Zrok Connector (1.0)

Download OpenAPI specification:Download

Zrok Connector API

Frontdoor

Management of Frontdoor resources.

Retrieve a list of Frontdoors

Returns a paginated list of Frontdoors based on the provided search criteria.

Authorizations:

bearerAuth

query Parameters

id	string <uuid> Id to filter by, unique IDs of Frontdoor resources
organizationId	string <uuid> OrganizationId to filter by, unique IDs of Organization resources
createdBy	string <uuid> Filter by a user of the user that created the resource
createdAt	string <date-time> Filter by a range of timestamps
updatedAt	string <date-time> Filter by a range of timestamps
deletedAt	string <date-time> If deleted, filter by a range of timestamps. Defaults to to return only resources that are not deleted
page	any The page number
size	any The number of resources returned per page
sort	any The property to sort by, 'asc' and 'desc' can be appended after a comma

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

Simple find frontdoor request

"{\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2\"\n    }\n  },\n  \"page\" : {\n    \"size\" : 0,\n    \"totalElements\" : 0,\n    \"totalPages\" : 1,\n    \"number\" : 0\n  }\n}"

Create Frontdoor

Creates a new Frontdoor resource. The caller must have create permissions on the Frontdoor resource. The response includes the created Frontdoor resource.

Authorizations:

bearerAuth

Request Body schema: application/json
required

organizationId required	string <uuid>
defaultNamespaceName required	string [ 1 .. 63 ] characters ^[a-z]([a-z0-9-]*[a-z0-9])?$ Default namespace name for the frontdoor. Must follow subdomain naming rules: start with a lowercase letter, contain only lowercase letters, numbers, and hyphens, and not end with a hyphen.

Responses

Request samples

Payload

Content type

application/json

default

"{\"organizationId\": \"2281cdb0-9432-42cc-927f-8a4d2056aaa3\", \"version\": 2, \"defaultNamespaceName\": \"version2-ns\"}"

Response samples

202
400
401
403
500

Content type

*/*

default

{
  "id" : "f8d99946-93d9-4064-96b1-71dc3b281f8d",
  "organizationId" : "2281cdb0-9432-42cc-927f-8a4d2056aaa3",
  "version" : 2,
  "tcpSharesEnabled" : false,
  "createdBy" : "de3bdc18-90fb-488f-9722-d5a392c9014f",
  "createdAt" : "2026-03-06T01:58:52.598358Z",
  "updatedBy" : "de3bdc18-90fb-488f-9722-d5a392c9014f",
  "updatedAt" : "2026-03-06T01:58:52.598358Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/f8d99946-93d9-4064-96b1-71dc3b281f8d"
    },
    "metrics" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/f8d99946-93d9-4064-96b1-71dc3b281f8d/metrics"
    },
    "http-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/f8d99946-93d9-4064-96b1-71dc3b281f8d/http-shares"
    },
    "tcp-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/f8d99946-93d9-4064-96b1-71dc3b281f8d/tcp-shares"
    },
    "environments" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/f8d99946-93d9-4064-96b1-71dc3b281f8d/environments"
    }
  }
}

Retrieves a single Frontdoor resource by ID.

Retrieves the Frontdoor by its ID. The caller must have read permissions on the Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id

required

string <uuid>

Id of the resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "59daa604-d157-45b2-8090-0093a118781f",
  "organizationId" : "1e28677f-7518-48fb-89a8-17c9fa91559e",
  "version" : 2,
  "tcpSharesEnabled" : true,
  "createdBy" : "a11d3014-1080-4d92-9e65-49aabd5be781",
  "createdAt" : "2026-03-06T01:58:56.116320Z",
  "updatedBy" : "881d711a-0a24-44f1-af4f-b1a5e35c3e96",
  "updatedAt" : "2026-03-06T01:58:56.143882Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/59daa604-d157-45b2-8090-0093a118781f"
    },
    "metrics" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/59daa604-d157-45b2-8090-0093a118781f/metrics"
    },
    "http-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/59daa604-d157-45b2-8090-0093a118781f/http-shares"
    },
    "tcp-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/59daa604-d157-45b2-8090-0093a118781f/tcp-shares"
    },
    "environments" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/59daa604-d157-45b2-8090-0093a118781f/environments"
    }
  }
}

Delete Frontdoor

Deletes a Frontdoor entity identified by its unique identifier. Deletes all resources tied to the Frontdoor instance. The caller must have delete permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id

required

string <uuid>

Id of the resource.

Responses

Response samples

Content type

*/*

default

{
  "id" : "e9fe78a9-6600-4d70-add4-207751df5284",
  "organizationId" : "022474ed-524a-4900-bdb4-598acecd9733",
  "version" : 2,
  "tcpSharesEnabled" : true,
  "createdBy" : "106cc831-ba11-419d-b250-2bc577e596f4",
  "createdAt" : "2026-03-06T01:58:56.199890Z",
  "updatedBy" : "5c69c9a6-cd3f-47b2-ab37-e7146a915ff1",
  "updatedAt" : "2026-03-06T01:58:56.343970Z",
  "deletedBy" : "7eef7480-d1e1-4d05-a828-19f4bd8f98c7",
  "deletedAt" : "2026-03-06T01:58:56.343615Z",
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/e9fe78a9-6600-4d70-add4-207751df5284"
    },
    "metrics" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/e9fe78a9-6600-4d70-add4-207751df5284/metrics"
    },
    "http-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/e9fe78a9-6600-4d70-add4-207751df5284/http-shares"
    },
    "tcp-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/e9fe78a9-6600-4d70-add4-207751df5284/tcp-shares"
    },
    "environments" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/e9fe78a9-6600-4d70-add4-207751df5284/environments"
    }
  }
}

Get metrics for single Frontdoor resource by ID.

Retrieves transmitted and received data for the user's Frontdoor. Optionally takes a duration parameter to filter the metrics based on time. An optional duration parameter can be provided to specify the time window for the metrics.

Authorizations:

bearerAuth

path Parameters

id

required

string <uuid>

Id of the Frontdoor resource.

query Parameters

duration

string <duration>

Examples: duration=15m duration=1h

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "91d7958a-ab7b-4a40-8f95-b9ab3e8c61a7",
  "scope" : "account",
  "id" : "9",
  "period" : "2592000",
  "samples" : [ {
    "rx" : 3821,
    "tx" : 513,
    "timestamp" : "2025-06-23T00:00:00.000+00:00"
  }, {
    "rx" : 3282,
    "tx" : 3053,
    "timestamp" : "2025-06-24T00:00:00.000+00:00"
  }, {
    "rx" : 821,
    "tx" : 302513,
    "timestamp" : "2025-06-25T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-26T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-27T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-28T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-29T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-30T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-01T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-02T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-03T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-04T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-05T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-06T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-07T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-08T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-09T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-10T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-11T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-12T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-13T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-14T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-15T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-16T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-17T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-18T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-19T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-20T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-21T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-22T00:00:00.000+00:00"
  }, {
    "rx" : 32821,
    "tx" : 30513,
    "timestamp" : "2025-07-22T15:56:40.161+00:00"
  } ],
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/91d7958a-ab7b-4a40-8f95-b9ab3e8c61a7/metrics"
    },
    "http-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/91d7958a-ab7b-4a40-8f95-b9ab3e8c61a7/http-shares"
    },
    "tcp-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/91d7958a-ab7b-4a40-8f95-b9ab3e8c61a7/tcp-shares"
    },
    "environments" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/91d7958a-ab7b-4a40-8f95-b9ab3e8c61a7/environments"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/91d7958a-ab7b-4a40-8f95-b9ab3e8c61a7"
    }
  }
}

Retrieves a single Frontdoor resource by Organization ID.

Retrieves the Frontdoor by the Organization ID it belongs to. The caller must have read permissions on the Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

organizationId

required

string <uuid>

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "59daa604-d157-45b2-8090-0093a118781f",
  "organizationId" : "1e28677f-7518-48fb-89a8-17c9fa91559e",
  "version" : 2,
  "tcpSharesEnabled" : true,
  "createdBy" : "a11d3014-1080-4d92-9e65-49aabd5be781",
  "createdAt" : "2026-03-06T01:58:56.116320Z",
  "updatedBy" : "881d711a-0a24-44f1-af4f-b1a5e35c3e96",
  "updatedAt" : "2026-03-06T01:58:56.143882Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/59daa604-d157-45b2-8090-0093a118781f"
    },
    "metrics" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/59daa604-d157-45b2-8090-0093a118781f/metrics"
    },
    "http-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/59daa604-d157-45b2-8090-0093a118781f/http-shares"
    },
    "tcp-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/59daa604-d157-45b2-8090-0093a118781f/tcp-shares"
    },
    "environments" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/59daa604-d157-45b2-8090-0093a118781f/environments"
    }
  }
}

Share

Management of Environment resources. Environments are created by running a Frontdoor Agent on a remote host.

List Environments

Retrieves a list of Environments resources in a specific Frontdoor. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"_embedded\" : {\n    \"environmentList\" : [ {\n      \"frontdoorId\" : \"3092077e-2356-4bf8-89dc-55a173fd72d3\",\n      \"zId\" : \"wqxAIsoJ7-i12KhAXQVA3\",\n      \"description\" : \"computer@Mac\",\n      \"host\" : \"computer; Mac; darwin; darwin; Standalone Workstation; 15.5; 24.5.0; arm64\",\n      \"address\" : \"201.124.246.91\",\n      \"shareCount\" : 0,\n      \"accessCount\" : 0,\n      \"limited\" : null,\n      \"createdAt\" : \"2025-06-20T20:56:24.648+00:00\",\n      \"updatedAt\" : \"2025-06-20T20:56:24.648+00:00\",\n      \"activity\" : null,\n      \"_links\" : {\n        \"http-shares\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/http-shares\"\n        },\n        \"tcp-shares\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/tcp-shares\"\n        },\n        \"metrics\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments/wqxAIsoJ7-i12KhAXQVA3/metrics{?duration}\",\n          \"templated\" : true\n        },\n        \"environments\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments\"\n        },\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments/wqxAIsoJ7-i12KhAXQVA3\"\n        },\n        \"sparklines\" : {\n          \"href\" : \"/frontdoor/v2/{frontdoorId}/sparklines{?shares,environments}\",\n          \"templated\" : true\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3\"\n        }\n      }\n    }, {\n      \"frontdoorId\" : \"3092077e-2356-4bf8-89dc-55a173fd72d3\",\n      \"zId\" : \"wRTkhr9noeruxwbvMNBJd\",\n      \"description\" : \"computer1@Mac\",\n      \"host\" : \"computer; Mac; darwin; darwin; Standalone Workstation; 15.5; 24.5.0; arm64\",\n      \"address\" : \"201.124.246.92\",\n      \"shareCount\" : 0,\n      \"accessCount\" : 0,\n      \"limited\" : null,\n      \"createdAt\" : \"2025-06-20T20:56:24.648+00:00\",\n      \"updatedAt\" : \"2025-06-20T20:56:24.648+00:00\",\n      \"activity\" : null,\n      \"_links\" : {\n        \"http-shares\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/http-shares\"\n        },\n        \"tcp-shares\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/tcp-shares\"\n        },\n        \"metrics\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments/wRTkhr9noeruxwbvMNBJd/metrics{?duration}\",\n          \"templated\" : true\n        },\n        \"environments\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments\"\n        },\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments/wRTkhr9noeruxwbvMNBJd\"\n        },\n        \"sparklines\" : {\n          \"href\" : \"/frontdoor/v2/{frontdoorId}/sparklines{?shares,environments}\",\n          \"templated\" : true\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3\"\n        }\n      }\n    } ]\n  },\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments\"\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3\"\n    }\n  }\n}"

Get details of a single Environment resource by ID.

Retrieves a single Environment by its ID. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
envZId required	string

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "3092077e-2356-4bf8-89dc-55a173fd72d3",
  "zId" : "zsQ_5efAAalAfd0JEP6ID",
  "description" : "computer@Mac",
  "host" : "computer; Mac; darwin; darwin; Standalone Workstation; 15.5; 24.5.0; arm64",
  "address" : "201.124.246.91",
  "shareCount" : 0,
  "accessCount" : 0,
  "limited" : null,
  "createdAt" : "2025-06-20T20:56:24.648+00:00",
  "updatedAt" : "2025-06-20T20:56:24.648+00:00",
  "activity" : null,
  "_links" : {
    "http-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/http-shares"
    },
    "tcp-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/tcp-shares"
    },
    "metrics" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments/zsQ_5efAAalAfd0JEP6ID/metrics{?duration}",
      "templated" : true
    },
    "environments" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments"
    },
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments/zsQ_5efAAalAfd0JEP6ID"
    },
    "sparklines" : {
      "href" : "/frontdoor/v2/{frontdoorId}/sparklines{?shares,environments}",
      "templated" : true
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3"
    }
  }
}

Delete Environment

Deletes an Environment by its ID. The caller must have delete permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
envZId required	string

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "3092077e-2356-4bf8-89dc-55a173fd72d3",
  "zId" : "gkc9i9147RNOkdeVPqewW",
  "description" : "computer@Mac",
  "host" : "computer; Mac; darwin; darwin; Standalone Workstation; 15.5; 24.5.0; arm64",
  "address" : "201.124.246.91",
  "shareCount" : 0,
  "accessCount" : 0,
  "limited" : null,
  "createdAt" : "2025-06-20T20:56:24.648+00:00",
  "updatedAt" : "2025-06-20T20:56:24.648+00:00",
  "activity" : null,
  "_links" : {
    "http-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/http-shares"
    },
    "tcp-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/tcp-shares"
    },
    "metrics" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments/gkc9i9147RNOkdeVPqewW/metrics{?duration}",
      "templated" : true
    },
    "environments" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments"
    },
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments/gkc9i9147RNOkdeVPqewW"
    },
    "sparklines" : {
      "href" : "/frontdoor/v2/{frontdoorId}/sparklines{?shares,environments}",
      "templated" : true
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3"
    }
  }
}

Get metrics for single Environment resource by ID.

Retrieves transmitted and received data for a specific environment. This endpoint fetches metrics data for a given environment within a specific frontdoor. An optional duration parameter can be provided to specify the time window for the metrics.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
envZId required	string

query Parameters

duration

string

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "3092077e-2356-4bf8-89dc-55a173fd72d3",
  "envZId" : "bT32gmTAGV2qIra3OBDgr",
  "scope" : "account",
  "id" : "9",
  "period" : "2592000",
  "samples" : [ {
    "rx" : 3821,
    "tx" : 513,
    "timestamp" : "2025-06-23T00:00:00.000+00:00"
  }, {
    "rx" : 3282,
    "tx" : 3053,
    "timestamp" : "2025-06-24T00:00:00.000+00:00"
  }, {
    "rx" : 821,
    "tx" : 302513,
    "timestamp" : "2025-06-25T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-26T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-27T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-28T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-29T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-30T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-01T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-02T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-03T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-04T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-05T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-06T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-07T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-08T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-09T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-10T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-11T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-12T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-13T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-14T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-15T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-16T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-17T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-18T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-19T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-20T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-21T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-22T00:00:00.000+00:00"
  }, {
    "rx" : 32821,
    "tx" : 30513,
    "timestamp" : "2025-07-22T15:56:40.161+00:00"
  } ],
  "_links" : {
    "http-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/http-shares"
    },
    "tcp-shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/tcp-shares"
    },
    "environments" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments"
    },
    "environment" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments/bT32gmTAGV2qIra3OBDgr"
    },
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3/environments/bT32gmTAGV2qIra3OBDgr/metrics{?duration}",
      "templated" : true
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/3092077e-2356-4bf8-89dc-55a173fd72d3"
    }
  }
}

Client Certificate

Management of Client Certificate resources.

Retrieves a single Client Certificate resource by ID.

Retrieves a single Client Certificate by its ID. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "k2bqenb7fib4f36axvk6t",
  "frontdoorId" : "ebee6087-76db-4d8c-a142-c62d1223cdd7",
  "name" : "client-certificate-26",
  "createdBy" : "247cebfd-efda-4489-bd96-531249665d40",
  "createdAt" : "2026-03-06T01:59:12.727814Z",
  "updatedBy" : "247cebfd-efda-4489-bd96-531249665d40",
  "updatedAt" : "2026-03-06T01:59:12.727814Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "value" : "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryQICCl6NZ5gDKrnSztO\n3Hy8PEUcuyvg/ikC+VcIo2SFFSf18a3IMYldIugqqqZCs4/4uVW3sbdLs/6PfgdX\n7O9D22ZiFWHPYA2k2N744MNiCD1UE+tJyllUhSblK48bn+v1oZHCM0nYQ2NqUkvS\nj+hwUU3RiWl7x3D2s9wSdNt7XUtW05a/FXehsPSiJfKvHJJnGOX0BgTvkLnkAOTd\nOrUZ/wK69Dzu4IvrN4vs9Nes8vbwPa/ddZEzGR0cQMt0JBkhk9kU/qwqUseP1QRJ\n5I1jR4g8aYPL/ke9K35PxZWuDp3U0UPAZ3PjFAh+5T+fc7gzCs9dPzSHloruU+gl\nFQIDAQAB\n-----END PUBLIC KEY-----\n",
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/ebee6087-76db-4d8c-a142-c62d1223cdd7/client-certificates/k2bqenb7fib4f36axvk6t"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/ebee6087-76db-4d8c-a142-c62d1223cdd7"
    }
  }
}

Update Client Certificate

Updates a Client Certificate in the specific Frontdoor. The domain of the Client Certificate can't be updated, only the Auth Providers. The caller must have update permissions on the parent Frontdoor resource. The response includes the updated Client Certificate resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
id required	string

Request Body schema: application/json
required

name	string Name of the client certificate
type	string Enum: "CERTIFICATE" "CSR" Type of the data being sent by the client, `CSR` for generating a certificate or `CERTIFICATE` (default) for an already created certificate
value	string The Certificate or Certificate Signing Request data
validYears	integer <int32> [ 1 .. 10 ] Number of years the certificate should be valid for, only valid when uploading CSR

Responses

Request samples

Payload

Content type

application/json

default

"{\"name\":\"new name\",\"value\":null}"

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "b149oil5t45jvxhp47b9e",
  "frontdoorId" : "ac6aa6f4-b4e1-4220-b275-7981f1baa604",
  "name" : "new name",
  "createdBy" : "17b4f07c-09e3-4957-91ce-196644c91096",
  "createdAt" : "2025-11-06T17:18:22.768811Z",
  "updatedBy" : "4b0ae33d-380d-49e5-be4e-baffcad8cdac",
  "updatedAt" : "2025-11-06T17:18:22.798146Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "value" : "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryQICCl6NZ5gDKrnSztO\n3Hy8PEUcuyvg/ikC+VcIo2SFFSf18a3IMYldIugqqqZCs4/4uVW3sbdLs/6PfgdX\n7O9D22ZiFWHPYA2k2N744MNiCD1UE+tJyllUhSblK48bn+v1oZHCM0nYQ2NqUkvS\nj+hwUU3RiWl7x3D2s9wSdNt7XUtW05a/FXehsPSiJfKvHJJnGOX0BgTvkLnkAOTd\nOrUZ/wK69Dzu4IvrN4vs9Nes8vbwPa/ddZEzGR0cQMt0JBkhk9kU/qwqUseP1QRJ\n5I1jR4g8aYPL/ke9K35PxZWuDp3U0UPAZ3PjFAh+5T+fc7gzCs9dPzSHloruU+gl\nFQIDAQAB\n-----END PUBLIC KEY-----\n",
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/ac6aa6f4-b4e1-4220-b275-7981f1baa604/client-certificates/b149oil5t45jvxhp47b9e"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/ac6aa6f4-b4e1-4220-b275-7981f1baa604"
    }
  }
}

Delete Client Certificate

Deletes a Client Certificate by its ID. Deleting a Client Certificate is an asynchronous operation. The caller must have delete permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "iwxtd9er8za8yetangbi9",
  "frontdoorId" : "ebee6087-76db-4d8c-a142-c62d1223cdd7",
  "name" : "client-certificate-4",
  "createdBy" : "4b88196b-4ade-4b8f-b199-1d0c556dbf27",
  "createdAt" : "2026-03-06T01:59:10.435632Z",
  "updatedBy" : "4b88196b-4ade-4b8f-b199-1d0c556dbf27",
  "updatedAt" : "2026-03-06T01:59:10.880046Z",
  "deletedBy" : "3beef113-0032-4395-8f12-dffdc6fd76b1",
  "deletedAt" : "2026-03-06T01:59:10.868928Z",
  "value" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/ebee6087-76db-4d8c-a142-c62d1223cdd7/client-certificates/iwxtd9er8za8yetangbi9"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/ebee6087-76db-4d8c-a142-c62d1223cdd7"
    }
  }
}

Update Client Certificate

Updates a Client Certificate in the specific Frontdoor. The domain of the Client Certificate can't be updated, only the Auth Providers. The caller must have update permissions on the parent Frontdoor resource. The response includes the updated Client Certificate resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
id required	string

Request Body schema: application/json
required

name	string Name of the client certificate
type	string Enum: "CERTIFICATE" "CSR" Type of the data being sent by the client, `CSR` for generating a certificate or `CERTIFICATE` (default) for an already created certificate
value	string The Certificate or Certificate Signing Request data
validYears	integer <int32> [ 1 .. 10 ] Number of years the certificate should be valid for, only valid when uploading CSR

Responses

Request samples

Payload

Content type

application/json

default

"{\"name\":\"new name\",\"value\":null}"

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "b149oil5t45jvxhp47b9e",
  "frontdoorId" : "ac6aa6f4-b4e1-4220-b275-7981f1baa604",
  "name" : "new name",
  "createdBy" : "17b4f07c-09e3-4957-91ce-196644c91096",
  "createdAt" : "2025-11-06T17:18:22.768811Z",
  "updatedBy" : "4b0ae33d-380d-49e5-be4e-baffcad8cdac",
  "updatedAt" : "2025-11-06T17:18:22.798146Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "value" : "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryQICCl6NZ5gDKrnSztO\n3Hy8PEUcuyvg/ikC+VcIo2SFFSf18a3IMYldIugqqqZCs4/4uVW3sbdLs/6PfgdX\n7O9D22ZiFWHPYA2k2N744MNiCD1UE+tJyllUhSblK48bn+v1oZHCM0nYQ2NqUkvS\nj+hwUU3RiWl7x3D2s9wSdNt7XUtW05a/FXehsPSiJfKvHJJnGOX0BgTvkLnkAOTd\nOrUZ/wK69Dzu4IvrN4vs9Nes8vbwPa/ddZEzGR0cQMt0JBkhk9kU/qwqUseP1QRJ\n5I1jR4g8aYPL/ke9K35PxZWuDp3U0UPAZ3PjFAh+5T+fc7gzCs9dPzSHloruU+gl\nFQIDAQAB\n-----END PUBLIC KEY-----\n",
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/ac6aa6f4-b4e1-4220-b275-7981f1baa604/client-certificates/b149oil5t45jvxhp47b9e"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/ac6aa6f4-b4e1-4220-b275-7981f1baa604"
    }
  }
}

List Client Certificates

Retrieves a paginated list of Client Certificate resources in a specific Frontdoor. The results can be filtered by providing query parameters that correspond to the properties of a Client Certificate. For example, to filter by name, you can add ?name=my-check to the request URL. Multiple values for the same filter property are supported (e.g., ?name=check1&name=check2). Sorting and pagination are also supported. For instance, ?page=0&size=20&sort=name,asc will retrieve the first page of 20 client certificates, sorted by name in ascending order. The returned list is automatically constrained by the user's access permissions. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

query Parameters

id	string Id to filter by, unique IDs of client certificate resources.
name	any Name to filter by.
deletedAt	string <date-time> If deleted, filter by a range of timestamps. Defaults to to return only resources that are not deleted.
deletedBy	string <uuid> If deleted, filter by a user of the user. Defaults to to return only resources that are not deleted.
createdAt	string <date-time> Filter by a range of timestamps.
createdBy	string <uuid> Filter by a user of the user that created the resource.
updatedAt	string <date-time> Filter by a range of timestamps.
updatedBy	any Filter by a user of the user that last updated the resource.
page	any The page number.
size	any The number of resources returned per page.
sort	any The property to sort by, 'asc' and 'desc' can be appended after a comma

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"_embedded\" : {\n    \"clientCertificateList\" : [ {\n      \"id\" : \"jtsusp1egjgi3w84iufo0\",\n      \"frontdoorId\" : \"47dfd9f4-c10c-46cb-96aa-813a89224fec\",\n      \"name\" : \"third\",\n      \"createdBy\" : \"2e2b474d-8faa-45ca-831b-e4f9014bfcb2\",\n      \"createdAt\" : \"2026-03-06T01:59:02.924393Z\",\n      \"updatedBy\" : \"2e2b474d-8faa-45ca-831b-e4f9014bfcb2\",\n      \"updatedAt\" : \"2026-03-06T01:59:02.924393Z\",\n      \"deletedBy\" : null,\n      \"deletedAt\" : null,\n      \"value\" : null,\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/47dfd9f4-c10c-46cb-96aa-813a89224fec/client-certificates/jtsusp1egjgi3w84iufo0\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/47dfd9f4-c10c-46cb-96aa-813a89224fec\"\n        }\n      }\n    }, {\n      \"id\" : \"nk8vhuwyvqg3qassvsl5u\",\n      \"frontdoorId\" : \"47dfd9f4-c10c-46cb-96aa-813a89224fec\",\n      \"name\" : \"second\",\n      \"createdBy\" : \"44754a65-fa86-4daf-923d-ebe7b3d2cea5\",\n      \"createdAt\" : \"2026-03-06T01:59:02.914315Z\",\n      \"updatedBy\" : \"44754a65-fa86-4daf-923d-ebe7b3d2cea5\",\n      \"updatedAt\" : \"2026-03-06T01:59:02.914315Z\",\n      \"deletedBy\" : null,\n      \"deletedAt\" : null,\n      \"value\" : null,\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/47dfd9f4-c10c-46cb-96aa-813a89224fec/client-certificates/nk8vhuwyvqg3qassvsl5u\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/47dfd9f4-c10c-46cb-96aa-813a89224fec\"\n        }\n      }\n    }, {\n      \"id\" : \"y6eakvsxui17m5qbin6ld\",\n      \"frontdoorId\" : \"47dfd9f4-c10c-46cb-96aa-813a89224fec\",\n      \"name\" : \"first\",\n      \"createdBy\" : \"91cd3049-b620-4bf6-b7ef-f4ec94f75a71\",\n      \"createdAt\" : \"2026-03-06T01:59:02.903460Z\",\n      \"updatedBy\" : \"91cd3049-b620-4bf6-b7ef-f4ec94f75a71\",\n      \"updatedAt\" : \"2026-03-06T01:59:02.903460Z\",\n      \"deletedBy\" : null,\n      \"deletedAt\" : null,\n      \"value\" : null,\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/47dfd9f4-c10c-46cb-96aa-813a89224fec/client-certificates/y6eakvsxui17m5qbin6ld\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/47dfd9f4-c10c-46cb-96aa-813a89224fec\"\n        }\n      }\n    } ]\n  },\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/47dfd9f4-c10c-46cb-96aa-813a89224fec/client-certificates\"\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/47dfd9f4-c10c-46cb-96aa-813a89224fec\"\n    }\n  },\n  \"page\" : {\n    \"size\" : 20,\n    \"totalElements\" : 3,\n    \"totalPages\" : 1,\n    \"number\" : 0\n  }\n}"

Create Client Certificate with conventional auth

Creates a new Client Certificate for use in the specific Frontdoor. Client Certificates can be created in two ways, uploading an existing certificate that was generated outside of NetFoundry or the user can upload a Certificate Request and NetFoundry will generate the Client Certificate. The caller must have create permissions on the parent Frontdoor resource. The response includes the created Client Certificate resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty Name of the client certificate, can not be set when using a Certificate Request Token
type	string Enum: "CERTIFICATE" "CSR" Type of the data being sent by the client, `CSR` for generating a certificate or `CERTIFICATE` (default) for an already created certificate
value required	string non-empty The Certificate or Certificate Signing Request data
validYears	integer <int32> [ 1 .. 10 ] Number of years the certificate should be valid for, only valid when uploading CSR

Responses

Request samples

Payload

Content type

application/json

default

"{\"name\":\"client cert 2\",\"type\":\"CSR\",\"value\":\"-----BEGIN CERTIFICATE REQUEST-----\\nMIIB1jCCAT8CAQAwgZUxEjAQBgNVBAoTCWFjY2VzczM2MDEUMBIGA1UECxMLZW5n\\naW5lZXJpbmcxEDAOBgNVBAMTB250YWdlbnQxJDAiBgkqhkiG9w0BCQEWFW50YWdl\\nbnRAYWNjZXNzMzYwLmNvbTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju\\naWExDzANBgNVBAcTBklydmluZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\\nmR6AcPnwf6hLLc72BmUkAwaXcebtxCoCnnTH9uc8VuMHPbIMAgjuC4s91hPrilG7\\nUtlbOfy6X3R3kbeR8apRR9uLYrPIvQ1b4NK0whsytij6syCySaFQIB6V7RPBatFr\\n6XQ9hpsARdkGytZmGTgGTJ1hSS/jA6mbxpgmttz9HPECAwEAAaAAMA0GCSqGSIb3\\nDQEBAgUAA4GBADxA1cDkvXhgZntHkwT9tCTqUNV9sim8N/U15HgMRh177jVaHJqb\\nN1Er46vQSsOOOk4z2i/XwOmFkNNTXRVl9TLZZ/D+9mGZcDobcO+lbAKlePwyufxK\\nXqdpu3d433H7xfJJSNYLYBFkrQJesITqKft0Q45gIjywIrbctVUCepL2\\n-----END CERTIFICATE REQUEST-----\\n\",\"validYears\":2}"

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "gt13znnq91nk3mln6m35a",
  "frontdoorId" : "ebee6087-76db-4d8c-a142-c62d1223cdd7",
  "name" : "client cert 2",
  "createdBy" : "46bc578e-c057-4a1b-a81f-a4135dea4567",
  "createdAt" : "2026-03-06T01:59:12.813857Z",
  "updatedBy" : "46bc578e-c057-4a1b-a81f-a4135dea4567",
  "updatedAt" : "2026-03-06T01:59:12.818052Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "value" : "-----BEGIN CERTIFICATE-----\nMIIEYjCCAkqgAwIBAgIGAZzA3syZMA0GCSqGSIb3DQEBCwUAMFgxEzARBgNVBAMM\nCk5ldEZvdW5kcnkxEzARBgNVBAoMCk5ldEZvdW5kcnkxEjAQBgNVBAcMCUNoYXJs\nb3R0ZTELMAkGA1UECAwCTkMxCzAJBgNVBAYTAlVTMB4XDTI2MDMwNjAxNTkxMloX\nDTI4MDMwNTAxNTkxMlowgZUxEjAQBgNVBAoTCWFjY2VzczM2MDEUMBIGA1UECxML\nZW5naW5lZXJpbmcxEDAOBgNVBAMTB250YWdlbnQxJDAiBgkqhkiG9w0BCQEWFW50\nYWdlbnRAYWNjZXNzMzYwLmNvbTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlm\nb3JuaWExDzANBgNVBAcTBklydmluZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\ngYEAmR6AcPnwf6hLLc72BmUkAwaXcebtxCoCnnTH9uc8VuMHPbIMAgjuC4s91hPr\nilG7UtlbOfy6X3R3kbeR8apRR9uLYrPIvQ1b4NK0whsytij6syCySaFQIB6V7RPB\natFr6XQ9hpsARdkGytZmGTgGTJ1hSS/jA6mbxpgmttz9HPECAwEAAaN4MHYwEwYD\nVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFHv2y1V3wvY8YNqsxvQvNZV1KGuS\nMB8GA1UdIwQYMBaAFHv2y1V3wvY8YNqsxvQvNZV1KGuSMA8GA1UdEwEB/wQFMAMB\nAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBeD1+rRHmlsGX5\ny9UuZ1mOVYXLF2WKikgdLhUYaSUcOVMWkOp1Ms5z76V0fBdnBqE19m+OuUHlIXRT\ne1dElymj2Ck12peoOJPDKnSuBh7zf9hHvEUQvtygHS+NInO4SgkvdIk4Y8tGY4QJ\nu5Vc9yUi6RzPULCJimAoBYGch1YU3LVIPhcBBRMrFDsuThbycD6r0pZfhEAxVS1C\nrr4ahwi1HroEIYeRl9oSdLQ3lFHthDOMUSn8+Whott6QUGKxefEhHgwh0zFkr5Tc\nQKHrZIf1yPA5V5TUYsiTLZ3bmLP30giwvR+pRnmVwTI3SGtk8zknmHPSWK/oUr+d\nQkInz0vg15hq2x9W8cvXKh5jMKCpD5It7/27iAE0wz1FlV0PMRXXhe4CCqPoHNNK\njrgkCEMw3Qpc5Bqv2aqxqgS6AkTLrahw/Bs+1+a4N6dCRX0b+YdaCedLppyJEdhV\nlPiieGmQ9ogtVZKSUcXzRbkPfgQiW/qNg6LgFXPNCJPvCgs4r+NjLVHDeUilYEKW\nJRdeym1xFhT6QX3a+NbIEEy94aHrghAPt1wxhE7yD2myMrnFwuxYlzl5xx5xU54J\nOvBqtpKq+K2jE5NM6zuvvMB+AQE2lpq4KmRJAhca82/mabUWOSu7jQQnVDDLxCHf\nQd2/p7STF3x7DCPfiELD+8Z918mRYw==\n-----END CERTIFICATE-----\n",
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/ebee6087-76db-4d8c-a142-c62d1223cdd7/client-certificates/gt13znnq91nk3mln6m35a"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/ebee6087-76db-4d8c-a142-c62d1223cdd7"
    }
  }
}

Create Client Certificate with token auth

Creates a new Client Certificate for use in the specific Frontdoor using a pre-created Certificate Request Token. Client Certificates can be created in two ways, uploading an existing certificate that was generated outside of NetFoundry or the user can upload a Certificate Request and NetFoundry will generate the Client Certificate. The caller does not need any additional permissions, as long as the token is valid. The response includes the created Client Certificate resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
token required	string

Request Body schema: application/json
required

name required	string non-empty Name of the client certificate, can not be set when using a Certificate Request Token
type	string Enum: "CERTIFICATE" "CSR" Type of the data being sent by the client, `CSR` for generating a certificate or `CERTIFICATE` (default) for an already created certificate
value required	string non-empty The Certificate or Certificate Signing Request data
validYears	integer <int32> [ 1 .. 10 ] Number of years the certificate should be valid for, only valid when uploading CSR

Responses

Request samples

Payload

Content type

application/json

default

"{\"name\":null,\"type\":\"CSR\",\"value\":\"-----BEGIN CERTIFICATE REQUEST-----\\nMIIB1jCCAT8CAQAwgZUxEjAQBgNVBAoTCWFjY2VzczM2MDEUMBIGA1UECxMLZW5n\\naW5lZXJpbmcxEDAOBgNVBAMTB250YWdlbnQxJDAiBgkqhkiG9w0BCQEWFW50YWdl\\nbnRAYWNjZXNzMzYwLmNvbTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju\\naWExDzANBgNVBAcTBklydmluZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\\nmR6AcPnwf6hLLc72BmUkAwaXcebtxCoCnnTH9uc8VuMHPbIMAgjuC4s91hPrilG7\\nUtlbOfy6X3R3kbeR8apRR9uLYrPIvQ1b4NK0whsytij6syCySaFQIB6V7RPBatFr\\n6XQ9hpsARdkGytZmGTgGTJ1hSS/jA6mbxpgmttz9HPECAwEAAaAAMA0GCSqGSIb3\\nDQEBAgUAA4GBADxA1cDkvXhgZntHkwT9tCTqUNV9sim8N/U15HgMRh177jVaHJqb\\nN1Er46vQSsOOOk4z2i/XwOmFkNNTXRVl9TLZZ/D+9mGZcDobcO+lbAKlePwyufxK\\nXqdpu3d433H7xfJJSNYLYBFkrQJesITqKft0Q45gIjywIrbctVUCepL2\\n-----END CERTIFICATE REQUEST-----\\n\",\"validYears\":null}"

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "524k8k214gv6wt8uoofct",
  "frontdoorId" : "ebee6087-76db-4d8c-a142-c62d1223cdd7",
  "name" : "certification-request-token-20",
  "createdBy" : "961bc017-fce6-454b-92f4-8f9a038602f7",
  "createdAt" : "2026-03-06T01:59:12.510609Z",
  "updatedBy" : "961bc017-fce6-454b-92f4-8f9a038602f7",
  "updatedAt" : "2026-03-06T01:59:12.516388Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "value" : "-----BEGIN CERTIFICATE-----\nMIIEYjCCAkqgAwIBAgIGAZzA3stnMA0GCSqGSIb3DQEBCwUAMFgxEzARBgNVBAMM\nCk5ldEZvdW5kcnkxEzARBgNVBAoMCk5ldEZvdW5kcnkxEjAQBgNVBAcMCUNoYXJs\nb3R0ZTELMAkGA1UECAwCTkMxCzAJBgNVBAYTAlVTMB4XDTI2MDMwNjAxNTkxMloX\nDTI3MDMwNjAxNTkxMlowgZUxEjAQBgNVBAoTCWFjY2VzczM2MDEUMBIGA1UECxML\nZW5naW5lZXJpbmcxEDAOBgNVBAMTB250YWdlbnQxJDAiBgkqhkiG9w0BCQEWFW50\nYWdlbnRAYWNjZXNzMzYwLmNvbTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlm\nb3JuaWExDzANBgNVBAcTBklydmluZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\ngYEAmR6AcPnwf6hLLc72BmUkAwaXcebtxCoCnnTH9uc8VuMHPbIMAgjuC4s91hPr\nilG7UtlbOfy6X3R3kbeR8apRR9uLYrPIvQ1b4NK0whsytij6syCySaFQIB6V7RPB\natFr6XQ9hpsARdkGytZmGTgGTJ1hSS/jA6mbxpgmttz9HPECAwEAAaN4MHYwEwYD\nVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFHv2y1V3wvY8YNqsxvQvNZV1KGuS\nMB8GA1UdIwQYMBaAFHv2y1V3wvY8YNqsxvQvNZV1KGuSMA8GA1UdEwEB/wQFMAMB\nAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQCuMaiCcKTqydUA\nQJ4PlXAJl8pPL88Zq3liq2ImwyNO4CHvraeY3qoo4Im0Eh0lzNk0iBgf+TCfWpVf\nyzntnw09qcWCrCTOjyoa8XItOBfr8T0ovqP6XHBYfNbQxmEJxDeSCOv94+nmOYeZ\nGboqSoNyUOF6SSArfR8ajFZMTduSuf8LB/ppWUZ0ZVss1dGLzSvf8/HAL8rQwfmh\n8BfHKMX6QQRRPxxZERVHFKEYTRxFfWOUQSyo607lQuHtDtY7McoUYPy1AJ1E/13E\nkJ787GTua6QQTxL3SK2L0EYMIKQjm+5E83ApgX5UzkaE+sf4SrsX7jffv7GiJk07\nUS6t5YuQuw3G+HbBzAc823q1QWNK0oxdB8fh1jYxRQ+lnLjelrpfgIAupeaVoUc8\nPh+0W4nyil4gKlIf4nIhcMdgeDc3flHaMnnyyJfeyLru31bHhT+XeAdTS+TVqedu\nU0E136Bk4iQLeZgFvgrs4FmLlZvi4zQhPuTt5AxxbY+QWt2L3yd9Od4ilMN55eTj\nZoXabxQQFztbJQOBtGHxkKzNp5G40rHwFGjecZlicBUOVpYIhGaFypq2lfDAznor\nYNnaPV/mJorQko3ZOyThBx9t3dnENJIj841cG+2aUJuIuM/hbMTfwDxM8FAITC0c\nnegmGbTFzPoh1mx/pYi6LreeC2FYwA==\n-----END CERTIFICATE-----\n",
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/ebee6087-76db-4d8c-a142-c62d1223cdd7/client-certificates/524k8k214gv6wt8uoofct"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/ebee6087-76db-4d8c-a142-c62d1223cdd7"
    }
  }
}

Sparklines

Sparkline data for the Frontdoor.

Get Sparklines for the Frontdoor

This retrieves sparkline data for a specific frontdoor. Sparklines provide a concise view of network traffic metrics (receive and transmit) over a period of time. The data can be filtered by providing a set of environment ZIDs or a set of share tokens. It is mandatory to provide at least one environment or one share for the query to be valid.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

query Parameters

id	string Id to filter by, unique IDs of health check resources.
shares	any Share Tokens to filter by.
environments	any Environment ZID to filter by, unique id of the environment.
required	object (SparklinesInput) A request to show sparklines, filtering by environments and/or shares.

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"frontdoorId\" : \"9fafa2f3-c7cf-4dee-88f8-64ad3da66512\",\n  \"sparklines\" : [ {\n    \"scope\" : \"environment\",\n    \"id\" : \"lukoobz0qsjwsqlsy85th\",\n    \"period\" : null,\n    \"samples\" : [ {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 21756,\n      \"tx\" : 2334,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 175611,\n      \"tx\" : 1124,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 16,\n      \"tx\" : 22834,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    }, {\n      \"rx\" : 0,\n      \"tx\" : 0,\n      \"timestamp\" : null\n    } ]\n  } ],\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"/frontdoor/v2/{frontdoorId}/sparklines{?shares,environments}\",\n      \"templated\" : true\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/9fafa2f3-c7cf-4dee-88f8-64ad3da66512\"\n    }\n  }\n}"

Certificate Request Tokens

Management of Certificate Request Tokens.

Retrieves a single Certificate Request Token resource by ID.

Retrieves a single Certificate Request Token by its ID. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "e1m94lc27o7h9ybmjnqok",
  "frontdoorId" : "dc47ad45-f111-4079-9ca8-3b3d05ff9b09",
  "name" : "certification-request-token-44",
  "token" : "0kkq46rr7h",
  "commonName" : "frontdoor-cert-request-45",
  "organization" : "netfoundry-46",
  "organizationalUnit" : "MOP-47",
  "validYears" : 1,
  "expiresAt" : "2026-03-06T02:59:13.257395Z",
  "createdBy" : "a7c296f0-5aff-4dfb-a444-4b3efd3a93be",
  "createdAt" : "2026-03-06T01:59:13.257403Z",
  "updatedBy" : "a7c296f0-5aff-4dfb-a444-4b3efd3a93be",
  "updatedAt" : "2026-03-06T01:59:13.257403Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/dc47ad45-f111-4079-9ca8-3b3d05ff9b09/certificate-request-tokens/e1m94lc27o7h9ybmjnqok"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/dc47ad45-f111-4079-9ca8-3b3d05ff9b09"
    }
  }
}

Partial Update Certificate Request Token

Updates a Certificate Request Token in the specific Frontdoor. The caller must have update permissions on the parent Frontdoor resource. The response includes the updated Certificate Request Token resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
id required	string

Request Body schema: application/json
required

name required	string non-empty Name of the Certificate Request Token, it will be the name of the Client Certificate once created
commonName required	string non-empty The recommended Common Name (CN) for the certificate request
organization required	string non-empty The recommended Organization (O) for the certificate request
organizationalUnit required	string non-empty The recommended Organizational Unit (OU) for the certificate request
validYears	integer <int32> Number of years the client certificate(s) should be valid for

Responses

Request samples

Payload

Content type

application/json

No sample

Response samples

200
400
401
403
500

Content type

*/*

No sample

Delete Certificate Request Token

Deletes a Certificate Request Token by its ID. Deleting a Certificate Request Token is an asynchronous operation. The caller must have delete permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "4tgzs4pdm0ktxwkciimpx",
  "frontdoorId" : "dc47ad45-f111-4079-9ca8-3b3d05ff9b09",
  "name" : "certification-request-token-68",
  "token" : "0um0qrnqbt",
  "commonName" : "frontdoor-cert-request-69",
  "organization" : "netfoundry-70",
  "organizationalUnit" : "MOP-71",
  "validYears" : 1,
  "expiresAt" : "2026-03-06T02:59:13.659929Z",
  "createdBy" : "ad0a7cda-2300-4e09-8fb2-3b7c283bcd9e",
  "createdAt" : "2026-03-06T01:59:13.659994Z",
  "updatedBy" : "ad0a7cda-2300-4e09-8fb2-3b7c283bcd9e",
  "updatedAt" : "2026-03-06T01:59:13.683947Z",
  "deletedBy" : "2e1bc3dc-3c42-4e18-808f-dbb6be43ddce",
  "deletedAt" : "2026-03-06T01:59:13.684334Z",
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/dc47ad45-f111-4079-9ca8-3b3d05ff9b09/certificate-request-tokens/4tgzs4pdm0ktxwkciimpx"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/dc47ad45-f111-4079-9ca8-3b3d05ff9b09"
    }
  }
}

Full Update Certificate Request Token

Updates a Certificate Request Token in the specific Frontdoor. The caller must have update permissions on the parent Frontdoor resource. The response includes the updated Certificate Request Token resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
id required	string

Request Body schema: application/json
required

name required	string non-empty Name of the Certificate Request Token, it will be the name of the Client Certificate once created
commonName required	string non-empty The recommended Common Name (CN) for the certificate request
organization required	string non-empty The recommended Organization (O) for the certificate request
organizationalUnit required	string non-empty The recommended Organizational Unit (OU) for the certificate request
validYears	integer <int32> Number of years the client certificate(s) should be valid for

Responses

Request samples

Payload

Content type

application/json

No sample

Response samples

200
400
401
403
500

Content type

*/*

No sample

List Certificate Request Tokens

Retrieves a paginated list of Certificate Request Token resources in a specific Frontdoor. The results can be filtered by providing query parameters that correspond to the properties of a Certificate Request Token. For example, to filter by name, you can add ?name=my-check to the request URL. Multiple values for the same filter property are supported (e.g., ?name=check1&name=check2). Sorting and pagination are also supported. For instance, ?page=0&size=20&sort=name,asc will retrieve the first page of 20 certificate request tokens, sorted by name in ascending order. The returned list is automatically constrained by the user's access permissions. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

query Parameters

id	string Id to filter by, unique IDs of certificate request token resources.
name	any Name to filter by.
deletedAt	string <date-time> If deleted, filter by a range of timestamps. Defaults to to return only resources that are not deleted.
deletedBy	string <uuid> If deleted, filter by a user of the user. Defaults to to return only resources that are not deleted.
createdAt	string <date-time> Filter by a range of timestamps.
createdBy	string <uuid> Filter by a user of the user that created the resource.
updatedAt	string <date-time> Filter by a range of timestamps.
updatedBy	any Filter by a user of the user that last updated the resource.
page	any The page number.
size	any The number of resources returned per page.
sort	any The property to sort by, 'asc' and 'desc' can be appended after a comma

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"_embedded\" : {\n    \"certificateRequestTokenList\" : [ {\n      \"id\" : \"loewgsr9abo6s3bik3pme\",\n      \"frontdoorId\" : \"ae5629f6-719c-49d3-bc11-f108af417b0b\",\n      \"name\" : \"certification-request-token-60\",\n      \"token\" : \"b4rk5f1muj\",\n      \"commonName\" : \"frontdoor-cert-request-61\",\n      \"organization\" : \"netfoundry-62\",\n      \"organizationalUnit\" : \"MOP-63\",\n      \"validYears\" : 1,\n      \"expiresAt\" : \"2026-03-06T02:59:13.540234Z\",\n      \"createdBy\" : \"28837ab0-4150-4a53-8e9b-533eb0f8ffe9\",\n      \"createdAt\" : \"2026-03-06T01:59:13.539803Z\",\n      \"updatedBy\" : \"28837ab0-4150-4a53-8e9b-533eb0f8ffe9\",\n      \"updatedAt\" : \"2026-03-06T01:59:13.539803Z\",\n      \"deletedBy\" : null,\n      \"deletedAt\" : null,\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/ae5629f6-719c-49d3-bc11-f108af417b0b/certificate-request-tokens/loewgsr9abo6s3bik3pme\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/ae5629f6-719c-49d3-bc11-f108af417b0b\"\n        }\n      }\n    }, {\n      \"id\" : \"8gxuair76xr403zdwqht5\",\n      \"frontdoorId\" : \"ae5629f6-719c-49d3-bc11-f108af417b0b\",\n      \"name\" : \"certification-request-token-64\",\n      \"token\" : \"9i4gjdo8kk\",\n      \"commonName\" : \"frontdoor-cert-request-65\",\n      \"organization\" : \"netfoundry-66\",\n      \"organizationalUnit\" : \"MOP-67\",\n      \"validYears\" : 1,\n      \"expiresAt\" : \"2026-03-06T02:59:13.545240Z\",\n      \"createdBy\" : \"eebe4b7e-e871-4e46-9180-7ae88839d995\",\n      \"createdAt\" : \"2026-03-06T01:59:13.545238Z\",\n      \"updatedBy\" : \"eebe4b7e-e871-4e46-9180-7ae88839d995\",\n      \"updatedAt\" : \"2026-03-06T01:59:13.545238Z\",\n      \"deletedBy\" : null,\n      \"deletedAt\" : null,\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/ae5629f6-719c-49d3-bc11-f108af417b0b/certificate-request-tokens/8gxuair76xr403zdwqht5\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/ae5629f6-719c-49d3-bc11-f108af417b0b\"\n        }\n      }\n    } ]\n  },\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/ae5629f6-719c-49d3-bc11-f108af417b0b/certificate-request-tokens\"\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/ae5629f6-719c-49d3-bc11-f108af417b0b\"\n    }\n  },\n  \"page\" : {\n    \"size\" : 20,\n    \"totalElements\" : 2,\n    \"totalPages\" : 1,\n    \"number\" : 0\n  }\n}"

Create Certificate Request Token

Creates a new Certificate Request Token for use in the specific Frontdoor. Certificate Request Tokens have a token (OTT) that can be used to upload a single CSR to generate a Client Certificate. Using the OTT requires no further authentication when uploading a CSR by the end user. The caller must have create permissions on the parent Frontdoor resource. The response includes the created Certificate Request Token resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty Name of the Certificate Request Token, it will be the name of the Client Certificate once created
commonName	string The recommended Common Name (CN) for the certificate request
organization	string The recommended Organization (O) for the certificate request
organizationalUnit	string The recommended Organizational Unit (OU) for the certificate request
validYears	integer <int32> [ 1 .. 10 ] Number of years the certificate should be valid for

Responses

Request samples

Payload

Content type

application/json

No sample

Response samples

200
400
401
403
500

Content type

*/*

No sample

Retrieves a single Certificate Request Token resource by the token.

Retrieves a single Certificate Request Token by its token. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

token required	string Token attached to the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "x5z2zwwxvn1qb1mesgp39",
  "frontdoorId" : "dc47ad45-f111-4079-9ca8-3b3d05ff9b09",
  "name" : "certification-request-token-52",
  "token" : "9qjpxttlo0",
  "commonName" : "frontdoor-cert-request-53",
  "organization" : "netfoundry-54",
  "organizationalUnit" : "MOP-55",
  "validYears" : 1,
  "expiresAt" : "2026-03-06T02:59:13.416829Z",
  "createdBy" : "add06525-d52b-4463-aeba-ecbba57539ac",
  "createdAt" : "2026-03-06T01:59:13.416644Z",
  "updatedBy" : "add06525-d52b-4463-aeba-ecbba57539ac",
  "updatedAt" : "2026-03-06T01:59:13.416644Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/dc47ad45-f111-4079-9ca8-3b3d05ff9b09/certificate-request-tokens/x5z2zwwxvn1qb1mesgp39"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/dc47ad45-f111-4079-9ca8-3b3d05ff9b09"
    }
  }
}

TCP Share

Search TCP Share resources.

List TCP Shares

Retrieves a paginated list of TCP Share resources in a specific Frontdoor. The results can be filtered by providing query parameters that correspond to the properties of a TCP Share. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

query Parameters

id	string Id to filter by.
name	any Name to filter by.
status	any Status to filter by.
envZId	any Environment zrok ID to filter by.
ingressPort	integer <int32> Ingress port to filter by.
clientCertificateId	any Client certificate ID to filter by.
target	any Target to filter by.
deletedAt	string <date-time> If deleted, filter by a range of timestamps. Defaults to return only resources that are not deleted.
createdAt	string <date-time> Filter by a range of timestamps.
updatedAt	string <date-time> Filter by a range of timestamps.
page	any The page number.
size	any The number of resources returned per page.
sort	any The property to sort by, 'asc' and 'desc' can be appended after a comma.

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{ }"

Get metrics for single TCP Share resource by ID.

Retrieves transmitted and received data for a specific share. This endpoint fetches metrics data for a given share within a specific frontdoor. An optional duration parameter can be provided to specify the time window for the metrics.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
id required	string The unique id of the Share.

query Parameters

duration

string <duration>

Examples: duration=15m duration=1h

Optional time window to retrieve metrics for.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "89bf07cd-5b16-4a53-bcb4-48b466e6e4a5",
  "shareToken" : "share1",
  "scope" : "account",
  "id" : "9",
  "period" : "2592000",
  "samples" : [ {
    "rx" : 3821,
    "tx" : 513,
    "timestamp" : "2025-06-23T00:00:00.000+00:00"
  }, {
    "rx" : 3282,
    "tx" : 3053,
    "timestamp" : "2025-06-24T00:00:00.000+00:00"
  }, {
    "rx" : 821,
    "tx" : 302513,
    "timestamp" : "2025-06-25T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-26T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-27T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-28T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-29T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-30T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-01T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-02T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-03T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-04T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-05T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-06T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-07T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-08T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-09T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-10T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-11T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-12T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-13T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-14T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-15T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-16T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-17T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-18T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-19T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-20T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-21T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-22T00:00:00.000+00:00"
  }, {
    "rx" : 32821,
    "tx" : 30513,
    "timestamp" : "2025-07-22T15:56:40.161+00:00"
  } ],
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/89bf07cd-5b16-4a53-bcb4-48b466e6e4a5/shares/share1/metrics{?duration}",
      "templated" : true
    },
    "share" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/89bf07cd-5b16-4a53-bcb4-48b466e6e4a5/shares/share1"
    },
    "shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/89bf07cd-5b16-4a53-bcb4-48b466e6e4a5/shares{?envZId}",
      "templated" : true
    },
    "environments" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/89bf07cd-5b16-4a53-bcb4-48b466e6e4a5/environments/{envZId}",
      "templated" : true
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/89bf07cd-5b16-4a53-bcb4-48b466e6e4a5"
    }
  }
}

Search TCP Shares

Retrieves a paginated list of TCP Share resources filtered by any property. The results can be filtered by providing query parameters that correspond to the properties of a TCP Share. For example, to filter by status, you can add ?status=DEPLOYED to the request URL. Multiple values for the same filter property are supported (e.g., ?status=DEPLOYED&status=NEW). Sorting and pagination are also supported. For instance, ?page=0&size=20&sort=name,asc will retrieve the first page of 20 TCP shares, sorted by name in ascending order. The frontdoorId query parameter is required for authorization.

Authorizations:

bearerAuth

query Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
id	string Id to filter by.
name	any Name to filter by.
status	any Status to filter by.
ingressPort	integer <int32> Ingress port to filter by.
clientCertificateId	any Client certificate ID to filter by.
hostingId	any Hosting ID to filter by.
envZId	any Environment zrok ID to filter by.
target	any Target to filter by.
deletedAt	string <date-time> If deleted, filter by a range of timestamps. Defaults to return only resources that are not deleted.
deletedBy	string <uuid> If deleted, filter by the user that deleted the resource.
createdAt	string <date-time> Filter by a range of timestamps.
createdBy	string <uuid> Filter by the user that created the resource.
updatedAt	string <date-time> Filter by a range of timestamps.
page	any The page number.
size	any The number of resources returned per page.
sort	any The property to sort by, 'asc' and 'desc' can be appended after a comma.

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

No sample

HTTP Share

Search HTTP Share resources.

List HTTP Shares

Retrieves a paginated list of HTTP Share resources in a specific Frontdoor and Location. The results can be filtered by providing query parameters that correspond to the properties of an HTTP Share. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

query Parameters

id	string Id to filter by.
name	any Name to filter by.
status	any Status to filter by.
envZId	any Environment zrok ID to filter by.
namespaceToken	any Namespace token to filter by.
target	any Target to filter by.
authProviderId	any Auth provider ID to filter by.
deletedAt	string <date-time> If deleted, filter by a range of timestamps. Defaults to return only resources that are not deleted.
createdAt	string <date-time> Filter by a range of timestamps.
updatedAt	string <date-time> Filter by a range of timestamps.
page	any The page number.
size	any The number of resources returned per page.
sort	any The property to sort by, 'asc' and 'desc' can be appended after a comma.

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{ }"

Get metrics for single HTTP Share resource by ID.

Retrieves transmitted and received data for a specific share. This endpoint fetches metrics data for a given share within a specific frontdoor. An optional duration parameter can be provided to specify the time window for the metrics.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
id required	string The unique ID of the Share.

query Parameters

duration

string <duration>

Examples: duration=15m duration=1h

Optional time window to retrieve metrics for.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "89bf07cd-5b16-4a53-bcb4-48b466e6e4a5",
  "shareToken" : "share1",
  "scope" : "account",
  "id" : "9",
  "period" : "2592000",
  "samples" : [ {
    "rx" : 3821,
    "tx" : 513,
    "timestamp" : "2025-06-23T00:00:00.000+00:00"
  }, {
    "rx" : 3282,
    "tx" : 3053,
    "timestamp" : "2025-06-24T00:00:00.000+00:00"
  }, {
    "rx" : 821,
    "tx" : 302513,
    "timestamp" : "2025-06-25T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-26T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-27T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-28T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-29T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-06-30T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-01T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-02T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-03T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-04T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-05T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-06T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-07T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-08T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-09T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-10T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-11T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-12T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-13T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-14T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-15T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-16T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-17T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-18T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-19T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-20T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-21T00:00:00.000+00:00"
  }, {
    "rx" : 0,
    "tx" : 0,
    "timestamp" : "2025-07-22T00:00:00.000+00:00"
  }, {
    "rx" : 32821,
    "tx" : 30513,
    "timestamp" : "2025-07-22T15:56:40.161+00:00"
  } ],
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/89bf07cd-5b16-4a53-bcb4-48b466e6e4a5/shares/share1/metrics{?duration}",
      "templated" : true
    },
    "share" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/89bf07cd-5b16-4a53-bcb4-48b466e6e4a5/shares/share1"
    },
    "shares" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/89bf07cd-5b16-4a53-bcb4-48b466e6e4a5/shares{?envZId}",
      "templated" : true
    },
    "environments" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/89bf07cd-5b16-4a53-bcb4-48b466e6e4a5/environments/{envZId}",
      "templated" : true
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/89bf07cd-5b16-4a53-bcb4-48b466e6e4a5"
    }
  }
}

Search HTTP Shares

Retrieves a paginated list of HTTP Share resources filtered by any property. The results can be filtered by providing query parameters that correspond to the properties of an HTTP Share. For example, to filter by status, you can add ?status=DEPLOYED to the request URL. Multiple values for the same filter property are supported (e.g., ?status=DEPLOYED&status=NEW). Sorting and pagination are also supported. For instance, ?page=0&size=20&sort=name,asc will retrieve the first page of 20 HTTP shares, sorted by name in ascending order. The frontdoorId query parameter is required for authorization.

Authorizations:

bearerAuth

query Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
id	string Id to filter by.
name	any Name to filter by.
status	any Status to filter by.
envZId	any Environment zrok ID to filter by.
namespaceToken	any Namespace token to filter by.
shareToken	any Share token to filter by.
target	any Target to filter by.
oauthProvider	any OAuth provider to filter by.
deletedAt	string <date-time> If deleted, filter by a range of timestamps. Defaults to return only resources that are not deleted.
deletedBy	string <uuid> If deleted, filter by the user that deleted the resource.
createdAt	string <date-time> Filter by a range of timestamps.
createdBy	string <uuid> Filter by the user that created the resource.
updatedAt	string <date-time> Filter by a range of timestamps.
page	any The page number.
size	any The number of resources returned per page.
sort	any The property to sort by, 'asc' and 'desc' can be appended after a comma.

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

No sample

Health Checks

Management of Health Check resources. Health Checks are used to check if a Share is able to respond to external requests.

Retrieves a single Health Check resource by ID.

Retrieves a single Health Check by its ID. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "1a8ttkmb0itu9xwy9jccu",
  "frontdoorId" : "497a5ac7-b4c9-44ed-9117-098c193e0231",
  "locationId" : null,
  "name" : "health-check-128",
  "envZId" : "KXLVDlz_uA8zP6tMRUlJT",
  "shareId" : "cf3rnOnH6ZB7xECbJaJsC",
  "httpVerb" : "GET",
  "endpoint" : "/status",
  "expectedHttpResponse" : 200,
  "timeoutMilliseconds" : 1000,
  "createdBy" : "064f7bae-5a6f-43c6-83bc-964b1f95f7d3",
  "createdAt" : "2026-03-06T01:59:36.536676Z",
  "updatedBy" : "4ca8b712-7991-4a16-8c22-7ab137158ef7",
  "updatedAt" : "2026-03-06T01:59:36.540675Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/497a5ac7-b4c9-44ed-9117-098c193e0231/health-checks/1a8ttkmb0itu9xwy9jccu"
    },
    "share" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/497a5ac7-b4c9-44ed-9117-098c193e0231/http-shares/cf3rnOnH6ZB7xECbJaJsC"
    },
    "environment" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/497a5ac7-b4c9-44ed-9117-098c193e0231/environments/KXLVDlz_uA8zP6tMRUlJT"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/497a5ac7-b4c9-44ed-9117-098c193e0231"
    }
  }
}

Put Health Check

Performs a full update of an existing Health Check. All fields must be provided in the request body. The caller must have update permissions on the parent Frontdoor resource. The response includes the updated Health Check resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty A unique name for the health check within the frontdoor.
shareId required	string non-empty The ID of the share to health check.
endpoint required	string non-empty ^/.* The endpoint to call on the share.
httpVerb required	any (HttpMethod) The HTTP verb to use for the health check.
expectedHttpResponse	integer <int32> The expected HTTP response code. If not specified, defaults to 200.
timeoutMilliseconds	integer <int32> The timeout in milliseconds for the health check. If not specified, defaults to 10000.

Responses

Request samples

Payload

Content type

application/json

default

"{\"name\":\"health check a\",\"shareId\":\"7df6qft6npx3xlru94tbl\",\"endpoint\":\"/status\",\"httpVerb\":\"GET\",\"expectedHttpResponse\":200,\"timeoutMilliseconds\":1000}"

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "p4trw6n2bkzd800mv6bkb",
  "frontdoorId" : "250cfef9-2b2d-4d2b-8c1b-7fef87f6dc04",
  "locationId" : null,
  "name" : "health check a",
  "envZId" : "tzoq1MPu9UgYf5",
  "shareId" : "7df6qft6npx3xlru94tbl",
  "httpVerb" : "GET",
  "endpoint" : "/status",
  "expectedHttpResponse" : 200,
  "timeoutMilliseconds" : 1000,
  "createdBy" : "237b44a6-5220-44b1-a8da-1cc573193928",
  "createdAt" : "2026-03-06T01:59:36.267425Z",
  "updatedBy" : "54d0c142-489c-4888-8c5e-5f0089a6481a",
  "updatedAt" : "2026-03-06T01:59:36.316617Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/250cfef9-2b2d-4d2b-8c1b-7fef87f6dc04/health-checks/p4trw6n2bkzd800mv6bkb"
    },
    "share" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/250cfef9-2b2d-4d2b-8c1b-7fef87f6dc04/http-shares/7df6qft6npx3xlru94tbl"
    },
    "environment" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/250cfef9-2b2d-4d2b-8c1b-7fef87f6dc04/environments/tzoq1MPu9UgYf5"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/250cfef9-2b2d-4d2b-8c1b-7fef87f6dc04"
    }
  }
}

Delete Health Check

Deletes a Health Check by its ID. The caller must have delete permissions on the parent Frontdoor resource. Deleting a share deletes all Health Checks configured for the share.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "hci5itebsx68mvc0a7ilw",
  "frontdoorId" : "cf722d04-fcc7-4a2d-8694-e2eeaf5d6bee",
  "locationId" : null,
  "name" : "health-check-117",
  "envZId" : "9ma8fUiIi5geF9QO6X9l8",
  "shareId" : "ex8pzqkeeOBSraMwR_Ytr",
  "httpVerb" : "GET",
  "endpoint" : "/status",
  "expectedHttpResponse" : 200,
  "timeoutMilliseconds" : 1000,
  "createdBy" : "cc84b688-ab3c-45a7-8f7b-674145a246c2",
  "createdAt" : "2026-03-06T01:59:35.590432Z",
  "updatedBy" : "ab5a72ce-0c17-4459-8c06-07f148ae88a3",
  "updatedAt" : "2026-03-06T01:59:35.707989Z",
  "deletedBy" : "c4e6a375-8723-4d71-ba81-6e7cb86d8657",
  "deletedAt" : "2026-03-06T01:59:35.707943Z",
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/cf722d04-fcc7-4a2d-8694-e2eeaf5d6bee/health-checks/hci5itebsx68mvc0a7ilw"
    },
    "share" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/cf722d04-fcc7-4a2d-8694-e2eeaf5d6bee/http-shares/ex8pzqkeeOBSraMwR_Ytr"
    },
    "environment" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/cf722d04-fcc7-4a2d-8694-e2eeaf5d6bee/environments/9ma8fUiIi5geF9QO6X9l8"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/cf722d04-fcc7-4a2d-8694-e2eeaf5d6bee"
    }
  }
}

Patch Health Check

Partially updates an existing Health Check resource. Only properties to be updated need to be provided in the request body. The caller must have update permissions on the parent Frontdoor resource. The response includes the updated Health Check resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty A unique name for the health check within the frontdoor.
shareId required	string non-empty The ID of the share to health check.
endpoint required	string non-empty ^/.* The endpoint to call on the share.
httpVerb required	any (HttpMethod) The HTTP verb to use for the health check.
expectedHttpResponse	integer <int32> The expected HTTP response code. If not specified, defaults to 200.
timeoutMilliseconds	integer <int32> The timeout in milliseconds for the health check. If not specified, defaults to 10000.

Responses

Request samples

Payload

Content type

application/json

default

"{\"name\":\"health check a\",\"shareId\":\"md7jvepa93ckplc8ti05o\",\"endpoint\":null,\"httpVerb\":null,\"expectedHttpResponse\":null,\"timeoutMilliseconds\":null}"

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "xrwbnic3n062ghrxhzk6x",
  "frontdoorId" : "25da506f-3452-4f90-83d3-9b827b9e4179",
  "locationId" : null,
  "name" : "health check a",
  "envZId" : "HMVZfmgRJnWTyaMzoZGSS",
  "shareId" : "md7jvepa93ckplc8ti05o",
  "httpVerb" : "GET",
  "endpoint" : "/status",
  "expectedHttpResponse" : 200,
  "timeoutMilliseconds" : 1000,
  "createdBy" : "f646ac29-bdd5-492f-911a-a97f04c10ca7",
  "createdAt" : "2026-03-06T01:59:36.476849Z",
  "updatedBy" : "e6dac9c4-af06-41f2-a3db-ce0a41b468fe",
  "updatedAt" : "2026-03-06T01:59:36.499091Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/25da506f-3452-4f90-83d3-9b827b9e4179/health-checks/xrwbnic3n062ghrxhzk6x"
    },
    "share" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/25da506f-3452-4f90-83d3-9b827b9e4179/http-shares/md7jvepa93ckplc8ti05o"
    },
    "environment" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/25da506f-3452-4f90-83d3-9b827b9e4179/environments/HMVZfmgRJnWTyaMzoZGSS"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/25da506f-3452-4f90-83d3-9b827b9e4179"
    }
  }
}

List Health Checks

Retrieves a paginated list of Health Check resources in a specific Frontdoor. The results can be filtered by providing query parameters that correspond to the properties of a Health Check. For example, to filter by name, you can add ?name=my-check to the request URL. Multiple values for the same filter property are supported (e.g., ?name=check1&name=check2). Sorting and pagination are also supported. For instance, ?page=0&size=20&sort=name,asc will retrieve the first page of 20 health checks, sorted by name in ascending order. The returned list is automatically constrained by the user's access permissions. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

query Parameters

id	string Id to filter by, unique IDs of health check resources.
name	any Name to filter by.
locationId	any Location to filter by.
environment	any Environment ZID to filter by, unique id of the environment.
shareToken	any Share token to filter by, unique name of the share, uses 'like' semantics.
endpoint	any Endpoint to filter by, the target of the health check like /status or /health.
httpVerb	any The HTTP verb to filter by, example GET, POST, HEAD, etc.
expectedHttpResponse	any The expected HTTP response code to filter by, example 200.
timeoutMilliseconds	any The timeout in milliseconds to filter by, example 10000.
deletedAt	string <date-time> If deleted, filter by a range of timestamps. Defaults to to return only resources that are not deleted.
deletedBy	string <uuid> If deleted, filter by a user of the user. Defaults to to return only resources that are not deleted.
createdAt	string <date-time> Filter by a range of timestamps.
createdBy	string <uuid> Filter by a user of the user that created the resource.
updatedAt	string <date-time> Filter by a range of timestamps.
updatedBy	any Filter by a user of the user that last updated the resource.
page	any The page number.
size	any The number of resources returned per page.
sort	any The property to sort by, 'asc' and 'desc' can be appended after a comma

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"_embedded\" : {\n    \"healthCheckList\" : [ {\n      \"id\" : \"468t1osxu0uly5wgxp3y2\",\n      \"frontdoorId\" : \"8fd0b9a3-2d7c-4d04-85b6-fd6416797a89\",\n      \"locationId\" : null,\n      \"name\" : \"health-check-118\",\n      \"envZId\" : \"gYXiAUDHNG1vvrDYEDvV6\",\n      \"shareId\" : \"fM9TAcToiysKuYC4FUuqT\",\n      \"httpVerb\" : \"GET\",\n      \"endpoint\" : \"/status\",\n      \"expectedHttpResponse\" : 200,\n      \"timeoutMilliseconds\" : 1000,\n      \"createdBy\" : \"3b366825-4fa0-40bc-b081-5e58c24119dd\",\n      \"createdAt\" : \"2026-03-06T01:59:35.946497Z\",\n      \"updatedBy\" : \"3bda5cdb-f364-48c8-beb1-78c87a2db51a\",\n      \"updatedAt\" : \"2026-03-06T01:59:35.951800Z\",\n      \"deletedBy\" : null,\n      \"deletedAt\" : null,\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/8fd0b9a3-2d7c-4d04-85b6-fd6416797a89/health-checks/468t1osxu0uly5wgxp3y2\"\n        },\n        \"share\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/8fd0b9a3-2d7c-4d04-85b6-fd6416797a89/http-shares/fM9TAcToiysKuYC4FUuqT\"\n        },\n        \"environment\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/8fd0b9a3-2d7c-4d04-85b6-fd6416797a89/environments/gYXiAUDHNG1vvrDYEDvV6\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/8fd0b9a3-2d7c-4d04-85b6-fd6416797a89\"\n        }\n      }\n    }, {\n      \"id\" : \"jedn1b12duorv8lw0lf6v\",\n      \"frontdoorId\" : \"8fd0b9a3-2d7c-4d04-85b6-fd6416797a89\",\n      \"locationId\" : null,\n      \"name\" : \"health-check-119\",\n      \"envZId\" : \"o_Wej5FjXiyM6JFKGNwSC\",\n      \"shareId\" : \"qFtlW-pudXKtJUUHIxrjH\",\n      \"httpVerb\" : \"HEAD\",\n      \"endpoint\" : \"/health\",\n      \"expectedHttpResponse\" : 200,\n      \"timeoutMilliseconds\" : 1000,\n      \"createdBy\" : \"db6de2b1-dbe6-4281-8517-ef45f0374c63\",\n      \"createdAt\" : \"2026-03-06T01:59:35.955551Z\",\n      \"updatedBy\" : \"3f4e8587-ee8c-4bc3-96c4-87655a99ebc5\",\n      \"updatedAt\" : \"2026-03-06T01:59:35.960174Z\",\n      \"deletedBy\" : null,\n      \"deletedAt\" : null,\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/8fd0b9a3-2d7c-4d04-85b6-fd6416797a89/health-checks/jedn1b12duorv8lw0lf6v\"\n        },\n        \"share\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/8fd0b9a3-2d7c-4d04-85b6-fd6416797a89/http-shares/qFtlW-pudXKtJUUHIxrjH\"\n        },\n        \"environment\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/8fd0b9a3-2d7c-4d04-85b6-fd6416797a89/environments/o_Wej5FjXiyM6JFKGNwSC\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/8fd0b9a3-2d7c-4d04-85b6-fd6416797a89\"\n        }\n      }\n    } ]\n  },\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/8fd0b9a3-2d7c-4d04-85b6-fd6416797a89/health-checks\"\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/8fd0b9a3-2d7c-4d04-85b6-fd6416797a89\"\n    }\n  },\n  \"page\" : {\n    \"size\" : 20,\n    \"totalElements\" : 2,\n    \"totalPages\" : 1,\n    \"number\" : 0\n  }\n}"

Create Health Check

Creates a new Health Check for a Frontdoor. The caller must have create permissions on the parent Frontdoor resource. The response includes the created Health Check resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty A unique name for the health check within the frontdoor.
locationId	string The ID of the location where the health check will be created.
shareId required	string non-empty The ID of the share to health check.
endpoint required	string non-empty ^/.* The endpoint to call on the share.
httpVerb required	any (HttpMethod) The HTTP verb to use for the health check.
expectedHttpResponse	integer <int32> The expected HTTP response code. If not specified, defaults to 200.
timeoutMilliseconds	integer <int32> The timeout in milliseconds for the health check. If not specified, defaults to 10000.

Responses

Request samples

Payload

Content type

application/json

default

"{\"name\":\"health check 1\",\"locationId\":null,\"shareId\":\"qfbw7d11ozgcwzcx5hsxj\",\"endpoint\":\"/status\",\"httpVerb\":\"GET\",\"expectedHttpResponse\":null,\"timeoutMilliseconds\":null}"

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "dl6xex81gnw1t1wuw56x0",
  "frontdoorId" : "cbae412f-bc12-49c9-8dd4-1d4c4f69b573",
  "locationId" : null,
  "name" : "health check 1",
  "envZId" : "x2tnLk7qCqW0_W4NaS_h8",
  "shareId" : "qfbw7d11ozgcwzcx5hsxj",
  "httpVerb" : "GET",
  "endpoint" : "/status",
  "expectedHttpResponse" : 200,
  "timeoutMilliseconds" : 1000,
  "createdBy" : "7c57302f-634f-4d4e-8abc-1f5ab2961b6a",
  "createdAt" : "2026-03-06T01:59:36.211996Z",
  "updatedBy" : "7c57302f-634f-4d4e-8abc-1f5ab2961b6a",
  "updatedAt" : "2026-03-06T01:59:36.211996Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/cbae412f-bc12-49c9-8dd4-1d4c4f69b573/health-checks/dl6xex81gnw1t1wuw56x0"
    },
    "share" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/cbae412f-bc12-49c9-8dd4-1d4c4f69b573/http-shares/qfbw7d11ozgcwzcx5hsxj"
    },
    "environment" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/cbae412f-bc12-49c9-8dd4-1d4c4f69b573/environments/x2tnLk7qCqW0_W4NaS_h8"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/cbae412f-bc12-49c9-8dd4-1d4c4f69b573"
    }
  }
}

Executes a HealthCheck without storing it.

Executes a transient Health Check without saving it. This is useful for testing health check parameters before creating a resource. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty A unique name for the health check within the frontdoor.
locationId	string The ID of the location where the health check will be created.
shareId required	string non-empty The ID of the share to health check.
endpoint required	string non-empty ^/.* The endpoint to call on the share.
httpVerb required	any (HttpMethod) The HTTP verb to use for the health check.
expectedHttpResponse	integer <int32> The expected HTTP response code. If not specified, defaults to 200.
timeoutMilliseconds	integer <int32> The timeout in milliseconds for the health check. If not specified, defaults to 10000.

Responses

Request samples

Payload

Content type

application/json

No sample

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "92e58b6f-70e9-40f7-89df-f6e6d134c2e4",
  "id" : null,
  "healthy" : true,
  "error" : null,
  "_links" : {
    "health-check" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/92e58b6f-70e9-40f7-89df-f6e6d134c2e4/health-checks/{id}",
      "templated" : true
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/92e58b6f-70e9-40f7-89df-f6e6d134c2e4"
    }
  }
}

Executes a stored HealthCheck by ID.

Executes a previously stored Health Check immediately. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "cd1de705-3578-4001-b28e-4e37a1044f8e",
  "id" : "r1uicwusu576sir2w58ft",
  "healthy" : true,
  "error" : null,
  "_links" : {
    "health-check" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/cd1de705-3578-4001-b28e-4e37a1044f8e/health-checks/r1uicwusu576sir2w58ft"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/cd1de705-3578-4001-b28e-4e37a1044f8e"
    }
  }
}

Auth Provider

Management of Auth Provider resources. Auth Providers are configured on the account Frontend, they are then optionally assigned to Shares.

Retrieves a single Auth Provider resource by ID.

Retrieves a single Auth Provider by its ID. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "1t8agviaw4j641n7npsnw",
  "frontdoorId" : "8f5616ae-0b14-427a-914a-ce3af69f5459",
  "name" : "auth-provider-77",
  "type" : "OIDC",
  "prompt" : "login",
  "createdBy" : "6d55814e-cf5c-4f4a-8897-8935856ce606",
  "createdAt" : "2026-03-06T01:59:15.335343Z",
  "updatedBy" : "cf5fb6dc-0d7e-4fc6-8b8f-c6992beb0c56",
  "updatedAt" : "2026-03-06T01:59:15.339919Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "data" : {
    "client_id" : "GqzdVHAWOdwk16y4PhFWR",
    "client_secret" : "F7-dWaQZ2fXNlpkJFcYYG",
    "scopes" : [ "openid", "email", "profile" ],
    "issuer" : "https://accounts.google.com/o/oauth2/v2/auth",
    "supports_pkce" : true
  },
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/8f5616ae-0b14-427a-914a-ce3af69f5459/auth-providers/1t8agviaw4j641n7npsnw"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/8f5616ae-0b14-427a-914a-ce3af69f5459"
    }
  }
}

Put Auth Provider

Performs a full update on an existing Auth Provider resource. All fields must be provided in the request body. The caller must have update permissions on the parent Frontdoor resource. The response includes the updated Auth Provider resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty Name of the authentication provider
type required	string Type of the authentication provider
prompt	string Enum: "NONE" "LOGIN" "CONSENT" "SELECT_ACCOUNT" "CREATE" OIDC prompt parameter, only valid if authentication provider is type `OIDC`
data required	any (JsonNode) Configuration data for the authentication provider

Responses

Request samples

Payload

Content type

application/json

default

"{\"name\":\"auth provider a\",\"type\":null,\"prompt\":null,\"data\":null}"

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "tax28f6rarfdrldcovo9m",
  "frontdoorId" : "d59f5b6c-1977-45f8-a4f4-e63cc52557ad",
  "name" : "auth provider a",
  "type" : "OIDC",
  "prompt" : "login",
  "createdBy" : "d1ba7468-45fb-4a51-90a1-0026fcc6e469",
  "createdAt" : "2026-03-06T01:59:15.229470Z",
  "updatedBy" : "237307bd-4046-4693-9b77-4061f1796575",
  "updatedAt" : "2026-03-06T01:59:15.257471Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "data" : {
    "client_id" : "iCbVvixGl5DI1MxVlOPMU",
    "client_secret" : "3wvNO2MZLEnQEAMUN53Os",
    "scopes" : [ "openid", "email", "profile" ],
    "issuer" : "https://accounts.google.com/o/oauth2/v2/auth",
    "supports_pkce" : true
  },
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/d59f5b6c-1977-45f8-a4f4-e63cc52557ad/auth-providers/tax28f6rarfdrldcovo9m"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/d59f5b6c-1977-45f8-a4f4-e63cc52557ad"
    }
  }
}

Delete Auth Provider

Deletes a Auth Provider by its ID. This is a soft delete operation. The caller must have delete permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "kcajikcxeycsc3aomdf6e",
  "frontdoorId" : "510a5a46-3335-4dda-99c4-cd2d6b943dce",
  "name" : "auth-provider-78",
  "type" : "OIDC",
  "prompt" : "login",
  "createdBy" : "f804366b-f48e-47ac-a771-ccd795cd4874",
  "createdAt" : "2026-03-06T01:59:15.505271Z",
  "updatedBy" : "d37bdca1-a05d-45d7-8608-8d31c3eae73a",
  "updatedAt" : "2026-03-06T01:59:15.521589Z",
  "deletedBy" : "c139d650-d4b0-4aaf-ac87-7dbb2274af0f",
  "deletedAt" : "2026-03-06T01:59:15.522133Z",
  "data" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/510a5a46-3335-4dda-99c4-cd2d6b943dce/auth-providers/kcajikcxeycsc3aomdf6e"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/510a5a46-3335-4dda-99c4-cd2d6b943dce"
    }
  }
}

Patch Auth Provider

Partially updates an existing Auth Provider resource. Only properties to be updated need to be provided in the request body. The caller must have update permissions on the parent Frontdoor resource. The response includes the updated Auth Provider resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty Name of the authentication provider
type required	string Type of the authentication provider
prompt	string Enum: "NONE" "LOGIN" "CONSENT" "SELECT_ACCOUNT" "CREATE" OIDC prompt parameter, only valid if authentication provider is type `OIDC`
data required	any (JsonNode) Configuration data for the authentication provider

Responses

Request samples

Payload

Content type

application/json

default

"{\"name\":\"auth provider a\",\"type\":null,\"prompt\":null,\"data\":null}"

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "tax28f6rarfdrldcovo9m",
  "frontdoorId" : "d59f5b6c-1977-45f8-a4f4-e63cc52557ad",
  "name" : "auth provider a",
  "type" : "OIDC",
  "prompt" : "login",
  "createdBy" : "d1ba7468-45fb-4a51-90a1-0026fcc6e469",
  "createdAt" : "2026-03-06T01:59:15.229470Z",
  "updatedBy" : "237307bd-4046-4693-9b77-4061f1796575",
  "updatedAt" : "2026-03-06T01:59:15.257471Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "data" : {
    "client_id" : "iCbVvixGl5DI1MxVlOPMU",
    "client_secret" : "3wvNO2MZLEnQEAMUN53Os",
    "scopes" : [ "openid", "email", "profile" ],
    "issuer" : "https://accounts.google.com/o/oauth2/v2/auth",
    "supports_pkce" : true
  },
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/d59f5b6c-1977-45f8-a4f4-e63cc52557ad/auth-providers/tax28f6rarfdrldcovo9m"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/d59f5b6c-1977-45f8-a4f4-e63cc52557ad"
    }
  }
}

List Auth Providers

Retrieves a paginated list of Auth Provider resources in a specific Frontdoor. The results can be filtered by providing query parameters that correspond to the properties of an Auth Provider. For example, to filter by name, you can add ?name=my-check to the request URL. Multiple values for the same filter property are supported (e.g., ?name=check1&name=check2). Sorting and pagination are also supported. For instance, ?page=0&size=20&sort=name,asc will retrieve the first page of 20 auth providers, sorted by name in ascending order. The returned list is automatically constrained by the user's access permissions. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

query Parameters

id	string Id to filter by, unique IDs of auth provider resources.
name	any Name to filter by.
schema	any The auth provider schema type, see Auth Provider Type resource
deletedAt	string <date-time> If deleted, filter by a range of timestamps. Defaults to to return only resources that are not deleted.
deletedBy	string <uuid> If deleted, filter by a user of the user. Defaults to to return only resources that are not deleted.
createdAt	string <date-time> Filter by a range of timestamps.
createdBy	string <uuid> Filter by a user of the user that created the resource.
updatedAt	string <date-time> Filter by a range of timestamps.
updatedBy	any Filter by a user of the user that last updated the resource.
page	any The page number.
size	any The number of resources returned per page.
sort	any The property to sort by, 'asc' and 'desc' can be appended after a comma

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"_embedded\" : {\n    \"authProviderList\" : [ {\n      \"id\" : \"h8hh5v5v0fjfq3bf0f5h5\",\n      \"frontdoorId\" : \"fa64c780-407c-4174-99b3-a3c3739f3012\",\n      \"name\" : \"auth-provider-79\",\n      \"type\" : \"OIDC\",\n      \"prompt\" : \"login\",\n      \"createdBy\" : \"91735ff5-2576-49d3-beb5-13039e311b4a\",\n      \"createdAt\" : \"2026-03-06T01:59:15.560006Z\",\n      \"updatedBy\" : \"fc1cc793-2ff6-450b-b710-f2ba09ab4ccc\",\n      \"updatedAt\" : \"2026-03-06T01:59:15.563606Z\",\n      \"deletedBy\" : null,\n      \"deletedAt\" : null,\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/fa64c780-407c-4174-99b3-a3c3739f3012/auth-providers/h8hh5v5v0fjfq3bf0f5h5\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/fa64c780-407c-4174-99b3-a3c3739f3012\"\n        }\n      }\n    }, {\n      \"id\" : \"uf27emmemzk09gsmy3tmr\",\n      \"frontdoorId\" : \"fa64c780-407c-4174-99b3-a3c3739f3012\",\n      \"name\" : \"auth-provider-80\",\n      \"type\" : \"OIDC\",\n      \"prompt\" : \"login\",\n      \"createdBy\" : \"c947963f-8865-4f56-8283-c3ad63e7e550\",\n      \"createdAt\" : \"2026-03-06T01:59:15.567577Z\",\n      \"updatedBy\" : \"33df2375-e612-41f9-a83a-277c50d014bc\",\n      \"updatedAt\" : \"2026-03-06T01:59:15.571936Z\",\n      \"deletedBy\" : null,\n      \"deletedAt\" : null,\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/fa64c780-407c-4174-99b3-a3c3739f3012/auth-providers/uf27emmemzk09gsmy3tmr\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/fa64c780-407c-4174-99b3-a3c3739f3012\"\n        }\n      }\n    } ]\n  },\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/fa64c780-407c-4174-99b3-a3c3739f3012/auth-providers\"\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/fa64c780-407c-4174-99b3-a3c3739f3012\"\n    }\n  },\n  \"page\" : {\n    \"size\" : 20,\n    \"totalElements\" : 2,\n    \"totalPages\" : 1,\n    \"number\" : 0\n  }\n}"

Create Auth Provider

Creates a new Auth Provider for a Frontdoor. The caller must have create permissions on the parent Frontdoor resource. The response includes the created Auth Provider resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty Name of the authentication provider
type required	string Type of the authentication provider
prompt	string Enum: "NONE" "LOGIN" "CONSENT" "SELECT_ACCOUNT" "CREATE" OIDC prompt parameter, only valid if authentication provider is type `OIDC`
data required	any (JsonNode) Configuration data for the authentication provider

Responses

Request samples

Payload

Content type

application/json

default

"{\"name\":\"auth provider 1\",\"type\":\"GOOGLE\",\"prompt\":\"login\",\"data\":{\"client_id\":\"s1aEzYkrv72gdg8HoozMZ\",\"client_secret\":\"REiBpXrDx1ANEMD2Q8FCJ\"}}"

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "gqesjlbejvcgygd4r4ksu",
  "frontdoorId" : "98d91785-94ea-4e80-b29a-585ffc090ffc",
  "name" : "auth provider 1",
  "type" : "GOOGLE",
  "prompt" : "login",
  "createdBy" : "a786fec7-6ac7-499c-8136-7f6ec3609620",
  "createdAt" : "2026-03-06T01:59:15.423292Z",
  "updatedBy" : "a786fec7-6ac7-499c-8136-7f6ec3609620",
  "updatedAt" : "2026-03-06T01:59:15.426808Z",
  "deletedBy" : null,
  "deletedAt" : null,
  "data" : {
    "client_id" : "s1aEzYkrv72gdg8HoozMZ",
    "client_secret" : "REiBpXrDx1ANEMD2Q8FCJ"
  },
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/98d91785-94ea-4e80-b29a-585ffc090ffc/auth-providers/gqesjlbejvcgygd4r4ksu"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/98d91785-94ea-4e80-b29a-585ffc090ffc"
    }
  }
}

Agent

Management of Agent resources. An Agent is installed on a client host to host Shares. Agents can't be updated.

Create Enrollment Token

Creates a new Enrollment Token, for use with installing a Frontdoor Agent. The caller must have create permissions on the parent Frontdoor resource. The response includes the Enrollment Token.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "id" : "ttojsxzgzczt6zdxltlaw",
  "frontdoorId" : "4a82745c-a6e5-4610-b3c8-b068581e488c",
  "locationId" : "lpke7bao3x23kvczg7o1i",
  "bootstrapToken" : "iwd965ge",
  "enrollmentExpiryDate" : "2026-03-08T01:59:38.161577Z",
  "enrollmentAttempts" : 0,
  "envZId" : null,
  "createdAt" : "2026-03-06T01:59:38.161439Z",
  "createdBy" : "d902a878-8031-4eec-afcc-7a769f9cd05d",
  "deletedAt" : null,
  "deletedBy" : null,
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/4a82745c-a6e5-4610-b3c8-b068581e488c/agent/enrollment"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/4a82745c-a6e5-4610-b3c8-b068581e488c"
    }
  }
}

Get Bootstrap Token

Get the Bootstrap token for the Enrollment Token, called by the Frontdoor Agent during bootstrapping process. The response includes the Bootstrap Token.

Authorizations:

bearerAuth

path Parameters

code

required

string

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "accountToken" : "K1TVq3Myno8xlin36AthH",
  "apiEndpoint" : "https://localhost:0"
}

Complete Agent Enrollment

Reports the result of an agent enrollment attempt, called by the Frontdoor Agent after bootstrapping. If the status is "success", the envZId must be provided. If the status is "failed", the reason must be provided.

Authorizations:

bearerAuth

path Parameters

code

required

string

The unique enrollment token.

Request Body schema: application/json
required

envZId	string The agent's ziti ID
status required	string non-empty success\|failed The enrollment status
reason	string The failure reason

Responses

Request samples

Payload

Content type

application/json

No sample

Response samples

400
401
403
500

Content type

*/*

No sample

Retrieves a single Agent resource by ID.

Retrieves a single Agent by its ID. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "4a82745c-a6e5-4610-b3c8-b068581e488c",
  "shares" : [ {
    "token" : "share1",
    "shareMode" : "public",
    "backendMode" : "proxy",
    "reserved" : true,
    "frontendEndpoints" : [ "https://share1.shares.netfoundry.io" ],
    "backendEndpoint" : "https://google.com",
    "status" : "online"
  } ],
  "accesses" : null,
  "_links" : {
    "version" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/4a82745c-a6e5-4610-b3c8-b068581e488c/agents/lthlt9mthkqwx91lvv5ql/version"
    },
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/4a82745c-a6e5-4610-b3c8-b068581e488c/agents/lthlt9mthkqwx91lvv5ql/status"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/4a82745c-a6e5-4610-b3c8-b068581e488c"
    }
  }
}

Delete agent

Deletes a agent by its ID. The caller must have delete permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "4a82745c-a6e5-4610-b3c8-b068581e488c",
  "shares" : [ {
    "token" : "share1",
    "shareMode" : "public",
    "backendMode" : "proxy",
    "reserved" : true,
    "frontendEndpoints" : [ "https://share1.shares.netfoundry.io" ],
    "backendEndpoint" : "https://google.com",
    "status" : "online"
  } ],
  "accesses" : null,
  "_links" : {
    "version" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/4a82745c-a6e5-4610-b3c8-b068581e488c/agents/v7c9x7ggsqkoj5b33tpng/version"
    },
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/4a82745c-a6e5-4610-b3c8-b068581e488c/agents/v7c9x7ggsqkoj5b33tpng/status"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/4a82745c-a6e5-4610-b3c8-b068581e488c"
    }
  }
}

Retrieves the version of single Agent resource by ID.

Retrieves the version of an Agent by its ID. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "4a82745c-a6e5-4610-b3c8-b068581e488c",
  "version" : "1.0.1",
  "_links" : {
    "status" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/4a82745c-a6e5-4610-b3c8-b068581e488c/agents/pqh9s1lsh9mv2so7sj8pp/status"
    },
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/4a82745c-a6e5-4610-b3c8-b068581e488c/agents/pqh9s1lsh9mv2so7sj8pp/version"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/4a82745c-a6e5-4610-b3c8-b068581e488c"
    }
  }
}

Get Agent Enrollment

Retrieves a single Agent Enrollment by its ID. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
id required	string Id of the Agent Enrollment.

Responses

Response samples

400
401
403
500

Content type

*/*

No sample

Namespace

Management of Namespace resources. Namespaces are configured to group shares in an account. Each namespace represents a domain. An account have 1 or more namespaces.

List all Namespaces for a Frontdoor.

Retrieves all Namespace resources belonging to a specific Frontdoor. Does not include the configuration data. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "_embedded" : {
    "namespaceList" : [ {
      "frontdoorId" : "045b5a29-b0c9-45c3-b347-ecd5f542049d",
      "namespaceToken" : "ns_token_1",
      "name" : "namespace-1",
      "description" : "First namespace",
      "_links" : {
        "self" : {
          "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/045b5a29-b0c9-45c3-b347-ecd5f542049d/namespaces/ns_token_1"
        },
        "frontdoor" : {
          "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/045b5a29-b0c9-45c3-b347-ecd5f542049d"
        }
      }
    }, {
      "frontdoorId" : "045b5a29-b0c9-45c3-b347-ecd5f542049d",
      "namespaceToken" : "ns_token_2",
      "name" : "namespace-2",
      "description" : "Second namespace",
      "_links" : {
        "self" : {
          "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/045b5a29-b0c9-45c3-b347-ecd5f542049d/namespaces/ns_token_2"
        },
        "frontdoor" : {
          "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/045b5a29-b0c9-45c3-b347-ecd5f542049d"
        }
      }
    } ]
  },
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/045b5a29-b0c9-45c3-b347-ecd5f542049d/namespaces"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/045b5a29-b0c9-45c3-b347-ecd5f542049d"
    }
  }
}

Create a Namespace.

Creates a new Namespace within a specific Frontdoor. The caller must have update permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty Name of the namespace, must follow the rules for domain names
description	string [ 0 .. 255 ] characters Description of the namespace

Responses

Request samples

Payload

Content type

application/json

default

"{\"name\":\"new-namespace.test-frontdoor.netfoundry.io\",\"description\":\"A new namespace\",\"locationId\":null}"

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "b0b00c74-8f0b-4bd3-9264-7227394da351",
  "namespaceToken" : "ns_created_123",
  "name" : "new-namespace.test-frontdoor.netfoundry.io",
  "description" : "A new namespace",
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/b0b00c74-8f0b-4bd3-9264-7227394da351/namespaces/ns_created_123"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/b0b00c74-8f0b-4bd3-9264-7227394da351"
    }
  }
}

Get a single Namespace resource by its token.

Retrieves a single Namespace by its token within a given Frontdoor context. Includes the configuration data. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
token required	string Namespace token of the resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "8b9df64c-a4fb-4dbf-990d-65913bf166e2",
  "namespaceToken" : "ns_token_123",
  "name" : "my-namespace",
  "description" : "My test namespace",
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/8b9df64c-a4fb-4dbf-990d-65913bf166e2/namespaces/ns_token_123"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/8b9df64c-a4fb-4dbf-990d-65913bf166e2"
    }
  }
}

Delete a Namespace.

Deletes a Namespace by its token within a specific Frontdoor. The caller must have update permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
token required	string Namespace token of the resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

default

{
  "frontdoorId" : "26a17aab-8065-4967-af3e-f4d6290379a5",
  "namespaceToken" : "ns_to_delete",
  "name" : "namespace-to-delete",
  "description" : "Namespace to be deleted",
  "_links" : {
    "self" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/26a17aab-8065-4967-af3e-f4d6290379a5/namespaces/ns_to_delete"
    },
    "frontdoor" : {
      "href" : "https://gateway.production.netfoundry.io/frontdoor/v2/26a17aab-8065-4967-af3e-f4d6290379a5"
    }
  }
}

Retrieves the dns validation records for a single Namespace resource by it's token.

Retrieves the DNS records for a specified namespace within a given frontdoor context. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

token required	string Namespace token of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

*/*

No sample

Executions

Operations related to Frontdoor executions. Executions are created any time a resource is created or updated.

Cancel a running execution

Cancels a RUNNING execution. If an execution is in any other status than RUNNING it will silently do nothing. The caller must have update permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Example: a8b8c8d8-e8f8-g8h8-i8j8-k8l8m8n8o8p8 ID of the frontdoor
id required	string Example: b9cls2bka9p9q9 ID of the execution to cancel

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"id\" : \"i382vnxpnv65xg9n819u3\",\n  \"frontdoorId\" : \"e1bc37d0-0181-4c7c-9c9d-363ab99ce321\",\n  \"processId\" : \"9d3de622-2155-41d8-94a0-7a32a593393a\",\n  \"name\" : \"CreateCustomFrontendProcess\",\n  \"description\" : \"Fake Process\",\n  \"resourceType\" : \"component\",\n  \"resourceId\" : \"aCiK6zscbWxhsBHN8o5Mx\",\n  \"startedAt\" : \"2026-03-06T01:59:44.920232Z\",\n  \"finishedAt\" : \"2026-03-06T01:59:44.966034Z\",\n  \"traceId\" : \"trace1\",\n  \"status\" : \"CANCELED\",\n  \"initiatingIdentityId\" : \"654ab31a-1320-4031-82dd-435316a3f7fd\",\n  \"createdAt\" : \"2026-03-06T01:59:44.920298Z\",\n  \"updatedAt\" : \"2026-03-06T01:59:44.965334Z\",\n  \"actions\" : [ ],\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e1bc37d0-0181-4c7c-9c9d-363ab99ce321/executions/i382vnxpnv65xg9n819u3\"\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e1bc37d0-0181-4c7c-9c9d-363ab99ce321\"\n    }\n  }\n}"

Cancel a running execution

Cancels a RUNNING execution. If an execution is in any other status than RUNNING it will silently do nothing. The caller must have update permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Example: a8b8c8d8-e8f8-g8h8-i8j8-k8l8m8n8o8p8 ID of the frontdoor
id required	string Example: b9cls2bka9p9q9 ID of the execution to cancel

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"id\" : \"i382vnxpnv65xg9n819u3\",\n  \"frontdoorId\" : \"e1bc37d0-0181-4c7c-9c9d-363ab99ce321\",\n  \"processId\" : \"9d3de622-2155-41d8-94a0-7a32a593393a\",\n  \"name\" : \"CreateCustomFrontendProcess\",\n  \"description\" : \"Fake Process\",\n  \"resourceType\" : \"component\",\n  \"resourceId\" : \"aCiK6zscbWxhsBHN8o5Mx\",\n  \"startedAt\" : \"2026-03-06T01:59:44.920232Z\",\n  \"finishedAt\" : \"2026-03-06T01:59:44.966034Z\",\n  \"traceId\" : \"trace1\",\n  \"status\" : \"CANCELED\",\n  \"initiatingIdentityId\" : \"654ab31a-1320-4031-82dd-435316a3f7fd\",\n  \"createdAt\" : \"2026-03-06T01:59:44.920298Z\",\n  \"updatedAt\" : \"2026-03-06T01:59:44.965334Z\",\n  \"actions\" : [ ],\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e1bc37d0-0181-4c7c-9c9d-363ab99ce321/executions/i382vnxpnv65xg9n819u3\"\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e1bc37d0-0181-4c7c-9c9d-363ab99ce321\"\n    }\n  }\n}"

List executions for a frontdoor

List all Execution instances which match the search criteria as specified via query parameters. Instances that the API client does not have authorization to read will be removed from the results.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Example: a8b8c8d8-e8f8-g8h8-i8j8-k8l8m8n8o8p8

ID of the frontdoor

query Parameters

page	any The page number.
size	any The number of resources returned per page.
sort	any The property to sort by, 'asc' and 'desc' can be appended after a comma

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"_embedded\" : {\n    \"executionList\" : [ {\n      \"id\" : \"lmgfg1a9062x4by9znjp3\",\n      \"frontdoorId\" : \"a2a0aa4e-3989-4079-a42d-df1edb9cce95\",\n      \"processId\" : \"602c365c-050c-4ab3-af1d-d0d6746843be\",\n      \"name\" : \"ExecutionType1\",\n      \"description\" : \"Test Execution 1\",\n      \"resourceType\" : \"test-component\",\n      \"resourceId\" : \"T6co5g_fhAFTciIrN0HBg\",\n      \"startedAt\" : \"2026-03-06T01:59:17.380750Z\",\n      \"finishedAt\" : \"2026-03-06T01:59:22.380759Z\",\n      \"traceId\" : \"MTF85i96aNiLw3nrxXFvH\",\n      \"status\" : \"SUCCESS\",\n      \"initiatingIdentityId\" : \"b00e78ce-6a37-4083-b0b0-423e30f3e561\",\n      \"createdAt\" : \"2026-03-06T01:59:27.380671Z\",\n      \"updatedAt\" : \"2026-03-06T01:59:27.380671Z\",\n      \"actions\" : [ ],\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/a2a0aa4e-3989-4079-a42d-df1edb9cce95/executions/lmgfg1a9062x4by9znjp3\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/a2a0aa4e-3989-4079-a42d-df1edb9cce95\"\n        }\n      }\n    }, {\n      \"id\" : \"n6axssrorlfqeqelwweoy\",\n      \"frontdoorId\" : \"a2a0aa4e-3989-4079-a42d-df1edb9cce95\",\n      \"processId\" : \"4112a71b-a134-4108-b644-def8317ed0e9\",\n      \"name\" : \"ExecutionType2\",\n      \"description\" : \"Test Execution 2\",\n      \"resourceType\" : \"test-component\",\n      \"resourceId\" : \"wISMGNY2uaPPWWvEWL0uW\",\n      \"startedAt\" : \"2026-03-06T01:59:17.384458Z\",\n      \"finishedAt\" : \"2026-03-06T01:59:22.384462Z\",\n      \"traceId\" : \"d6vvfzjVudoEMtRsHbxlD\",\n      \"status\" : \"FAILED\",\n      \"initiatingIdentityId\" : \"2c981ad2-8608-4d29-87ef-73215e6691ed\",\n      \"createdAt\" : \"2026-03-06T01:59:27.383985Z\",\n      \"updatedAt\" : \"2026-03-06T01:59:27.383985Z\",\n      \"actions\" : [ ],\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/a2a0aa4e-3989-4079-a42d-df1edb9cce95/executions/n6axssrorlfqeqelwweoy\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/a2a0aa4e-3989-4079-a42d-df1edb9cce95\"\n        }\n      }\n    }, {\n      \"id\" : \"wv67odq5lruv7blvqwxhq\",\n      \"frontdoorId\" : \"a2a0aa4e-3989-4079-a42d-df1edb9cce95\",\n      \"processId\" : \"85586e82-8ccd-4903-a434-375e2c215fa6\",\n      \"name\" : \"ExecutionType3\",\n      \"description\" : \"Test Execution 3\",\n      \"resourceType\" : \"test-component\",\n      \"resourceId\" : \"lKhvKus6b7iBp3cO1Op2O\",\n      \"startedAt\" : \"2026-03-06T01:59:17.388336Z\",\n      \"finishedAt\" : \"2026-03-06T01:59:22.388339Z\",\n      \"traceId\" : \"A2_lIDNUBk9M4BgT-_Xjh\",\n      \"status\" : \"CANCELED\",\n      \"initiatingIdentityId\" : \"713e6435-d78d-492c-9a59-f43d90045b56\",\n      \"createdAt\" : \"2026-03-06T01:59:27.387826Z\",\n      \"updatedAt\" : \"2026-03-06T01:59:27.387826Z\",\n      \"actions\" : [ ],\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/a2a0aa4e-3989-4079-a42d-df1edb9cce95/executions/wv67odq5lruv7blvqwxhq\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/a2a0aa4e-3989-4079-a42d-df1edb9cce95\"\n        }\n      }\n    } ]\n  },\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/a2a0aa4e-3989-4079-a42d-df1edb9cce95/executions\"\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/a2a0aa4e-3989-4079-a42d-df1edb9cce95\"\n    }\n  },\n  \"page\" : {\n    \"size\" : 20,\n    \"totalElements\" : 3,\n    \"totalPages\" : 1,\n    \"number\" : 0\n  }\n}"

Get a specific execution

Get the details of a specific Execution. If the Execution was asynchronous the data will contain a processId. The process data can be embedded by adding meta=processData as a request parameter. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Example: a8b8c8d8-e8f8-g8h8-i8j8-k8l8m8n8o8p8 ID of the frontdoor
id required	string Example: b9cls2bka9p9q9 ID of the execution

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"id\" : \"g71ux93ulp0qh3rnkcptn\",\n  \"frontdoorId\" : \"9967400e-2dff-4718-9f84-5872dc97bd18\",\n  \"processId\" : \"7fde4c30-8578-4aca-9bde-3f764d24c459\",\n  \"name\" : \"DeleteCustomFrontendProcess\",\n  \"description\" : \"Fake Process\",\n  \"resourceType\" : \"CustomFrontend\",\n  \"resourceId\" : null,\n  \"startedAt\" : \"2026-03-06T01:59:44.772317Z\",\n  \"finishedAt\" : \"2026-03-06T01:59:44.772317Z\",\n  \"traceId\" : \"trace3\",\n  \"status\" : \"FAILED\",\n  \"initiatingIdentityId\" : \"3b40c9fa-e222-457b-ba60-78f936a4d562\",\n  \"createdAt\" : \"2026-03-06T01:59:44.771768Z\",\n  \"updatedAt\" : \"2026-03-06T01:59:44.771768Z\",\n  \"actions\" : [ ],\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/9967400e-2dff-4718-9f84-5872dc97bd18/executions/g71ux93ulp0qh3rnkcptn\"\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/9967400e-2dff-4718-9f84-5872dc97bd18\"\n    }\n  }\n}"

Location

Management of Location resources. Locations are associated with a Frontdoor.

Retrieves a single Location resource by ID.

Retrieves a single Location by its ID. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

400
401
403
500

Content type

*/*

No sample

Put Location

Performs a full update on an existing Location resource. All fields must be provided in the request body. The caller must have update permissions on the parent Frontdoor resource. The response includes the updated Location resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty Name of the location
description	string Description of the location

Responses

Request samples

Payload

Content type

application/json

No sample

Response samples

400
401
403
500

Content type

*/*

No sample

Delete Location

Deletes a Location by its ID. This is a soft delete operation. The caller must have update permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Responses

Response samples

400
401
403
500

Content type

*/*

No sample

Patch Location

Partially updates an existing Location resource. Only properties to be updated need to be provided in the request body. The caller must have update permissions on the parent Frontdoor resource. The response includes the updated Location resource.

Authorizations:

bearerAuth

path Parameters

id required	string Id of the resource.
frontdoorId required	string <uuid> Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty Name of the location
description	string Description of the location

Responses

Request samples

Payload

Content type

application/json

No sample

Response samples

400
401
403
500

Content type

*/*

No sample

List Locations

Retrieves a paginated list of Location resources in a specific Frontdoor. The results can be filtered by providing query parameters that correspond to the properties of a Location. Sorting and pagination are also supported. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

query Parameters

id	string Id to filter by.
name	any Name to filter by.
deletedAt	string <date-time> If deleted, filter by a range of timestamps.
deletedBy	string <uuid> If deleted, filter by the user.
createdAt	string <date-time> Filter by a range of timestamps.
createdBy	string <uuid> Filter by the user that created the resource.
updatedAt	string <date-time> Filter by a range of timestamps.
page	any The page number.
size	any The number of resources returned per page.
sort	any The property to sort by, 'asc' and 'desc' can be appended after a comma

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

No sample

Create Location

Creates a new Location for a Frontdoor. The caller must have update permissions on the parent Frontdoor resource. The response includes the created Location resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

Request Body schema: application/json
required

name required	string non-empty Name of the location
description	string Description of the location

Responses

Request samples

Payload

Content type

application/json

No sample

Response samples

400
401
403
500

Content type

*/*

No sample

Auth Provider Type

Auth Providers are used when creating an Auth Provider. They are an informational resource only.

List Auth Provider Types

Retrieves a list of Auth Provider Types available to be configured. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId

required

string <uuid>

Id of the Frontdoor resource.

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"_embedded\" : {\n    \"authProviderTypeList\" : [ {\n      \"type\" : \"GITHUB\",\n      \"description\" : \"GitHub OAuth\",\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31/auth-provider-types/GITHUB\"\n        },\n        \"schema\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31/auth-provider-types/GITHUB/schema\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31\"\n        }\n      }\n    }, {\n      \"type\" : \"GOOGLE\",\n      \"description\" : \"Google OAuth\",\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31/auth-provider-types/GOOGLE\"\n        },\n        \"schema\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31/auth-provider-types/GOOGLE/schema\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31\"\n        }\n      }\n    }, {\n      \"type\" : \"OIDC\",\n      \"description\" : \"Standard OIDC\",\n      \"_links\" : {\n        \"self\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31/auth-provider-types/OIDC\"\n        },\n        \"schema\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31/auth-provider-types/OIDC/schema\"\n        },\n        \"frontdoor\" : {\n          \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31\"\n        }\n      }\n    } ]\n  },\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31/auth-provider-types\"\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31\"\n    }\n  }\n}"

Get a single Auth Provider Type

Retrieves a single Auth Provider Types by it's name. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
name required	string The name of the Auth Provider Type.

Responses

Response samples

200
400
401
403
500

Content type

application/hal+json

default

"{\n  \"type\" : \"OIDC\",\n  \"description\" : \"Standard OIDC\",\n  \"_links\" : {\n    \"self\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31/auth-provider-types/OIDC\"\n    },\n    \"schema\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31/auth-provider-types/OIDC/schema\"\n    },\n    \"frontdoor\" : {\n      \"href\" : \"https://gateway.production.netfoundry.io/frontdoor/v2/e6a1ba4c-8e24-4cc5-84c2-3033e8064b31\"\n    }\n  }\n}"

Get the JSON schema of a Auth Provider Type

Retrieves the JSON schema for a specific Auth Provider Type in order to validate the input when creating an Auth Provider. The caller must have read permissions on the parent Frontdoor resource.

Authorizations:

bearerAuth

path Parameters

frontdoorId required	string <uuid> Id of the Frontdoor resource.
name required	string The name of the Auth Provider Type.

Responses

Response samples

200
400
401
403
500

Content type

application/json

default

"{\n  \"$schema\" : \"http://json-schema.org/draft-07/schema#\",\n  \"type\" : \"object\",\n  \"properties\" : {\n    \"client_id\" : {\n      \"type\" : \"string\"\n    },\n    \"client_secret\" : {\n      \"type\" : \"string\"\n    },\n    \"scopes\" : {\n      \"type\" : \"array\",\n      \"items\" : [ {\n        \"type\" : \"string\"\n      } ]\n    },\n    \"discovery_url\" : {\n      \"type\" : \"string\"\n    },\n    \"issuer\" : {\n      \"type\" : \"string\"\n    },\n    \"supports_pkce\" : {\n      \"type\" : \"boolean\"\n    }\n  },\n  \"required\" : [ \"client_id\", \"client_secret\", \"scopes\", \"issuer\", \"supports_pkce\" ]\n}"

name required	string [ 1 .. 63 ] characters ^[a-zA-Z]([a-zA-Z0-9-]*[a-zA-Z0-9])?$
envZId required	string
target required	string non-empty
ingressPort	integer <int32> [ 2100 .. 2199 ]
clientCertificateId required	string non-empty
useIntermediateCertificate	boolean
allowedSubjects	Array of strings unique
allowedCommonNamePrefixes	Array of strings unique
requiredOrganizationalUnit	string

name required	string [ 1 .. 63 ] characters ^[a-zA-Z]([a-zA-Z0-9-]*[a-zA-Z0-9])?$
envZId required	string
target required	string non-empty
ingressPort	integer <int32> [ 2100 .. 2199 ]
clientCertificateId required	string non-empty
useIntermediateCertificate	boolean
allowedSubjects	Array of strings unique
allowedCommonNamePrefixes	Array of strings unique
requiredOrganizationalUnit	string

Zrok Connector (1.0)

Frontdoor

Retrieve a list of Frontdoors

Authorizations:

query Parameters

Responses

Response samples

Create Frontdoor

Authorizations:

Request Body schema: application/jsonrequired

Responses

Request samples

Response samples

Retrieves a single Frontdoor resource by ID.

Authorizations:

path Parameters

Responses

Response samples

Delete Frontdoor

Authorizations:

path Parameters

Responses

Response samples

Get metrics for single Frontdoor resource by ID.

Authorizations:

path Parameters

query Parameters

Responses

Response samples

Retrieves a single Frontdoor resource by Organization ID.

Authorizations:

path Parameters

Responses

Response samples

Share

List Environments

Authorizations:

path Parameters

Responses

Response samples

Get details of a single Environment resource by ID.

Authorizations:

path Parameters

Responses

Response samples

Delete Environment

Authorizations:

path Parameters

Responses

Response samples

Get metrics for single Environment resource by ID.

Authorizations:

path Parameters

query Parameters

Responses

Response samples

Client Certificate

Retrieves a single Client Certificate resource by ID.

Authorizations:

path Parameters

Responses

Response samples

Update Client Certificate

Authorizations:

path Parameters

Request Body schema: application/jsonrequired

Responses

Request samples

Response samples

Delete Client Certificate

Authorizations:

path Parameters

Responses

Response samples

Update Client Certificate

Authorizations:

path Parameters

Request Body schema: application/jsonrequired

Responses

Request samples

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required