificateDcvMethod" }, "comments": { "type": "string", "description": "Optional provider comment stored with the reissue request." }, "validity_days": { "type": "integer", "minimum": 1, "maximum": 199, "description": "Optional requested certificate lifetime in days for the replacement certificate. The CA only honors this for eligible multi-year plan orders and never beyond the remaining order contract." } } }, "tlsCertificateReissueResponse": { "type": "object", "required": [ "id", "status", "common_name", "dns_names" ], "properties": { "id": { "type": "integer" }, "status": { "$ref": "#/components/schemas/tlsCertificateReissueStatus" }, "common_name": { "type": "string" }, "dns_names": { "type": "array", "items": { "type": "string" } }, "order_state": { "type": "string" }, "requested_at": { "type": "string", "format": "date-time" }, "last_updated_at": { "type": "string", "format": "date-time" }, "validation": { "$ref": "#/components/schemas/tlsValidation" } } }, "tlsCertificateResponse": { "type": "object", "required": [ "id", "status", "common_name", "product", "provider", "dns_names", "action_required", "pending_reason", "pending_message", "completion_url", "organization_id", "certificate_pem_available" ], "properties": { "id": { "$ref": "#/components/schemas/tlsCertificateId" }, "status": { "$ref": "#/components/schemas/tlsCertificateStatus" }, "common_name": { "type": "string" }, "product": { "type": "string" }, "provider": { "$ref": "#/components/schemas/tlsCertificateProvider" }, "dns_names": { "type": "array", "items": { "type": "string" } }, "action_required": { "type": "boolean" }, "pending_reason": { "type": "string" }, "pending_message": { "type": "string" }, "completion_url": { "type": "string", "description": "Absolute URL where the remaining order details can be completed in the web interface. API clients can alternatively use `/tls/certificate/{certificate_id}/complete`." }, "organization_id": { "type": "string", "nullable": true, "pattern": "^hdl_[ABCDEFGHJKMNPQRSTUVWXYZ23456789]{13}$" }, "organization": { "$ref": "#/components/schemas/tlsCertificateOrganization" }, "order_state": { "type": "string" }, "revocation_scope": { "$ref": "#/components/schemas/tlsCertificateRevocationScope" }, "revocation_pending_scope": { "$ref": "#/components/schemas/tlsCertificateRevocationScope" }, "reissue_supported": { "type": "boolean" }, "validity_days": { "type": "integer", "description": "Purchased base order validity in days as submitted for the order. On provider-linked renewals the effective issued certificate lifetime can be longer. Use `valid_from` and `valid_until` as the authoritative issued lifetime." }, "renewal_bonus_days": { "type": "integer", "minimum": 0, "description": "Confirmed additional validity days on top of `validity_days`, derived from the actually issued renewal certificate. This field is only present for renewal certificates once the effective issued lifetime can be determined." }, "serial_number": { "type": "string" }, "valid_from": { "type": "string", "format": "date-time" }, "valid_until": { "type": "string", "format": "date-time", "description": "Authoritative expiration timestamp of the currently issued certificate. On provider-linked renewals this can be later than `validity_days` would suggest if the provider adds remaining validity from the previous certificate." }, "contract_valid_from": { "type": "string", "format": "date-time" }, "contract_valid_until": { "type": "string", "format": "date-time" }, "last_status_check": { "type": "string", "format": "date-time" }, "certificate_pem_available": { "type": "boolean" }, "order_cancellable": { "type": "boolean" }, "order_cancellation_mode": { "$ref": "#/components/schemas/tlsCertificateOrderCancellationMode" }, "order_cancellable_until": { "type": "string", "format": "date-time" }, "validation": { "$ref": "#/components/schemas/tlsValidation" }, "reissue": { "$ref": "#/components/schemas/tlsCertificateReissueResponse" } } }, "A": { "allOf": [ { "$ref": "#/components/schemas/record" }, { "type": "object", "required": [ "type", "data" ], "properties": { "type": { "type": "string", "enum": [ "A" ] }, "data": { "$ref": "#/components/schemas/ipv4" } } } ] }, "AAAA": { "allOf": [ { "$ref": "#/components/schemas/record" }, { "type": "object", "required": [ "type", "data" ], "properties": { "type": { "type": "string", "enum": [ "AAAA" ] }, "data": { "$ref": "#/components/schemas/ipv6" } } } ] }, "CNAME": { "allOf": [ { "$ref": "#/components/schemas/record" }, { "type": "object", "required": [ "type", "data" ], "properties": { "type": { "type": "string", "enum": [ "CNAME" ] }, "data": { "$ref": "#/components/schemas/fqdn" } } } ] }, "CAA": { "allOf": [ { "$ref": "#/components/schemas/record" }, { "type": "object", "required": [ "type", "flags", "tag", "data" ], "properties": { "type": { "type": "string", "enum": [ "CAA" ] }, "flags": { "type": "integer", "example": 1, "description": "indicates criticality, with a value of 1 meaning that the record must be understood and respected by the CA before issuing a certificate, while 0 means it’s optional.", "enum": [ 0, 1 ] }, "tag": { "type": "string", "example": "issue", "description": "Specifies the type of authorization or reporting policy, such as allowing specific CAs to issue certificates (issue), wildcard certificates (issuewild), or report issues (iodef).", "enum": [ "issue", "issuewild", "iodef" ] }, "data": { "type": "string", "example": "letsencrypt.org", "description": "Use the CA’s domain to authorize a specific CA or to include a URI when used with iodef." } } } ] }, "ALIAS": { "allOf": [ { "$ref": "#/components/schemas/record" }, { "type": "object", "required": [ "type", "data" ], "properties": { "type": { "type": "string", "enum": [ "ALIAS" ] }, "data": { "$ref": "#/components/schemas/fqdn" } } } ] }, "TXT": { "allOf": [ { "$ref": "#/components/schemas/record" }, { "type": "object", "required": [ "type", "data" ], "properties": { "type": { "type": "string", "enum": [ "TXT" ] }, "data": { "type": "string" } } } ] }, "MX": { "allOf": [ { "$ref": "#/components/schemas/record" }, { "type": "object", "required": [ "type", "data", "priority" ], "properties": { "type": { "type": "string", "enum": [ "MX" ] }, "data": { "$ref": "#/components/schemas/fqdn" }, "priority": { "type": "integer", "minimum": 0, "maximum": 10000 } } } ] }, "Error": { "type": "object", "required": [ "success" ], "example": { "success": false, "message": "Unauthorized", "error": "Invalid API key" }, "properties": { "success": { "description": "Indicator of success (always `false`)", "type": "boolean" }, "message": { "description": "A human readable message", "type": "string" }, "error": { "description": "A human readable error message", "type": "string" } } } }, "securitySchemes": { "api_key": { "type": "apiKey", "in": "header", "name": "x-api-key" } } }, "security": [ { "api_key": [] } ] }