Stream Gateways
Stream Gateways
The Stream Gateway API allows administrators to manage stream gateways.
Each stream gateway contains configuration policies that determine who may manage or access tunnels on the gateway and what networks they have access to.
Operations which modify a stream gateway require an endpoint
administrator role.
Stream Gateways Overview
| Method | API Path | Description |
|---|---|---|
|
List stream gateways |
|
|
Create a stream gateway |
|
|
Get a stream gateway |
|
|
Delete a stream gateway |
|
|
Update a stream gateway |
Details
List stream gateways
GET /api/stream_gateways
List the stream gateways on an endpoint.
This operation requires either the endpoint to have the public property
set to true, the caller to have a role that allows viewing this endpoint.
Authorization
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
endpoint:activity_manager
-
endpoint:activity_monitor
-
Query Parameters
| Parameter | Type | Description |
|---|---|---|
page_size |
integer <int> |
Maximum page size for a paginated response |
marker |
string |
Pagination marker for a paginated response |
Responses
200 - List stream gateways response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "stream_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_timeout_mins": 1,
"contact_email": "string",
"contact_info": "string",
"deleted": true,
"department": "string",
"description": "string",
"display_name": "string",
"domain_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"info_link": "string",
"keywords": [
"string"
],
"lan_name": "string",
"lan_secret_required": true,
"organization": "string",
"tlsftp_url": "string",
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}Create a stream gateway
POST /api/stream_gateways
Create a stream gateway on an endpoint. On success, this operation returns a copy of the created gateway with the system generated id added.
Request body
A stream gateway provides the access policies for the endpoint’s local and wide-area networks to create stream connections between applications running on this endpoint’s local network and another endpoint’s local network.
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allowed_domains |
array of string |
List of allowed domains. Users creating lan_secrets or accessing tunnels on this gateway must have an identity in one of these domains. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated to create a tunnel on this gateway. |
contact_email |
string |
Email address of the support contact for the stream access point |
contact_info |
string |
Other non-email contact information for the stream access point, e.g. phone and mailing address |
deleted |
boolean |
Flag indicating that this gateway has been deleted |
department |
string |
Department which operates the stream access point |
description |
string |
Description of the stream access point |
display_name |
string |
Name of the stream access point |
domain_name |
string |
Read-only DNS domain. |
id |
string <uuid> |
Unique id for this stream gateway |
identity_mappings |
array ( IdentityMapping ) |
List of identity mappings to apply to user identities to determine what connector-specific accounts are available for access. |
info_link |
string |
Link to a web page with more information about the stream access point |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
lan_name |
string |
If set, the name of the lan to use when connecting to this streaming gateway. This corresponds to the network_name property associated with lan addresses in nodes associated with this endpoint. |
lan_secret_required |
boolean |
If true, users of this stream gateway must create and use a lan secret to connect to a stream. Otherwise, that step is optional. |
organization |
string |
Organization that operates the stream access point. Optional unicode string, max 1000 characters, no new lines. |
users_allow |
array of string |
List of mapped usernames allowed to access this gateway. |
users_deny |
array of string |
List of mapped usernames denied access to this gateway. |
Example
{
"DATA_TYPE": "stream_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_timeout_mins": 1,
"contact_email": "string",
"contact_info": "string",
"deleted": true,
"department": "string",
"description": "string",
"display_name": "string",
"domain_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"info_link": "string",
"keywords": [
"string"
],
"lan_name": "string",
"lan_secret_required": true,
"organization": "string",
"tlsftp_url": "string",
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}Responses
201 - Post stream gateways response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "stream_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_timeout_mins": 1,
"contact_email": "string",
"contact_info": "string",
"deleted": true,
"department": "string",
"description": "string",
"display_name": "string",
"domain_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"info_link": "string",
"keywords": [
"string"
],
"lan_name": "string",
"lan_secret_required": true,
"organization": "string",
"tlsftp_url": "string",
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}Details
Get a stream gateway
GET /api/stream_gateways/{stream_gateway_id}
Get a stream gateway’s definition.
This operation requires either the endpoint to have the public property
set to true, or the caller to have a role that allows viewing this
endpoint.
Authorization
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
endpoint:activity_manager
-
endpoint:activity_monitor
-
Responses
200 - Get stream gateways response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "stream_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_timeout_mins": 1,
"contact_email": "string",
"contact_info": "string",
"deleted": true,
"department": "string",
"description": "string",
"display_name": "string",
"domain_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"info_link": "string",
"keywords": [
"string"
],
"lan_name": "string",
"lan_secret_required": true,
"organization": "string",
"tlsftp_url": "string",
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}Delete a stream gateway
DELETE /api/stream_gateways/{stream_gateway_id}
Delete a stream gateway.
Responses
200 - Delete stream gateway response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}Update a stream gateway
PATCH /api/stream_gateways/{stream_gateway_id}
Update a stream gateway, changing only the properties included in the input document. It returns a document containing the stream gateway after the changes have been applied. Items explicitly set to null in the input are removed from the stream gateway.
Request body
A stream gateway provides the access policies for the endpoint’s local and wide-area networks to create stream connections between applications running on this endpoint’s local network and another endpoint’s local network.
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allowed_domains |
array of string |
List of allowed domains. Users creating lan_secrets or accessing tunnels on this gateway must have an identity in one of these domains. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated to create a tunnel on this gateway. |
contact_email |
string |
Email address of the support contact for the stream access point |
contact_info |
string |
Other non-email contact information for the stream access point, e.g. phone and mailing address |
deleted |
boolean |
Flag indicating that this gateway has been deleted |
department |
string |
Department which operates the stream access point |
description |
string |
Description of the stream access point |
display_name |
string |
Name of the stream access point |
domain_name |
string |
Read-only DNS domain. |
id |
string <uuid> |
Unique id for this stream gateway |
identity_mappings |
array ( IdentityMapping ) |
List of identity mappings to apply to user identities to determine what connector-specific accounts are available for access. |
info_link |
string |
Link to a web page with more information about the stream access point |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
lan_name |
string |
If set, the name of the lan to use when connecting to this streaming gateway. This corresponds to the network_name property associated with lan addresses in nodes associated with this endpoint. |
lan_secret_required |
boolean |
If true, users of this stream gateway must create and use a lan secret to connect to a stream. Otherwise, that step is optional. |
organization |
string |
Organization that operates the stream access point. Optional unicode string, max 1000 characters, no new lines. |
users_allow |
array of string |
List of mapped usernames allowed to access this gateway. |
users_deny |
array of string |
List of mapped usernames denied access to this gateway. |
Example
{
"DATA_TYPE": "stream_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_timeout_mins": 1,
"contact_email": "string",
"contact_info": "string",
"deleted": true,
"department": "string",
"description": "string",
"display_name": "string",
"domain_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"info_link": "string",
"keywords": [
"string"
],
"lan_name": "string",
"lan_secret_required": true,
"organization": "string",
"tlsftp_url": "string",
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}Responses
200 - Update stream gateway response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "stream_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_timeout_mins": 1,
"contact_email": "string",
"contact_info": "string",
"deleted": true,
"department": "string",
"description": "string",
"display_name": "string",
"domain_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"info_link": "string",
"keywords": [
"string"
],
"lan_name": "string",
"lan_secret_required": true,
"organization": "string",
"tlsftp_url": "string",
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}