Merge branch 'main' into cg-oidc-uris

api/tasklist/tasklist-openapi.yaml

@@ -574,6 +574,7 @@ components:
             - creationTime
             - followUpDate
             - dueDate
+            - priority
         order:
           type: string
           description: "* `ASC`: Ascending<br/>* `DESC`: Descending"
@@ -723,6 +724,30 @@ components:
           enum:
             - JOB_WORKER
             - ZEEBE_USER_TASK
+        priority:
+          description: Rules to filter out tasks by their priority. Applicable only for Zeebe user tasks.
+          type: object
+          properties:
+            eq:
+              type: integer
+              minimum: 0
+              maximum: 100
+            gte:
+              type: integer
+              minimum: 0
+              maximum: 100
+            gt:
+              type: integer
+              minimum: 0
+              maximum: 100
+            lt:
+              type: integer
+              minimum: 0
+              maximum: 100
+            lte:
+              type: integer
+              minimum: 0
+              maximum: 100
       description: Request object to search tasks by provided params.
     TaskSearchResponse:
       type: object
@@ -735,7 +760,7 @@ components:
           description: The name of the task.
         taskDefinitionId:
           type: string
-          description: User Task ID from the BPMN definition.
+          description: User task ID from the BPMN definition.
         processName:
           type: string
           description: The name of the process.
@@ -833,6 +858,12 @@ components:
           enum:
             - JOB_WORKER
             - ZEEBE_USER_TASK
+        priority:
+          description: The priority of a user task. The higher the value the higher the priority. Applicable only for Zeebe user tasks.
+          type: integer
+          minimum: 0
+          maximum: 100
+          default: 50
     TaskResponse:
       type: object
       properties:
@@ -844,7 +875,7 @@ components:
           description: The name of the task.
         taskDefinitionId:
           type: string
-          description: User Task ID from the BPMN definition.
+          description: User task ID from the BPMN definition.
         processName:
           type: string
           description: The name of the process.
@@ -925,6 +956,12 @@ components:
           enum:
             - JOB_WORKER
             - ZEEBE_USER_TASK
+        priority:
+          description: The priority of a user task. The higher the value the higher the priority. Applicable only for Zeebe user tasks.
+          type: integer
+          minimum: 0
+          maximum: 100
+          default: 50
     TaskCompleteRequest:
       type: object
       properties:

docs/apis-tools/administration-api/authentication.md

@@ -6,17 +6,72 @@ sidebar_position: 2
 description: "Learn about access tokens and client credentials and scopes to get started with the Administration API."
 ---
 
-To access the API endpoint, you need an access token. Your client must send a header in each request:
-
-`Authorization: Bearer <Token>`
-
-For example, send a request using _curl_:
+All Administration API requests require authentication. To authenticate, generate a [JSON Web Token (JWT)](https://jwt.io/introduction/) and pass it in each request.
+
+## Generating a token
+
+1. Create client credentials by clicking **Console > Organization > Administration API > Create new credentials**.
+2. Add permissions to this client for [the needed scopes](#client-credentials-and-scopes).
+3. Upon creating the client, capture the following values required to generate a token:
+   <!-- this comment convinces the markdown processor to still treat the table as a table, but without adding surrounding paragraphs. 🤷 -->
+   | Name                     | Environment variable name        | Default value                                |
+   | ------------------------ | -------------------------------- | -------------------------------------------- |
+   | Client ID                | `CAMUNDA_CONSOLE_CLIENT_ID`      | -                                            |
+   | Client Secret            | `CAMUNDA_CONSOLE_CLIENT_SECRET`  | -                                            |
+   | Authorization Server URL | `CAMUNDA_OAUTH_URL`              | `https://login.cloud.camunda.io/oauth/token` |
+   | Audience                 | `CAMUNDA_CONSOLE_OAUTH_AUDIENCE` | `api.cloud.camunda.io`                       |
+   <!-- this comment convinces the markdown processor to still treat the table as a table, but without adding surrounding paragraphs. 🤷 -->
+   :::tip
+   When client credentials are created, the `Client Secret` is only shown once. Save this `Client Secret` somewhere safe.
+   :::
+4. Execute an authentication request to the token issuer:
+   ```bash
+   curl --request POST ${CAMUNDA_OAUTH_URL} \
+       --header 'Content-Type: application/x-www-form-urlencoded' \
+       --data-urlencode 'grant_type=client_credentials' \
+       --data-urlencode "audience=${CAMUNDA_CONSOLE_OAUTH_AUDIENCE}" \
+       --data-urlencode "client_id=${CAMUNDA_CONSOLE_CLIENT_ID}" \
+       --data-urlencode "client_secret=${CAMUNDA_CONSOLE_CLIENT_SECRET}"
+   ```
+5. A successful authentication response looks like the following:
+   ```json
+   {
+     "access_token": "<TOKEN>",
+     "expires_in": 300,
+     "refresh_expires_in": 0,
+     "token_type": "Bearer",
+     "not-before-policy": 0
+   }
+   ```
+6. Capture the value of the `access_token` property and store it as your token.
+
+## Using a token
+
+Include the captured token as an authorization header in each request: `Authorization: Bearer <TOKEN>`.
+
+For example, to call the Administration API's `/members` endpoint, send the following request:
 
 ```shell
-curl -X POST -H -H :accept: application/json" -H "Authorization: Bearer <TOKEN>" -d '' http://api.cloud.camunda.io/clusters
+curl --header "Authorization: Bearer ${TOKEN}" \
+     https://api.cloud.camunda.io/members
+```
+
+A successful response would include [a list of organization members](https://console.cloud.camunda.io/customer-api/openapi/docs/#/default/GetMembers). For example:
+
+```json
+[
+  {
+    "name": "User Userton",
+    "email": "[email protected]",
+    "roles": ["admin"],
+    "invitePending": false
+  }
+]
 ```
 
-For all requests, include the access token in the authorization header: `authorization:Bearer ${TOKEN}`.
+## Token expiration
+
+Access tokens expire according to the `expires_in` property of a successful authentication response. After this duration, in seconds, you must request a new access token.
 
 ## Client credentials and scopes
 
@@ -40,25 +95,6 @@ A client can have one or multiple permissions from the following groups:
 
 The full API description can be found [here](https://console.cloud.camunda.io/customer-api/openapi/docs/#/).
 
-:::note
-After client credentials are created, the `Client Secret` is only shown once. Save this `Client Secret` somewhere safe.
-:::
-
-## Access token
-
-Once you have your client credentials, you can retrieve an access token using the following command:
-
-```bash
-curl --header "Content-Type: application/json" \
-    --request POST \
-    --data '{"grant_type":"client_credentials", "audience":"api.cloud.camunda.io", "client_id":"XXX", "client_secret":"YYY"}' \
-    https://login.cloud.camunda.io/oauth/token
-```
-
-:::note
-Access tokens have a validity period found in the access token. After this time, a new access token must be requested.
-:::
-
 ## Rate limiting
 
 The OAuth service rate limits about one request per second for all clients with the same source IP address.

docs/apis-tools/console-sm-api/console-sm-api-authentication.md → docs/apis-tools/administration-sm-api/administration-sm-api-authentication.md

@@ -1,14 +1,14 @@
 ---
-id: console-sm-api-authentication
+id: administration-sm-api-authentication
 title: "Authentication"
 sidebar_position: 2
-description: "Console SM API is a REST API and provides access to Console SM data. Requests and responses are in JSON notation."
+description: "The Administration API for Self-Managed is a REST API and provides access to Console Self-Managed data. Requests and responses are in JSON notation."
 ---
 
 To authenticate for the API, generate a JWT token and pass it in each request:
 
 1. [Add an M2M application in Identity](/self-managed/identity/user-guide/additional-features/incorporate-applications.md).
-2. [Add permissions to this application](/self-managed/identity/user-guide/additional-features/incorporate-applications.md) for **Console SM API**.
+2. [Add permissions to this application](/self-managed/identity/user-guide/additional-features/incorporate-applications.md) for **Administration Self-Managed API**.
 3. [Generate a token](/self-managed/identity/user-guide/authorizations/generating-m2m-tokens.md) to access the REST API. You will need the `client_id` and `client_secret` from the Identity application you created.
    ```shell
    curl --location --request POST 'http://localhost:18080/auth/realms/camunda-platform/protocol/openid-connect/token' \

docs/apis-tools/administration-sm-api/administration-sm-api-overview.md

@@ -0,0 +1,18 @@
+---
+id: administration-sm-api-overview
+title: "Overview"
+sidebar_position: 1
+description: "Access the Administration API for Self-Managed."
+---
+
+The Administration API for Self-Managed is a REST API and provides endpoints to get cluster data including installed apps and usage metrics.
+
+## API Explorer
+
+See [the interactive Administration API Self-Managed Explorer][administration-api-explorer] for specifications, example requests and responses, and code samples of interacting with the Administration Self-Managed API.
+
+### Open API
+
+An Open API UI is also available within a running instance of Console Self-Managed at `https://${base-url}/admin-api/openapi/docs`.
+
+[administration-api-explorer]: ./specifications/sm-administration-api.info.mdx

docs/apis-tools/administration-sm-api/sidebar-schema.js

@@ -0,0 +1,11 @@
+/** @type {import('@docusaurus/plugin-content-docs').SidebarsConfig} */
+
+module.exports = {
+  "Administration API (Self-Managed)": [
+    "apis-tools/administration-sm-api/administration-sm-api-overview",
+    "apis-tools/administration-sm-api/administration-sm-api-authentication",
+    {
+      Specifications: require("./specifications/sidebar.js"),
+    },
+  ],
+};

docs/apis-tools/console-sm-api/specifications/get-clusters.api.mdx → docs/apis-tools/administration-sm-api/specifications/get-clusters.api.mdx

@@ -7,7 +7,7 @@ hide_title: true
 hide_table_of_contents: true
 api: eJzFV21v2zYQ/iuEvuyLIntvQGEMA7ygKzI0a9E4KLAgH2jpbLGmSJWk6rmG/vvujrIlvyQxsDcgiCXy7uHdcy88bRNbg5NBWXNTJJNkCeFaNz6A80maOPC1NR58Mtkm343H9FOAz52qSQPl361QLLcmgAm0K+taq5zxRp88iWwTn5dQSXpSASrGqh0dG1REbhpV0G/Y1ICYPjhlloh7eNS9UZ8bEKrAo9RCgRN2IUIJIo8GJ22aGFnBy0i/o9QTyr6W+YUILDrEEMoL1xiDCkKZjCB9kKHxp7TdmIJYAi/UQsghQAlSh3IjrBPGBjz42BAwTZVMHpJOEFcaM3xeGbs2ySMqqqBJ8xojaDXc3U6LSplprbK7aBXatwTTRf9ln2clmod/7HHjHIZBfME8wd0dmTvvB6RGzGP/P8I3DkShfEDxRvmStOYQ1gBGyCbYio0S0hSikkYuoaLjOlyfidvTReQcHwsQgxwka2UQMg9iqe1car1BMYTF/xgbraEQnL1/hlRotQLRsUX839oCNLhMTHuD9odJF2P/B8Acjm0gbw6sYOh3XGmQipn0K42+s3vvkJNKfYXsmVj3jOBiz8fzUe7qeEaYGAi0xz9Tg0/EidnrPTlM8WHyd/QxHempq6nIsuc8/Ep6V3NnV5g2afe6RIi1pLSOTQoIoAPkxcgccRJDFXsR8YBPsVGEi6tiWtc7rv5WOxrQdXkLMMcs/7d9oHH6kgYAom7maKW4//D2CXf/pY5ydIoDiUUG3l9m9V78GcMrQP38QsBO+Ek4NvFzoxwUFCMG5LTa50Pk/ICvx32Q7fwT5BR0WRSK9qR+P6jWhdQeXkjlvvcm0jkuolM3uAmh/Qe96nx9n/jEl3Z34w7vzoGHA9/SHQfchv45T6+Pb5rO27Yle38Yf39aeL9aN1cFli0p/XhuqLkDh2l45bG2BThno/OHMh8gNA7Zkj2JWl90db2Webm/8XHLbfgKksr445T3jIKLyonIKvdQufQUgf2ghnR6wAKiZjd52CZzwNvJ4eNji1u1dBgcFsQVTvTSdrNeQtuhxJeRJEqvZK1GeT8AembCMyr3iGQbp7l2MhptS+tDO9nW1oUWhb9Ip+Rcx/uE9iKzC9lofEy0zaXm5XOpSBtmMJdN39+IeDoPUnTGIdyr8avx+RaFok+g9JNoj1OGUJ/FicJnkdp2QPkdyUWnd8TvW0gHzlD03gmk3QOmImYLrv/2ccY5pszCsvphwou7W8EpT2acGDvNc2pt3IRICPMxVh0bjfb3KJQ+XYdFxW+zcTbu5ncckXgU5yCT2R4jvF6vs1xWjSlkltuKKMQ+AfhFQLJx2E7edivpkXJhc7/XVpbfRw4WgH0+h1EH5EfseI3hx2oZwL6BsL8UBhl54Pq2//T4XwsyBpumyFGtUW9wpcbywhFuV17E96BwY508JNvtXHq4d7ptaRlHC7eJ9borK67nlO77got7m6xg04W/Dlx/uuEOePwN1g6r/s3rGbXbhsza5+lRXjL6rp+azQD7p19YQMxwUDM/40a0IdArnoOV8RcY7wHV
 sidebar_class_name: "get api-method"
-info_path: docs/apis-tools/console-sm-api/specifications/console-sm-admin-api
+info_path: docs/apis-tools/administration-sm-api/specifications/sm-administration-api
 custom_edit_url: null
 hide_send_button: true
 ---

docs/apis-tools/console-sm-api/specifications/get-usage-metrics.api.mdx → docs/apis-tools/administration-sm-api/specifications/get-usage-metrics.api.mdx

@@ -7,7 +7,7 @@ hide_title: true
 hide_table_of_contents: true
 api: eJzlV9tu4zYQ/RVCTy3g2O4NWARFgXTRXaRo2sXGQQsEeRhTY5kbidSSlLOGoH/vDClZsi0b2zZBH/YlkcThmTO3Q7pOTIkWvDL6Ok0ukwz9nYMMb9BbJV0ySSy60miHLrmsk2/nc/6XopNWlbyL9vzxSGbSaI/a8yqUZa5kwJx9cGxSJ06usQB+Ki179CoCqpT/+m2JBOTIp84IbB9/sUahUgJXK4VWmJXw9EXmlfNop0kzYUyJzl1r50HLiHyMUXFgooiRiZWxgsytx1S0+4XqAKbJ5ICoNx7yAVddFUu0ZEY4BVDcSWqqZY6j7KMxMz/mAMKVKCk0KRia4mk46R8rZZGSc996fph0ns3yA0pPfiBNFTuB/N2A6gpyh2SsfM7Wr6l2Jsfbm6u0UPqqVNNhffuMNcxbKseN8E/TiJ9QVpzHDuELT6QH93jn0H52AsE5lWlKIO+kddr6vyaOUhIZtUPqsXDHc9rsMgnWwnbUb4iF5hV8iM2JNWxQLBH1IGhzqlZDHi9Tt8WuVIcMSJlGhGVsSoYFfxmWb4x9HeWOaDLR7+ffHfcWWS1VSkLJlflhTKlv0W7QXjhSU4HWGhui3rd5j76y2p3vk1Z828+Z2lA9vSpQWNAZTsVxm4NFAVlmMQNWCkM8goz3uwTolISDoNNhv57U6Mk53ZkEtBNz5SFzXOKQYtEddVQ6R3hW+S0t1skSibOlx4eGlkqwQLGEob4fnWqtPlZnDiryq9iWjCzPiiY4eg1t1vedtxV1RX9aHkxcMxlzHVIUMklPRdk5HqbWibvfr/8a2CgtCpXnikI2OnUn2AXkswSPxWdfnk5QRqrOSxAm3P9Il2pNdV6b9jbEIgB+TS8z4NG8gFLNQmtfFLs7kgtzFTujsiTSSR1dNpezWb02zjeXdWmsb8h4A1YB+Q6KymtxTldQ5UwsNxLy8HlMT3mBQ+1SdvXuWkTv8SJEPvbhXs1fzUeR2PQESp+uHmftfTmKE41HkUIyu5m6ZbsYdDdZu/ZuwQMUv7cGk/bhTVe0X/9cBMVSemXC9n31FLc3Iugn0zgieyWDfjDLUElFQxUuqYE08e9RWCS4oHHjN9P5dN5ecUGG/MYiM21HFX56eppKKCqdwlSaglNIF2CkSzPbtp35W/tlcrA5NdLtdisT3mcWV2iRhGzWArlZCLyk8hegB7Bv0Y9Idas57jAJdX9P/yKEPraXx09+VuagwskY0l+3U32f7KaaK7M319S8cTzvk7pegsM7mzcNf46iE84B5XiW092BfjLdX71vRelr8ZnHxSj7R9x2p8YG8ooNkiCx/5bI8xweZ7h2Z8jz0H2Og+MM2Xh+9FQfer0ONwFqCYQ0XAvqdgvrSjkM8Oj3796Z8vaXBV8KK+6+nQAeCF5A7+7WejvA/vHnYCAW5hH1T0lH2/Mr+SHJ/Rs/aYl5
 sidebar_class_name: "get api-method"
-info_path: docs/apis-tools/console-sm-api/specifications/console-sm-admin-api
+info_path: docs/apis-tools/administration-sm-api/specifications/sm-administration-api
 custom_edit_url: null
 hide_send_button: true
 ---

docs/apis-tools/console-sm-api/specifications/sidebar.js → docs/apis-tools/administration-sm-api/specifications/sidebar.js

@@ -1,15 +1,15 @@
 module.exports = [
   {
     type: "doc",
-    id: "apis-tools/console-sm-api/specifications/console-sm-admin-api",
+    id: "apis-tools/administration-sm-api/specifications/sm-admin-api",
   },
   {
     type: "category",
     label: "Usage Metrics",
     items: [
       {
         type: "doc",
-        id: "apis-tools/console-sm-api/specifications/get-usage-metrics",
+        id: "apis-tools/administration-sm-api/specifications/get-usage-metrics",
         label: "Get usage metrics for clusters",
         className: "api-method get",
       },
@@ -21,7 +21,7 @@ module.exports = [
     items: [
       {
         type: "doc",
-        id: "apis-tools/console-sm-api/specifications/get-clusters",
+        id: "apis-tools/administration-sm-api/specifications/get-clusters",
         label: "Get current clusters",
         className: "api-method get",
       },

docs/apis-tools/console-sm-api/specifications/console-sm-admin-api.info.mdx → docs/apis-tools/administration-sm-api/specifications/sm-administration-api.info.mdx

@@ -1,7 +1,7 @@
 ---
-id: console-sm-admin-api
-title: "Console SM Admin API"
-description: "Access the administration API of Console SM."
+id: sm-admin-api
+title: "Administration API (Self-Managed)"
+description: "Access the administration API of Console Self-Managed."
 sidebar_label: Introduction
 sidebar_position: 0
 hide_title: true
@@ -13,9 +13,9 @@ import SchemaTabs from "@theme/SchemaTabs";
 import TabItem from "@theme/TabItem";
 import Export from "@theme/ApiExplorer/Export";
 
-<h1 className={"openapi__heading"}>Console SM Admin API</h1>
+<h1 className={"openapi__heading"}>Administration API (Self-Managed)</h1>
 
-Access the administration API of Console SM.
+Access the administration API of Console Self-Managed.
 
 <div style={{ marginBottom: "2rem" }}>
   <h2 id={"authentication"} style={{ marginBottom: "1rem" }}>