diff --git a/docusaurus.config.ts b/docusaurus.config.ts index 502f1f9b8..8e53711a7 100644 --- a/docusaurus.config.ts +++ b/docusaurus.config.ts @@ -500,6 +500,11 @@ const config = { label: "SaaS Security Posture Management", icon: "api-doc", }, + { + to: "sase/api/identity-sspm", + label: "Identity Security Posture Management", + icon: "api-doc", + }, { to: "access/api/adem/autonomous-dem-api", label: "Autonomous DEM", @@ -923,6 +928,11 @@ const config = { outputDir: "products/sase/api/sspm", sidebarOptions: { groupPathsBy: "tag" }, }, + identitysspm: { + specPath: "openapi-specs/sase/identity-sspm", + outputDir: "products/sase/api/identity-sspm", + sidebarOptions: { groupPathsBy: "tag" }, + }, access: { specPath: "openapi-specs/access/prisma-access-config", outputDir: "products/access/api/prisma-access-config", diff --git a/openapi-specs/sase/identity-sspm/identity-sspm.yaml b/openapi-specs/sase/identity-sspm/identity-sspm.yaml new file mode 100644 index 000000000..05715b590 --- /dev/null +++ b/openapi-specs/sase/identity-sspm/identity-sspm.yaml @@ -0,0 +1,1158 @@ +openapi: 3.0.3 +info: + title: Incident Security Service Posture Management API + version: '1.0' + description: "Endpoint to retrieve Identity Posture Security information This Open\ + \ API spec file was created on June 11, 2025. \xA9 2025 Palo Alto Networks, Inc.\ + \ Palo Alto Networks is a registered trademark of Palo Alto Networks. A list of\ + \ our trademarks can be found at [https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html).\ + \ All other marks mentioned herein may be trademarks of their respective companies." +servers: +- url: https://api.sase.paloaltonetworks.com +- url: https://api.strata.paloaltonetworks.com +External tags: +- name: Catalog + description: Application Catalog +- name: Identity + description: Identity Provider related API +- name: SaaS Instance + description: SaaS Instance related API +components: + schemas: + CreateTicketRequest: + required: + - resourceIds + - feature + - integrationId + - type + - issueTypeId + - summary + type: object + properties: + resourceIds: + type: array + items: + type: string + feature: + $ref: '#/components/schemas/Feature' + integrationId: + type: string + type: + type: string + issueTypeId: + type: string + summary: + type: string + description: + type: string + settings: + type: object + additionalProperties: + type: string + DownloadCsvRequest: + required: + - userFullName + - userEmail + - service + type: object + properties: + userFullName: + type: string + userEmail: + type: string + service: + type: string + Feature: + enum: + - ENROLLMENT + - ACTIVITY + - LOGOUT + - IDENTITY_NHI + - IDENTITY_ACTIVITY + type: string + FeatureState: + type: object + properties: + status: + type: string + lastScannedAt: + $ref: '#/components/schemas/Instant' + IdpInfo: + type: object + properties: + displayName: + type: string + idpId: + type: string + appType: + type: string + Instant: + format: date-time + type: string + example: 2022-03-10 16:15:50+00:00 + ListResponseIdpInfo: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/IdpInfo' + ListResponseMapStringObject: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + type: object + ListResponseMfaActivity: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/MfaActivity' + ListResponseSaaSAccount: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/SaaSAccount' + ListResponseSaaSActivity: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/SaaSActivity' + ListResponseSaaSInstanceInfo: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/SaaSInstanceInfo' + ListResponseTicket: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/Ticket' + MfaActivity: + type: object + properties: + id: + type: string + tenant: + type: string + userId: + type: string + idpId: + type: string + idpType: + type: string + mfaStrength: + type: string + admin: + type: boolean + appType: + type: string + appId: + type: string + timestamp: + $ref: '#/components/schemas/Instant' + mfaFactors: + type: string + saasProviderMfaType: + type: string + fullName: + type: string + email: + type: string + ipAddress: + type: string + location: + type: string + ticketKey: + type: string + ticketUrl: + type: string + MfaActivityCountByAppType: + type: object + properties: + appType: + type: string + count: + format: int64 + type: integer + iconAppType: + type: string + RemediationRequest: + type: object + properties: + users: + type: array + items: + type: string + SaaSAccount: + type: object + properties: + id: + type: string + saasProviderId: + type: string + tenant: + type: string + saasInstanceId: + type: string + jobId: + type: string + appId: + type: string + appType: + type: string + accountType: + type: string + accountName: + type: string + email: + type: string + isLocal: + type: boolean + isOrphaned: + type: boolean + isElevated: + type: boolean + ticketKey: + type: string + ticketUrl: + type: string + roles: + type: string + creator: + type: string + linkedHumanAccounts: + type: string + saasProviderNhiName: + type: string + lastModifiedTime: + $ref: '#/components/schemas/Instant' + lastLoginTime: + $ref: '#/components/schemas/Instant' + isNonHuman: + type: boolean + createdTime: + $ref: '#/components/schemas/Instant' + latestScanTime: + $ref: '#/components/schemas/Instant' + lastCredentialsRotated: + $ref: '#/components/schemas/Instant' + rotatedBy: + type: string + githubOrgName: + type: string + credentialsExpiresAt: + $ref: '#/components/schemas/Instant' + SaaSActivity: + type: object + properties: + id: + type: string + userId: + type: string + tenant: + type: string + saasInstanceId: + type: string + appType: + type: string + resourceType: + type: string + resourceName: + type: string + activityType: + type: string + clientIP: + type: string + location: + type: string + userAgent: + type: string + summary: + type: string + rawData: + type: string + activityDateTime: + $ref: '#/components/schemas/Instant' + createdAt: + $ref: '#/components/schemas/Instant' + SaaSInstanceInfo: + type: object + properties: + displayName: + type: string + saasInstanceId: + type: string + appType: + type: string + Ticket: + type: object + properties: + id: + type: string + tenant: + type: string + saasInstanceId: + type: string + resourceIds: + type: string + feature: + type: string + users: + type: string + integrationId: + type: string + type: + type: string + ticketKey: + type: string + ticketUrl: + type: string + summary: + type: string + createdAt: + $ref: '#/components/schemas/Instant' + UnlinkTicketRequest: + required: + - id + - feature + type: object + properties: + id: + type: string + resourceIds: + type: array + items: + type: string + feature: + $ref: '#/components/schemas/Feature' +external tags: +- name: catalog + description: Endpoints grouped under catalog +- name: idp + description: Endpoints grouped under idp +- name: saas instance + description: Endpoints grouped under saas instance +paths: + /sspm/identity/v1/catalog/{appType}: + get: + summary: Get application catalog + description: "Retrieve application catalog details based on the specified application\ + \ type. \nThis helps identify supported application types and their available\ + \ features." + operationId: catalog_get + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + additionalProperties: {} + '404': + description: Not Found + parameters: + - name: appType + in: path + required: true + schema: + type: string + - name: feature + in: query + schema: + type: string + external tags: + - untagged + tags: + - catalog + /sspm/identity/v1/idps: + get: + summary: Get all Identity Providers + description: Retrieve a list of identity providers (Identity Providers) configured + for the tenant. You can optionally filter the results to view only designated + identity providers. + operationId: idps_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseIdpInfo' + '404': + description: Not Found + parameters: + - name: designated + in: query + schema: + type: boolean + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + post: + summary: Create identity provider + description: Create a new identity provider (Identity Provider) entry for the + tenant. You can specify the type, identifier, and whether it should be marked + as designated. + operationId: idps_post + responses: + '201': + description: Created + '400': + description: Bad Request + parameters: + - name: designated + in: query + schema: + type: boolean + - name: idpId + in: query + schema: + type: string + - name: idpType + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/accounts/logout: + get: + summary: Get logout status + description: Retrieve the logout status of user accounts associated with the + specified identity provider (Identity Provider). This is useful for tracking + the outcome of account logout actions in batch operations. + operationId: idps_accounts_logout_get + responses: + '200': + description: OK + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: batch_id + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + post: + summary: Trigger account logout + description: Initiate a logout request for user accounts associated with the + specified identity provider (Identity Provider). This action helps enforce + session termination for compliance or security purposes. + operationId: idps_accounts_logout_post + responses: + '200': + description: OK + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RemediationRequest' + /sspm/identity/v1/idps/{idpId}/feature_state: + get: + summary: Get Identity Provider feature state + description: Retrieve the current status and last scan timestamp of a specific + feature enabled for the identity provider (Identity Provider). This helps + assess feature health and scan recency. + operationId: idps_feature_state_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/FeatureState' + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: feature + in: query + schema: + $ref: '#/components/schemas/Feature' + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/idp_accounts/count: + get: + summary: Get Identity Provider account count + description: Return the number of user accounts linked to the specified identity + provider (Identity Provider). Filtering options can be applied to count specific + types of accounts such as orphaned or privileged users. + operationId: idps_idp_accounts_count_get + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + additionalProperties: + format: int64 + type: integer + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/idp_accounts/csv_report: + post: + summary: Generate Identity Provider account CSV report + description: Generate a CSV report of accounts associated with the specified + identity provider (Identity Provider). The report supports compliance audits + and user access reviews. + operationId: idps_idp_accounts_csv_report_get + responses: + '201': + description: Created + '400': + description: Bad Request + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DownloadCsvRequest' + /sspm/identity/v1/idps/{idpId}/mfa_activity: + get: + summary: Get Multi-factor authentication activity logs + description: Retrieve a list of multi-factor authentication (Multi-factor authentication) + activities for the specified identity provider (Identity Provider). The logs + include user identities, timestamps, IP Address addresses, and Multi-factor + authentication methods used. + operationId: idps_mfa_activity_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseMfaActivity' + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/mfa_activity/count: + get: + summary: Get Multi-factor authentication activity count + description: Return the number of multi-factor authentication (Multi-factor + authentication) activities recorded for the specified identity provider (Identity + Provider). This count helps evaluate authentication volume and usage patterns. + operationId: idps_mfa_activity_count_get + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + additionalProperties: + format: int64 + type: integer + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/mfa_activity/count_by_app_type: + get: + summary: Get Multi-factor authentication activity count by app type + description: Return the number of multi-factor authentication (Multi-factor + authentication) activities for the specified identity provider (Identity Provider), + grouped by application type. This helps analyze authentication trends across + different SaaS applications. + operationId: idps_mfa_activity_count_by_app_type_get + responses: + '200': + description: OK + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/MfaActivityCountByAppType' + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/mfa_activity/csv_report: + post: + summary: Generate Identity Provider Multi-factor authentication activity CSV + report + description: Generate a comma-separated values (CSV) report of multi-factor + authentication (Multi-factor authentication) activities for the specified + identity provider (Identity Provider). This report helps audit authentication + patterns and policy compliance. + operationId: idps_mfa_activity_csv_report_get + responses: + '201': + description: Created + '400': + description: Bad Request + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DownloadCsvRequest' + /sspm/identity/v1/saas_instances: + get: + summary: Get SaaS instance list + description: "Retrieve a list of software as a service (SaaS) instances configured\ + \ for the tenant. \nEach instance includes metadata such as application type\ + \ and display name." + operationId: saas_instances_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseSaaSInstanceInfo' + '404': + description: Not Found + parameters: + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + /sspm/identity/v1/saas_instances/{saasInstanceId}/saas_accounts: + get: + summary: Get SaaS account list + description: "Retrieve a list of user accounts associated with the specified\ + \ software as a service (SaaS) instance. \nThe response includes account metadata\ + \ such as roles, login activity, and status for each user." + operationId: saas_instances_saas_accounts_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseSaaSAccount' + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + /sspm/identity/v1/saas_instances/{saasInstanceId}/saas_accounts/count: + get: + summary: Get SaaS account count + description: "Return the number of user accounts associated with the specified\ + \ software as a service (SaaS) instance. \nYou can apply filters to refine\ + \ the account count based on criteria such as roles, status, or account types." + operationId: saas_instances_saas_accounts_count_get + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + additionalProperties: + format: int64 + type: integer + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + /sspm/identity/v1/saas_instances/{saasInstanceId}/saas_accounts/csv_report: + post: + summary: Generate SaaS account CSV report + description: "Generate a CSV report of accounts linked to the specified software\ + \ as a service (SaaS) instance. \nThis report helps in auditing user presence\ + \ and roles within the application." + operationId: saas_instances_saas_accounts_count_csv_report_post + responses: + '201': + description: Created + '400': + description: Bad Request + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DownloadCsvRequest' + /sspm/identity/v1/saas_instances/{saasInstanceId}/saas_activity: + get: + summary: Get SaaS activity logs + description: "Retrieve a list of activity logs for the specified software as\ + \ a service (SaaS) instance. \nLogs include user actions, accessed resources,\ + \ locations, and timestamps to support security auditing and monitoring." + operationId: saas_instances_saas_activity_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseSaaSActivity' + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + /sspm/identity/v1/{saasInstanceId}/tickets: + get: + summary: Get SaaS instance tickets + description: Retrieve a list of tickets associated with the specified software + as a service (SaaS) instance. Tickets track security findings, misconfigurations, + or other remediation needs. + operationId: saas_instances_tickets_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseTicket' + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + post: + summary: Create SaaS instance ticket + description: "Create a new ticket for the specified software as a service (SaaS)\ + \ instance. \nTickets help track remediation efforts for flagged issues or\ + \ vulnerabilities." + operationId: saas_instances_tickets_post + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/Ticket' + '400': + description: Bad Request + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateTicketRequest' + delete: + summary: Delete SaaS instance tickets + description: "Delete or unlink one or more tickets associated with the specified\ + \ software as a service (SaaS) instance. \nThis action is typically used to\ + \ close resolved or invalid issues." + operationId: saas_instances_tickets_delete + responses: + '204': + description: No Content + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UnlinkTicketRequest' + /sspm/identity/v1/{saasInstanceId}/tickets/{ticketKey}/issues: + get: + summary: Get ticket issues + description: "Retrieve a list of issues linked to a specific ticket for the\ + \ given software as a service (SaaS) instance. \nThis helps in tracking and\ + \ managing remediation or investigation items." + operationId: saas_instances_tickets_issues_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseMapStringObject' + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: ticketKey + in: path + required: true + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance diff --git a/openapi-specs/sase/incident-sspm/identity-sspm.yaml b/openapi-specs/sase/incident-sspm/identity-sspm.yaml new file mode 100644 index 000000000..cf087c7e7 --- /dev/null +++ b/openapi-specs/sase/incident-sspm/identity-sspm.yaml @@ -0,0 +1,1154 @@ +openapi: 3.0.3 +info: + title: Incident Security Service Posture Management API + version: '1.0' + description: "Endpoint to retrieve Identity Posture Security information This Open\ + \ API spec file was created on June 11, 2025. \xA9 2025 Palo Alto Networks, Inc.\ + \ Palo Alto Networks is a registered trademark of Palo Alto Networks. A list of\ + \ our trademarks can be found at [https://www.paloaltonetworks.com/company/trademarks.html](https://www.paloaltonetworks.com/company/trademarks.html).\ + \ All other marks mentioned herein may be trademarks of their respective companies." +servers: +- url: https://api.sase.paloaltonetworks.com +- url: https://api.strata.paloaltonetworks.com +External tags: +- name: Catalog + description: Application Catalog +- name: Identity + description: Identity Provider related API +- name: SaaS Instance + description: SaaS Instance related API +components: + schemas: + CreateTicketRequest: + required: + - resourceIds + - feature + - integrationId + - type + - issueTypeId + - summary + type: object + properties: + resourceIds: + type: array + items: + type: string + feature: + $ref: '#/components/schemas/Feature' + integrationId: + type: string + type: + type: string + issueTypeId: + type: string + summary: + type: string + description: + type: string + settings: + type: object + additionalProperties: + type: string + DownloadCsvRequest: + required: + - userFullName + - userEmail + - service + type: object + properties: + userFullName: + type: string + userEmail: + type: string + service: + type: string + Feature: + enum: + - ENROLLMENT + - ACTIVITY + - LOGOUT + - IDENTITY_NHI + - IDENTITY_ACTIVITY + type: string + FeatureState: + type: object + properties: + status: + type: string + lastScannedAt: + $ref: '#/components/schemas/Instant' + IdpInfo: + type: object + properties: + displayName: + type: string + idpId: + type: string + appType: + type: string + Instant: + format: date-time + type: string + example: 2022-03-10 16:15:50+00:00 + ListResponseIdpInfo: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/IdpInfo' + ListResponseMapStringObject: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + type: object + ListResponseMfaActivity: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/MfaActivity' + ListResponseSaaSAccount: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/SaaSAccount' + ListResponseSaaSActivity: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/SaaSActivity' + ListResponseSaaSInstanceInfo: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/SaaSInstanceInfo' + ListResponseTicket: + type: object + properties: + total: + format: int64 + type: integer + items: + type: array + items: + $ref: '#/components/schemas/Ticket' + MfaActivity: + type: object + properties: + id: + type: string + tenant: + type: string + userId: + type: string + idpId: + type: string + idpType: + type: string + mfaStrength: + type: string + admin: + type: boolean + appType: + type: string + appId: + type: string + timestamp: + $ref: '#/components/schemas/Instant' + mfaFactors: + type: string + saasProviderMfaType: + type: string + fullName: + type: string + email: + type: string + ipAddress: + type: string + location: + type: string + ticketKey: + type: string + ticketUrl: + type: string + MfaActivityCountByAppType: + type: object + properties: + appType: + type: string + count: + format: int64 + type: integer + iconAppType: + type: string + RemediationRequest: + type: object + properties: + users: + type: array + items: + type: string + SaaSAccount: + type: object + properties: + id: + type: string + saasProviderId: + type: string + tenant: + type: string + saasInstanceId: + type: string + jobId: + type: string + appId: + type: string + appType: + type: string + accountType: + type: string + accountName: + type: string + email: + type: string + isLocal: + type: boolean + isOrphaned: + type: boolean + isElevated: + type: boolean + ticketKey: + type: string + ticketUrl: + type: string + roles: + type: string + creator: + type: string + linkedHumanAccounts: + type: string + saasProviderNhiName: + type: string + lastModifiedTime: + $ref: '#/components/schemas/Instant' + lastLoginTime: + $ref: '#/components/schemas/Instant' + isNonHuman: + type: boolean + createdTime: + $ref: '#/components/schemas/Instant' + latestScanTime: + $ref: '#/components/schemas/Instant' + lastCredentialsRotated: + $ref: '#/components/schemas/Instant' + rotatedBy: + type: string + githubOrgName: + type: string + credentialsExpiresAt: + $ref: '#/components/schemas/Instant' + SaaSActivity: + type: object + properties: + id: + type: string + userId: + type: string + tenant: + type: string + saasInstanceId: + type: string + appType: + type: string + resourceType: + type: string + resourceName: + type: string + activityType: + type: string + clientIP: + type: string + location: + type: string + userAgent: + type: string + summary: + type: string + rawData: + type: string + activityDateTime: + $ref: '#/components/schemas/Instant' + createdAt: + $ref: '#/components/schemas/Instant' + SaaSInstanceInfo: + type: object + properties: + displayName: + type: string + saasInstanceId: + type: string + appType: + type: string + Ticket: + type: object + properties: + id: + type: string + tenant: + type: string + saasInstanceId: + type: string + resourceIds: + type: string + feature: + type: string + users: + type: string + integrationId: + type: string + type: + type: string + ticketKey: + type: string + ticketUrl: + type: string + summary: + type: string + createdAt: + $ref: '#/components/schemas/Instant' + UnlinkTicketRequest: + required: + - id + - feature + type: object + properties: + id: + type: string + resourceIds: + type: array + items: + type: string + feature: + $ref: '#/components/schemas/Feature' +external tags: +- name: untagged + description: Endpoints grouped under untagged +paths: + /sspm/identity/v1/catalog/{appType}: + get: + summary: Get application catalog + description: "Retrieve application catalog details based on the specified application\ + \ type. \nThis helps identify supported application types and their available\ + \ features." + operationId: catalog_get + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + additionalProperties: {} + '404': + description: Not Found + parameters: + - name: appType + in: path + required: true + schema: + type: string + - name: feature + in: query + schema: + type: string + external tags: + - untagged + tags: + - catalog + /sspm/identity/v1/idps: + get: + summary: Get all Identity Providers + description: Retrieve a list of identity providers (Identity Providers) configured + for the tenant. You can optionally filter the results to view only designated + identity providers. + operationId: idps_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseIdpInfo' + '404': + description: Not Found + parameters: + - name: designated + in: query + schema: + type: boolean + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + post: + summary: Create identity provider + description: Create a new identity provider (Identity Provider) entry for the + tenant. You can specify the type, identifier, and whether it should be marked + as designated. + operationId: idps_post + responses: + '201': + description: Created + '400': + description: Bad Request + parameters: + - name: designated + in: query + schema: + type: boolean + - name: idpId + in: query + schema: + type: string + - name: idpType + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/accounts/logout: + get: + summary: Get logout status + description: Retrieve the logout status of user accounts associated with the + specified identity provider (Identity Provider). This is useful for tracking + the outcome of account logout actions in batch operations. + operationId: idps_accounts_logout_get + responses: + '200': + description: OK + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: batch_id + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + post: + summary: Trigger account logout + description: Initiate a logout request for user accounts associated with the + specified identity provider (Identity Provider). This action helps enforce + session termination for compliance or security purposes. + operationId: idps_accounts_logout_post + responses: + '200': + description: OK + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RemediationRequest' + /sspm/identity/v1/idps/{idpId}/feature_state: + get: + summary: Get Identity Provider feature state + description: Retrieve the current status and last scan timestamp of a specific + feature enabled for the identity provider (Identity Provider). This helps + assess feature health and scan recency. + operationId: idps_feature_state_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/FeatureState' + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: feature + in: query + schema: + $ref: '#/components/schemas/Feature' + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/idp_accounts/count: + get: + summary: Get Identity Provider account count + description: Return the number of user accounts linked to the specified identity + provider (Identity Provider). Filtering options can be applied to count specific + types of accounts such as orphaned or privileged users. + operationId: idps_idp_accounts_count_get + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + additionalProperties: + format: int64 + type: integer + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/idp_accounts/csv_report: + post: + summary: Generate Identity Provider account CSV report + description: Generate a CSV report of accounts associated with the specified + identity provider (Identity Provider). The report supports compliance audits + and user access reviews. + operationId: idps_idp_accounts_csv_report_get + responses: + '201': + description: Created + '400': + description: Bad Request + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DownloadCsvRequest' + /sspm/identity/v1/idps/{idpId}/mfa_activity: + get: + summary: Get Multi-factor authentication activity logs + description: Retrieve a list of multi-factor authentication (Multi-factor authentication) + activities for the specified identity provider (Identity Provider). The logs + include user identities, timestamps, IP Address addresses, and Multi-factor + authentication methods used. + operationId: idps_mfa_activity_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseMfaActivity' + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/mfa_activity/count: + get: + summary: Get Multi-factor authentication activity count + description: Return the number of multi-factor authentication (Multi-factor + authentication) activities recorded for the specified identity provider (Identity + Provider). This count helps evaluate authentication volume and usage patterns. + operationId: idps_mfa_activity_count_get + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + additionalProperties: + format: int64 + type: integer + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/mfa_activity/count_by_app_type: + get: + summary: Get Multi-factor authentication activity count by app type + description: Return the number of multi-factor authentication (Multi-factor + authentication) activities for the specified identity provider (Identity Provider), + grouped by application type. This helps analyze authentication trends across + different SaaS applications. + operationId: idps_mfa_activity_count_by_app_type_get + responses: + '200': + description: OK + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/MfaActivityCountByAppType' + '404': + description: Not Found + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + /sspm/identity/v1/idps/{idpId}/mfa_activity/csv_report: + post: + summary: Generate Identity Provider Multi-factor authentication activity CSV + report + description: Generate a comma-separated values (CSV) report of multi-factor + authentication (Multi-factor authentication) activities for the specified + identity provider (Identity Provider). This report helps audit authentication + patterns and policy compliance. + operationId: idps_mfa_activity_csv_report_get + responses: + '201': + description: Created + '400': + description: Bad Request + parameters: + - name: idpId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - idp + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DownloadCsvRequest' + /sspm/identity/v1/saas_instances: + get: + summary: Get SaaS instance list + description: "Retrieve a list of software as a service (SaaS) instances configured\ + \ for the tenant. \nEach instance includes metadata such as application type\ + \ and display name." + operationId: saas_instances_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseSaaSInstanceInfo' + '404': + description: Not Found + parameters: + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + /sspm/identity/v1/saas_instances/{saasInstanceId}/saas_accounts: + get: + summary: Get SaaS account list + description: "Retrieve a list of user accounts associated with the specified\ + \ software as a service (SaaS) instance. \nThe response includes account metadata\ + \ such as roles, login activity, and status for each user." + operationId: saas_instances_saas_accounts_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseSaaSAccount' + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + /sspm/identity/v1/saas_instances/{saasInstanceId}/saas_accounts/count: + get: + summary: Get SaaS account count + description: "Return the number of user accounts associated with the specified\ + \ software as a service (SaaS) instance. \nYou can apply filters to refine\ + \ the account count based on criteria such as roles, status, or account types." + operationId: saas_instances_saas_accounts_count_get + responses: + '200': + description: OK + content: + application/json: + schema: + type: object + additionalProperties: + format: int64 + type: integer + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + /sspm/identity/v1/saas_instances/{saasInstanceId}/saas_accounts/csv_report: + post: + summary: Generate SaaS account CSV report + description: "Generate a CSV report of accounts linked to the specified software\ + \ as a service (SaaS) instance. \nThis report helps in auditing user presence\ + \ and roles within the application." + operationId: saas_instances_saas_accounts_count_csv_report_post + responses: + '201': + description: Created + '400': + description: Bad Request + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DownloadCsvRequest' + /sspm/identity/v1/saas_instances/{saasInstanceId}/saas_activity: + get: + summary: Get SaaS activity logs + description: "Retrieve a list of activity logs for the specified software as\ + \ a service (SaaS) instance. \nLogs include user actions, accessed resources,\ + \ locations, and timestamps to support security auditing and monitoring." + operationId: saas_instances_saas_activity_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseSaaSActivity' + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + /sspm/identity/v1/{saasInstanceId}/tickets: + get: + summary: Get SaaS instance tickets + description: Retrieve a list of tickets associated with the specified software + as a service (SaaS) instance. Tickets track security findings, misconfigurations, + or other remediation needs. + operationId: saas_instances_tickets_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseTicket' + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: filter + in: query + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: sortBy + in: query + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + post: + summary: Create SaaS instance ticket + description: "Create a new ticket for the specified software as a service (SaaS)\ + \ instance. \nTickets help track remediation efforts for flagged issues or\ + \ vulnerabilities." + operationId: saas_instances_tickets_post + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/Ticket' + '400': + description: Bad Request + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateTicketRequest' + delete: + summary: Delete SaaS instance tickets + description: "Delete or unlink one or more tickets associated with the specified\ + \ software as a service (SaaS) instance. \nThis action is typically used to\ + \ close resolved or invalid issues." + operationId: saas_instances_tickets_delete + responses: + '204': + description: No Content + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UnlinkTicketRequest' + /sspm/identity/v1/{saasInstanceId}/tickets/{ticketKey}/issues: + get: + summary: Get ticket issues + description: "Retrieve a list of issues linked to a specific ticket for the\ + \ given software as a service (SaaS) instance. \nThis helps in tracking and\ + \ managing remediation or investigation items." + operationId: saas_instances_tickets_issues_get + responses: + '200': + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/ListResponseMapStringObject' + '404': + description: Not Found + parameters: + - name: saasInstanceId + in: path + required: true + schema: + type: string + - name: ticketKey + in: path + required: true + schema: + type: string + - name: limit + in: query + schema: + format: int32 + type: integer + - name: page + in: query + schema: + format: int32 + type: integer + - name: x-ps-tenant + in: header + schema: + type: string + external tags: + - untagged + tags: + - saas instance diff --git a/products/sase/api/identity-sspm/introduction.md b/products/sase/api/identity-sspm/introduction.md new file mode 100644 index 000000000..a22702733 --- /dev/null +++ b/products/sase/api/identity-sspm/introduction.md @@ -0,0 +1,65 @@ +--- +id: introduction +title: SaaS Incident Security Posture Management APIs +sidebar_label: Incident Security Posture Management APIs +slug: /sase/api/identity-sspm +keywords: + - SASE + - Reference + - API +--- + +# Introduction to the Identity API + +The Identity API empowers developers within the SaaS Security Posture Management (SSPM) framework to access security-related metrics and configurations for user and service accounts. This API extends posture security capabilities, offering you detailed insights into how your organization manages identities across SaaS environments. + +## What is the Identity API? + +The Identity API enables security teams to monitor, analyze, and respond to identity-related risks. Your teams can connect users, permissions, activities, and security configurations to maintain a comprehensive view of your identity security posture. + +## Prerequisites + +Before you integrate with the Identity API, you need: + +- An active SaaS Security account with appropriate access permissions +- Onboarded identity sources like Okta, Office 365, or other supported IdPs +- A registered application with your client ID and endpoint URL for authentication +- API credentials that allow you to access identity data + +## Key Capabilities + +With the Identity API, you can: + +- **Detect MFA Gaps**: Identify and fix multi-factor authentication misconfigurations across your identity providers +- **Monitor Authentication Health**: Find users who lack MFA or have incomplete enforcement +- **Track Account Lifecycle**: Monitor account activity and identify dormant or inactive accounts that create security risks +- **Enforce Credential Hygiene**: Find credentials your users haven't rotated according to your security policies +- **Control Privilege Escalation**: Identify accounts that have more privileges than their roles require +- **Generate Compliance Reports**: Create comprehensive security reports and executive dashboards using aggregated user posture metrics + +## Understanding Posture vs. Identity + +Posture security and identity security serve different yet complementary functions: + +| Category | Posture | Identity | +|----------|---------|----------| +| Focus | Configuration (e.g., password policies) | User accounts and their behaviors | +| Objective | Compliance with standards | Risk identification and mitigation | +| Scope | General SaaS application configuration | Specific to user and service identities | +| Example | Enforcing password complexity | Detecting a dormant admin account | + +## Common Use Cases + +### Dormant Account Identification +Find and manage user accounts of former employees that still have active status in your systems, eliminating potential security vulnerabilities. + +### Over-Privileged Account Detection +Spot accounts with excessive permissions compared to their assigned roles, helping you maintain the principle of least privilege. + +### MFA Compliance Monitoring +Continuously check which users haven't enrolled in MFA or have gaps in their enforcement policies to ensure consistent authentication security. + +### Activity Analysis +Examine authentication patterns and user behaviors to spot anomalies that may signal account compromise or insider threats. + +These APIs use the [common SASE authentication](/sase/docs/getstarted) for service access and authorization. \ No newline at end of file diff --git a/products/sase/sidebars.ts b/products/sase/sidebars.ts index 0079f2ba8..ef4126597 100644 --- a/products/sase/sidebars.ts +++ b/products/sase/sidebars.ts @@ -318,6 +318,10 @@ module.exports = { "sase/api/sspm/sspm-api-workflow", require("./api/sspm/sidebar"), ], + identitysspm: [ + "sase/api/identity-sspm/introduction", + require("./api/identity-sspm/sidebar"), + ], sasesubscription: [ "sase/api/subscription/subscription-api", require("./api/subscription/sidebar"), diff --git a/yarn.lock b/yarn.lock index abf47da50..0a4ac9b42 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4985,9 +4985,9 @@ caniuse-api@^3.0.0: lodash.uniq "^4.5.0" caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001616, caniuse-lite@^1.0.30001646, caniuse-lite@^1.0.30001669: - version "1.0.30001686" - resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001686.tgz#0e04b8d90de8753188e93c9989d56cb19d902670" - integrity sha512-Y7deg0Aergpa24M3qLC5xjNklnKnhsmSyR/V89dLZ1n0ucJIFNs7PgR2Yfa/Zf6W79SbBicgtGxZr2juHkEUIA== + version "1.0.30001721" + resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001721.tgz" + integrity sha512-cOuvmUVtKrtEaoKiO0rSc29jcjwMwX5tOHDy4MgVFEWiUXj4uBMJkwI8MDySkgXidpMiHUcviogAvFi4pA2hDQ== ccount@^2.0.0: version "2.0.1" @@ -12542,7 +12542,16 @@ string-convert@^0.2.0: resolved "https://registry.npmjs.org/string-convert/-/string-convert-0.2.1.tgz#6982cc3049fbb4cd85f8b24568b9d9bf39eeff97" integrity sha512-u/1tdPl4yQnPBjnVrmdLo9gtuLvELKsAoRapekWggdiQNvvvum+jYF329d84NAa660KQw7pB2n36KrIKVoXa3A== -"string-width-cjs@npm:string-width@^4.2.0", string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3: +"string-width-cjs@npm:string-width@^4.2.0": + version "4.2.3" + resolved "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" + integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== + dependencies: + emoji-regex "^8.0.0" + is-fullwidth-code-point "^3.0.0" + strip-ansi "^6.0.1" + +string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3: version "4.2.3" resolved "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== @@ -12591,7 +12600,14 @@ stringify-object@^3.3.0: is-obj "^1.0.1" is-regexp "^1.0.0" -"strip-ansi-cjs@npm:strip-ansi@^6.0.1", strip-ansi@^6.0.0, strip-ansi@^6.0.1: +"strip-ansi-cjs@npm:strip-ansi@^6.0.1": + version "6.0.1" + resolved "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9" + integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A== + dependencies: + ansi-regex "^5.0.1" + +strip-ansi@^6.0.0, strip-ansi@^6.0.1: version "6.0.1" resolved "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9" integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A== @@ -13519,7 +13535,16 @@ wildcard@^2.0.0, wildcard@^2.0.1: resolved "https://registry.npmjs.org/wildcard/-/wildcard-2.0.1.tgz#5ab10d02487198954836b6349f74fff961e10f67" integrity sha512-CC1bOL87PIWSBhDcTrdeLo6eGT7mCFtrg0uIJtqJUFyK+eJnzl8A1niH56uu7KMa5XFrtiV+AQuHO3n7DsHnLQ== -"wrap-ansi-cjs@npm:wrap-ansi@^7.0.0", wrap-ansi@^7.0.0: +"wrap-ansi-cjs@npm:wrap-ansi@^7.0.0": + version "7.0.0" + resolved "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" + integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q== + dependencies: + ansi-styles "^4.0.0" + string-width "^4.1.0" + strip-ansi "^6.0.0" + +wrap-ansi@^7.0.0: version "7.0.0" resolved "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==