addresses openziti/ziti#2474 addds a generic network JWT for enrollment

client.yml

@@ -2358,6 +2358,84 @@ paths:
               meta:
                 apiEnrollmentVersion: 0.0.1
                 apiVersion: 0.0.1
+  /network-jwts:
+    get:
+      description: Returns a list of JWTs for trusting a network
+      tags:
+      - Enrollment
+      summary: Returns a list of JWTs suitable for bootstrapping network trust.
+      operationId: listNetworkJWTs
+      responses:
+        "200":
+          description: A list of network JWTs
+          schema:
+            $ref: '#/definitions/listNetworkJWTsEnvelope'
+        "400":
+          description: The supplied request contains invalid fields or could not be
+            parsed (json and non-json bodies). The error's code, message, and cause
+            fields can be inspected for further information
+          schema:
+            $ref: '#/definitions/apiErrorEnvelope'
+          examples:
+            application/json:
+              error:
+                args:
+                  urlVars: {}
+                cause:
+                  details:
+                    context: (root)
+                    field: (root)
+                    property: fooField3
+                  field: (root)
+                  message: '(root): fooField3 is required'
+                  type: required
+                  value:
+                    fooField: abc
+                    fooField2: def
+                causeMessage: schema validation failed
+                code: COULD_NOT_VALIDATE
+                message: The supplied request contains an invalid document
+                requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9
+              meta:
+                apiEnrollmentVersion: 0.0.1
+                apiVersion: 0.0.1
+        "401":
+          description: The supplied session does not have the correct access rights
+            to request this resource
+          schema:
+            $ref: '#/definitions/apiErrorEnvelope'
+          examples:
+            application/json:
+              error:
+                args:
+                  urlVars: {}
+                cause: ""
+                causeMessage: ""
+                code: UNAUTHORIZED
+                message: The request could not be completed. The session is not authorized
+                  or the credentials are invalid
+                requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f
+              meta:
+                apiEnrollmentVersion: 0.0.1
+                apiVersion: 0.0.1
+        "429":
+          description: The resource requested is rate limited and the rate limit has
+            been exceeded
+          schema:
+            $ref: '#/definitions/apiErrorEnvelope'
+          examples:
+            application/json:
+              error:
+                args:
+                  urlVars: {}
+                causeMessage: you have hit a rate limit in the requested operation
+                code: RATE_LIMITED
+                message: The resource is rate limited and the rate limit has been
+                  exceeded. Please try again later
+                requestId: 270908d6-f2ef-4577-b973-67bec18ae376
+              meta:
+                apiEnrollmentVersion: 0.0.1
+                apiVersion: 0.0.1
   /posture-response:
     post:
       security:
@@ -4774,6 +4852,16 @@ definitions:
           $ref: '#/definitions/capabilities'
       meta:
         $ref: '#/definitions/meta'
+  listNetworkJWTsEnvelope:
+    type: object
+    required:
+    - meta
+    - data
+    properties:
+      data:
+        $ref: '#/definitions/networkJWTList'
+      meta:
+        $ref: '#/definitions/meta'
   listProtocols:
     type: object
     additionalProperties:
@@ -4870,6 +4958,24 @@ definitions:
     enum:
     - ziti
     - url
+  networkJWT:
+    description: A network JWT
+    type: object
+    allOf:
+    - type: object
+      required:
+      - name
+      - token
+      properties:
+        name:
+          type: string
+        token:
+          type: string
+  networkJWTList:
+    description: An array of network JWTs
+    type: array
+    items:
+      $ref: '#/definitions/networkJWT'
   nonceChallenge:
     type: object
     required:

management.yml

@@ -10105,6 +10105,84 @@ paths:
       name: id
       in: path
       required: true
+  /network-jwts:
+    get:
+      description: Returns a list of JWTs for trusting a network
+      tags:
+      - Enrollment
+      summary: Returns a list of JWTs suitable for bootstrapping network trust.
+      operationId: listNetworkJWTs
+      responses:
+        "200":
+          description: A list of network JWTs
+          schema:
+            $ref: '#/definitions/listNetworkJWTsEnvelope'
+        "400":
+          description: The supplied request contains invalid fields or could not be
+            parsed (json and non-json bodies). The error's code, message, and cause
+            fields can be inspected for further information
+          schema:
+            $ref: '#/definitions/apiErrorEnvelope'
+          examples:
+            application/json:
+              error:
+                args:
+                  urlVars: {}
+                cause:
+                  details:
+                    context: (root)
+                    field: (root)
+                    property: fooField3
+                  field: (root)
+                  message: '(root): fooField3 is required'
+                  type: required
+                  value:
+                    fooField: abc
+                    fooField2: def
+                causeMessage: schema validation failed
+                code: COULD_NOT_VALIDATE
+                message: The supplied request contains an invalid document
+                requestId: ac6766d6-3a09-44b3-8d8a-1b541d97fdd9
+              meta:
+                apiEnrollmentVersion: 0.0.1
+                apiVersion: 0.0.1
+        "401":
+          description: The supplied session does not have the correct access rights
+            to request this resource
+          schema:
+            $ref: '#/definitions/apiErrorEnvelope'
+          examples:
+            application/json:
+              error:
+                args:
+                  urlVars: {}
+                cause: ""
+                causeMessage: ""
+                code: UNAUTHORIZED
+                message: The request could not be completed. The session is not authorized
+                  or the credentials are invalid
+                requestId: 0bfe7a04-9229-4b7a-812c-9eb3cc0eac0f
+              meta:
+                apiEnrollmentVersion: 0.0.1
+                apiVersion: 0.0.1
+        "429":
+          description: The resource requested is rate limited and the rate limit has
+            been exceeded
+          schema:
+            $ref: '#/definitions/apiErrorEnvelope'
+          examples:
+            application/json:
+              error:
+                args:
+                  urlVars: {}
+                causeMessage: you have hit a rate limit in the requested operation
+                code: RATE_LIMITED
+                message: The resource is rate limited and the rate limit has been
+                  exceeded. Please try again later
+                requestId: 270908d6-f2ef-4577-b973-67bec18ae376
+              meta:
+                apiEnrollmentVersion: 0.0.1
+                apiVersion: 0.0.1
   /posture-check-role-attributes:
     get:
       security:
@@ -18454,6 +18532,16 @@ definitions:
         $ref: '#/definitions/identityTypeList'
       meta:
         $ref: '#/definitions/meta'
+  listNetworkJWTsEnvelope:
+    type: object
+    required:
+    - meta
+    - data
+    properties:
+      data:
+        $ref: '#/definitions/networkJWTList'
+      meta:
+        $ref: '#/definitions/meta'
   listPostureCheckEnvelope:
     type: object
     required:
@@ -18634,6 +18722,24 @@ definitions:
     items:
       $ref: '#/definitions/namedRole'
     x-omitempty: false
+  networkJWT:
+    description: A network JWT
+    type: object
+    allOf:
+    - type: object
+      required:
+      - name
+      - token
+      properties:
+        name:
+          type: string
+        token:
+          type: string
+  networkJWTList:
+    description: An array of network JWTs
+    type: array
+    items:
+      $ref: '#/definitions/networkJWT'
   operatingSystem:
     type: object
     required: