As part of the Serverless project, we need to create OpenAPI specs for all public Endpoint management API endpoints, because we want all of them documented before Serverless GA. Please look for more context in the epic.
During a Security Solution public API research we discovered that some public Endpoint management API endpoints have missing OpenAPI specs. We need to add them.
API endpoints
The following public API endpoints were discovered during research, and don't have any OpenAPI specs:
[ ] POST /api/endpoint/protection_updates_note/{package_policy_id}
[ ] GET /api/endpoint/protection_updates_note/{package_policy_id}
Detections and response:
[ ] POST /api/endpoint/isolate
[ ] POST /api/endpoint/unisolate
Note that two of the above endpoints are marked as deprecated in the code base and should be considered to be available only in ESS:
POST /api/endpoint/isolate
POST /api/endpoint/unisolate
AC
[ ] Revisit api's listed at API endpoints section and create those missing or update existing ones if needed.
[ ] Revisit other public API's we want/need to add OpenAPI documentation for Endpoint Management related.
To do
Create OpenAPI specs for the endpoints listed above.
Check if there are any other public endpoints that you own that don't have OpenAPI specs and add them to the list above.
Make sure the specs you add are valid OpenAPI documents.
Make sure the specs you add match the actual API contract defined in the code.
Epic: https://github.com/elastic/security-team/issues/9525
Deadline: Jul 29, 2024 (see milestones in https://github.com/elastic/security-team/issues/9400)
Summary
As part of the Serverless project, we need to create OpenAPI specs for all public Endpoint management API endpoints, because we want all of them documented before Serverless GA. Please look for more context in the epic.
During a Security Solution public API research we discovered that some public Endpoint management API endpoints have missing OpenAPI specs. We need to add them.
API endpoints
The following public API endpoints were discovered during research, and don't have any OpenAPI specs:
POST /api/endpoint/protection_updates_note/{package_policy_id}
GET /api/endpoint/protection_updates_note/{package_policy_id}
Detections and response:
POST /api/endpoint/isolate
POST /api/endpoint/unisolate
Note that two of the above endpoints are marked as
deprecated
in the code base and should be considered to be available only in ESS:POST /api/endpoint/isolate
POST /api/endpoint/unisolate
AC
To do