Overview
Every YaaS service potentially deals with personal data. Therefore, the Audit Ingestion service and the Audit Retrieval service enable YaaS services to create appropriate audit logs. These audit logs are easily accessible and unified by the data subjects.
The Audit Ingestion service supports three categories of audit logs:
- security event logs - logged security events, such as attempts to change address information without sufficient permissions
- personal data change logs - logged events of any personal data amendments, such as an email address change
- configuration change logs - logged events of configuration changes, such as assigning a new user to a project
The Audit Ingestion service allows you to create logs in a structured and repeatable manner.
API Reference
/personal-data-changes
Publish logs for personal data changes.
/personal-data-changes
post
Publish a list of changes in personal data as defined in the data protection agreements. The service will make the best effort to publish as much elements in the batch as possible. A partial acceptance of only some elements in the batch can occur, and the response body content must be checked in that case to see which of the elements failed. Note that hybris-user and hybris-user-id headers must not be present in the call.
post /personal-data-changes
Publish a list of changes in personal data as defined in the data protection agreements. The service will make the best effort to publish as much elements in the batch as possible. A partial acceptance of only some elements in the batch can occur, and the response body content must be checked in that case to see which of the elements failed. Note that hybris-user and hybris-user-id headers must not be present in the call.
Headers
- Authorization: required (string)
Used to send a valid OAuth2 access token.
Example:
Bearer access_token
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Collection of personal data changes",
"type": "array",
"items":
{
"title": "A change in personal data.",
"description": "Change of personal data as defined in the data protection agreements. For example: change of billing address of a customer, change of profile picture of a Yaas user.",
"type": "object",
"properties": {
"source": {
"description": "The identifier of the owner of the object containing the personal data being changed.",
"type": "string"
},
"sourceType": {
"description": "The type of the owner of the object being changed (tenant, organization or account). For example: change of billing address of a customer will use 'tenant', change of the contact email for an organization will use 'organization', change of profile picture of a Yaas user will use 'account'.",
"type": "string",
"enum": ["tenant", "organization", "account"]
},
"userId": {
"description": "User that has modified personal data contained in the object (ex.g.: value of hybris-user-id header from Yaas proxy).",
"type": "string"
},
"objectId": {
"description": "The identifier of the object containing the personal data that is being changed. The triplet (serviceName, objectType, objectId) should uniquely identify an object within the client owner (tenant) scope.",
"type": "string"
},
"objectType": {
"description": "The type of the object containing the personal data as defined by the service. The triplet (serviceName, objectType, objectId) should uniquely identify an object within the client owner (tenant) scope.",
"type": "string"
},
"dataSubjectId": {
"description": "The identifier of the individual to which the personal data relates to.",
"type": "string"
},
"dataSubjectType": {
"description": "The provider that manages the individual identified by the dataSubjectId. (Example: yaas-account, caas-customer).",
"type": "string"
},
"attributes": {
"description": "The changed attributes and associated values.",
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {
"description": "Attribute name. For nested values use dots to separate the path.",
"type": "string"
},
"oldValue": {
"description": "The previous value of the attribute if available. Should never contain passwords.",
"type": "string"
},
"value": {
"description": "The new value of the attribute. Should never contain passwords.",
"type": "string"
},
"operation": {
"description": "The operation made to the attribute. One of 'create', 'change' or 'delete'.",
"type": "string",
"enum": ["create", "change", "delete"]
}
},
"required": ["name", "operation"]
}
},
"serviceBasePath": {
"description": "The base path to the service that manages the object containing the personal data to change, including organization, service name and version (Example: '/hybris/email/v1').",
"type": "string"
},
"serviceRegion": {
"description": "The region where the service that manages the object containing the personal data to change is running (Example: 'us').",
"type": "string"
},
"time": {
"description": "Timestamp of the in ISO 8601 format (Example: '2017-05-13T17:30:00.52Z').",
"type": "string",
"format": "date-time"
}
},
"required": ["source", "sourceType", "objectId", "objectType", "dataSubjectId", "dataSubjectType", "attributes", "serviceBasePath", "serviceRegion", "time"]
}
}
Example:
[
{
"source": "myexampleshop",
"sourceType": "tenant",
"userId": "00453A0A-19ED-1ED6-A1DF-054B3B9A5F4F",
"objectId": "c34497a9-bc13-4c7b-b80e-af1dfc2ceb0f",
"objectType": "order",
"dataSubjectId": "00453A0A-19ED-1ED6-A1DF-054B3B9A5F4F",
"dataSubjectType": "yaas-account",
"attributes": [
{
"name": "name",
"value": "James",
"operation": "change"
},
{
"name": "address",
"oldValue": "Other Street 1",
"value": "Some Street 1",
"operation": "change"
}
],
"serviceBasePath": "hybris/account/v1",
"serviceRegion": "us",
"time": "2017-05-13T17:30:00.52Z"
}
]
HTTP status code 201
The batch has been completely accepted
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch correct response",
"description": "Schema for describing an accepted batch response body.",
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
}
},
"required":["acceptedRequests" ]
}
Example:
{
"acceptedRequests": 2
}
HTTP status code 400
Some request is syntactically incorrect, and no other 5xx errors have occurred. If the error occurred only for certain batches, acceptedRequest and errors fields will be properly filled. If the error is for the whole request, a normal yaas error response will be given.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch error",
"description": "Schema for describing errors in a batch.",
"oneOf": [
{
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
},
"errors": {
"type": "array",
"items": {
"title": "An error on one of the request elements.",
"properties": {
"requestIndex": {
"type": "integer",
"description": "the index of the element of the batch which generated this error. It is a zero based index."
},
"status": {
"type": "integer",
"description": "original HTTP error code, should be consistent with the response HTTP code",
"minimum": 100,
"maximum": 599
},
"type": {
"type": "string",
"description": "classification of the error type, lower case with underscore eg validation_failure",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support"
},
"details": {
"type": "array",
"description": "list of problems causing this error",
"items": {
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "errorDetail",
"description": "schema for specific error cause",
"type": "object",
"properties": {
"field": {
"type": "string",
"description": "a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type": {
"type": "string",
"description": "classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error detail message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support for error detail"
}
},
"required": ["type"]
}
}
},
"required": ["requestIndex", "status", "type"]
}
}
},
"required": ["acceptedRequests"]
},
{
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
]
}
Example:
{
"acceptedRequests": 2,
"errors": [
{
"requestIndex": 1,
"status": 400,
"message": "There are validation problems, see details section for more information",
"moreInfo": "https://api.yaas.io/patterns/errortypes.html",
"type": "validation_violation",
"details": [
{
"field": "tenant",
"message": "must be between 1 and 36 characters",
"type": "invalid_value"
}
]
}
]
}
HTTP status code 401
Given request is unauthorized. Bad or expired token. Reauthenticate the user. Any details will be provided within the response payload.
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"error",
"description":"Schema for API specified errors.",
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
Example:
{
"status":401,
"message":"Authorization: Unauthorized. Bearer TOKEN is invalid",
"type":"insufficient_credentials",
"moreInfo":"https://api.yaas.io/patterns/errortypes.html"
}
HTTP status code 403
At least one of the request has not been authorized and no other 400 or 5xx errors have occurred. In this case acceptedRequest field will be present as well as errors field. It can also mean that the request does not contain the hybris.audit_create scope in access token. It can also mean the request does not contain both hybris-client and hybris-client-owner, or contains a hybris-user-id. See message and type for clarification. In these cases a normal yaas response will be given.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch error",
"description": "Schema for describing errors in a batch.",
"oneOf": [
{
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
},
"errors": {
"type": "array",
"items": {
"title": "An error on one of the request elements.",
"properties": {
"requestIndex": {
"type": "integer",
"description": "the index of the element of the batch which generated this error. It is a zero based index."
},
"status": {
"type": "integer",
"description": "original HTTP error code, should be consistent with the response HTTP code",
"minimum": 100,
"maximum": 599
},
"type": {
"type": "string",
"description": "classification of the error type, lower case with underscore eg validation_failure",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support"
},
"details": {
"type": "array",
"description": "list of problems causing this error",
"items": {
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "errorDetail",
"description": "schema for specific error cause",
"type": "object",
"properties": {
"field": {
"type": "string",
"description": "a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type": {
"type": "string",
"description": "classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error detail message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support for error detail"
}
},
"required": ["type"]
}
}
},
"required": ["requestIndex", "status", "type"]
}
}
},
"required": ["acceptedRequests"]
},
{
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
]
}
Example:
{
"status": 403,
"message": "Given request does not have required scopes in access token. It is not authorized to perform this operation.",
"type": "insufficient_permissions"
}
HTTP status code 500
Some server side error occurred in at least one of the batch requests. If the error occurred only for certain batches, acceptedRequest and errors fields will be properly filled. If the error is for the whole request, a normal yaas error response will be given.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch error",
"description": "Schema for describing errors in a batch.",
"oneOf": [
{
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
},
"errors": {
"type": "array",
"items": {
"title": "An error on one of the request elements.",
"properties": {
"requestIndex": {
"type": "integer",
"description": "the index of the element of the batch which generated this error. It is a zero based index."
},
"status": {
"type": "integer",
"description": "original HTTP error code, should be consistent with the response HTTP code",
"minimum": 100,
"maximum": 599
},
"type": {
"type": "string",
"description": "classification of the error type, lower case with underscore eg validation_failure",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support"
},
"details": {
"type": "array",
"description": "list of problems causing this error",
"items": {
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "errorDetail",
"description": "schema for specific error cause",
"type": "object",
"properties": {
"field": {
"type": "string",
"description": "a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type": {
"type": "string",
"description": "classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error detail message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support for error detail"
}
},
"required": ["type"]
}
}
},
"required": ["requestIndex", "status", "type"]
}
}
},
"required": ["acceptedRequests"]
},
{
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
]
}
Example:
{
"acceptedRequests": 3,
"errors": [
{
"requestIndex": 3,
"status": 500,
"message": "Something went wrong while processing the request. Please contact the administrator.",
"moreInfo": "https://pattern.yaas.io/errortypes.html",
"type": "internal_service_error"
}
]
}
/configuration-changes
Publish logs for configuration changes. The service will make the best effort to publish as much elements in the batch as possible. A partial acceptance of only some elements in the batch can occur, and the response body content must be checked in that case to see which of the elements failed. Note that hybris-user and hybris-user-id headers must not be present in the call.
/configuration-changes
post
Publish a list of configuration changes that can have business impact.
post /configuration-changes
Publish a list of configuration changes that can have business impact.
Headers
- Authorization: required (string)
Used to send a valid OAuth2 access token.
Example:
Bearer access_token
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title":"Collection of configuration changes",
"type":"array",
"items":
{
"title": "A change in a configuration value.",
"description": "Configuration changes that can have business impact. Example: changing the shipment provider in an order flow, changing the project memberships.",
"type": "object",
"properties": {
"source": {
"description": "The identifier of the owner of the object being changed.",
"type": "string"
},
"sourceType": {
"description": "The type of the owner of the object being changed (tenant, organization or account). For example: a change in the shipment provider of an order flow belonging to certain project will use 'tenant', change the permission for a member of an organization will use 'organization'.",
"type": "string",
"enum": ["tenant", "organization", "account"]
},
"userId": {
"description": "User that has modified the configuration (value of hybris-user-id header from Yaas proxy).",
"type": "string"
},
"objectId": {
"description": "The identifier of the object that is being changed. The triplet (serviceName, objectType, objectId) should uniquely identify an object within the client owner (tenant) scope. For example, for the change of a permission for a member of an organization, the member id.",
"type": "string"
},
"objectType": {
"description": "The type of the object as defined by the service. The triplet (serviceName, objectType, objectId) should uniquely identify an object within the client owner (tenant) scope. For example, for the change of a permission for a member of an organization: 'member'.",
"type": "string"
},
"attributes": {
"description": "The changed attributes of the object and associated old and newvalues.",
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {
"description": "Attribute name. For nested values use dots to separate the path.",
"type": "string"
},
"oldValue": {
"description": "The previous value of the attribute if available. Should never contain passwords.",
"type": "string"
},
"value": {
"description": "The new value of the attribute. Should never contain passwords.",
"type": "string"
},
"operation": {
"description": "The operation made to the attribute. One of 'create', 'change' or 'delete'.",
"type": "string",
"enum": ["create", "change", "delete"]
}
},
"required": ["name", "operation"]
}
},
"serviceBasePath": {
"description": "The base path to the service that contains the configuration to change, including organization, service name and version (Example: '/hybris/email/v1').",
"type": "string"
},
"serviceRegion": {
"description": "The region where the service that contains the configuration to change is running (Example: 'us').",
"type": "string"
},
"time": {
"description": "Timestamp of the change in ISO 8601 format (Example: '2017-05-13T17:30:00.52Z').",
"type": "string",
"format": "date-time"
}
},
"required": ["source", "sourceType", "objectId", "objectType", "attributes", "serviceBasePath", "serviceRegion", "time"]
}
}
Example:
[
{
"source": "myexampleshop",
"sourceType": "tenant",
"userId": "00453A0A-19ED-1ED6-A1DF-054B3B9A5F4F",
"objectId": "c34497a9-bc13-4c7b-b80e-af1dfc2ceb0f",
"objectType": "order",
"attributes": [
{
"name": "amount",
"oldValue": "120",
"value": "123",
"operation": "change"
},
{
"name": "paid",
"oldValue": "false",
"value": "true",
"operation": "change"
}
],
"serviceBasePath": "hybris/order/v1",
"serviceRegion": "us",
"time": "2017-05-13T17:30:00.52Z"
}
]
HTTP status code 201
The batch has been completely accepted
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch correct response",
"description": "Schema for describing an accepted batch response body.",
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
}
},
"required":["acceptedRequests" ]
}
Example:
{
"acceptedRequests": 2
}
HTTP status code 400
Some request is syntactically incorrect, and no other 5xx errors have occurred. If the error occurred only for certain batches, acceptedRequest and errors fields will be properly filled. If the error is for the whole request, a normal yaas error response will be given.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch error",
"description": "Schema for describing errors in a batch.",
"oneOf": [
{
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
},
"errors": {
"type": "array",
"items": {
"title": "An error on one of the request elements.",
"properties": {
"requestIndex": {
"type": "integer",
"description": "the index of the element of the batch which generated this error. It is a zero based index."
},
"status": {
"type": "integer",
"description": "original HTTP error code, should be consistent with the response HTTP code",
"minimum": 100,
"maximum": 599
},
"type": {
"type": "string",
"description": "classification of the error type, lower case with underscore eg validation_failure",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support"
},
"details": {
"type": "array",
"description": "list of problems causing this error",
"items": {
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "errorDetail",
"description": "schema for specific error cause",
"type": "object",
"properties": {
"field": {
"type": "string",
"description": "a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type": {
"type": "string",
"description": "classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error detail message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support for error detail"
}
},
"required": ["type"]
}
}
},
"required": ["requestIndex", "status", "type"]
}
}
},
"required": ["acceptedRequests"]
},
{
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
]
}
Example:
{
"acceptedRequests": 2,
"errors": [
{
"requestIndex": 1,
"status": 400,
"message": "There are validation problems, see details section for more information",
"moreInfo": "https://api.yaas.io/patterns/errortypes.html",
"type": "validation_violation",
"details": [
{
"field": "tenant",
"message": "must be between 1 and 36 characters",
"type": "invalid_value"
}
]
}
]
}
HTTP status code 401
Given request is unauthorized. Bad or expired token. Reauthenticate the user. Any details will be provided within the response payload.
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"error",
"description":"Schema for API specified errors.",
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
Example:
{
"status":401,
"message":"Authorization: Unauthorized. Bearer TOKEN is invalid",
"type":"insufficient_credentials",
"moreInfo":"https://api.yaas.io/patterns/errortypes.html"
}
HTTP status code 403
At least one of the request has not been authorized and no other 400 or 5xx errors have occurred. In this case acceptedRequest field will be present as well as errors field. It can also mean that the request does not contain the hybris.audit_create scope in access token. It can also mean the request does not contain both hybris-client and hybris-client-owner, or contains a hybris-user-id. See message and type for clarification. In these cases a normal yaas response will be given.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch error",
"description": "Schema for describing errors in a batch.",
"oneOf": [
{
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
},
"errors": {
"type": "array",
"items": {
"title": "An error on one of the request elements.",
"properties": {
"requestIndex": {
"type": "integer",
"description": "the index of the element of the batch which generated this error. It is a zero based index."
},
"status": {
"type": "integer",
"description": "original HTTP error code, should be consistent with the response HTTP code",
"minimum": 100,
"maximum": 599
},
"type": {
"type": "string",
"description": "classification of the error type, lower case with underscore eg validation_failure",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support"
},
"details": {
"type": "array",
"description": "list of problems causing this error",
"items": {
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "errorDetail",
"description": "schema for specific error cause",
"type": "object",
"properties": {
"field": {
"type": "string",
"description": "a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type": {
"type": "string",
"description": "classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error detail message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support for error detail"
}
},
"required": ["type"]
}
}
},
"required": ["requestIndex", "status", "type"]
}
}
},
"required": ["acceptedRequests"]
},
{
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
]
}
Example:
{
"status": 403,
"message": "Given request does not have required scopes in access token. It is not authorized to perform this operation.",
"type": "insufficient_permissions"
}
HTTP status code 500
Some server side error occurred in at least one of the batch requests. If the error occurred only for certain batches, acceptedRequest and errors fields will be properly filled. If the error is for the whole request, a normal yaas error response will be given.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch error",
"description": "Schema for describing errors in a batch.",
"oneOf": [
{
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
},
"errors": {
"type": "array",
"items": {
"title": "An error on one of the request elements.",
"properties": {
"requestIndex": {
"type": "integer",
"description": "the index of the element of the batch which generated this error. It is a zero based index."
},
"status": {
"type": "integer",
"description": "original HTTP error code, should be consistent with the response HTTP code",
"minimum": 100,
"maximum": 599
},
"type": {
"type": "string",
"description": "classification of the error type, lower case with underscore eg validation_failure",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support"
},
"details": {
"type": "array",
"description": "list of problems causing this error",
"items": {
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "errorDetail",
"description": "schema for specific error cause",
"type": "object",
"properties": {
"field": {
"type": "string",
"description": "a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type": {
"type": "string",
"description": "classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error detail message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support for error detail"
}
},
"required": ["type"]
}
}
},
"required": ["requestIndex", "status", "type"]
}
}
},
"required": ["acceptedRequests"]
},
{
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
]
}
Example:
{
"acceptedRequests": 3,
"errors": [
{
"requestIndex": 3,
"status": 500,
"message": "Something went wrong while processing the request. Please contact the administrator.",
"moreInfo": "https://pattern.yaas.io/errortypes.html",
"type": "internal_service_error"
}
]
}
/security-events
Publish logs for security events. The service will make the best effort to publish as much elements in the batch as possible. A partial acceptance of only some elements in the batch can occur, and the response body content must be checked in that case to see which of the elements failed. Note that hybris-user and hybris-user-id headers must not be present in the call.
/security-events
post
Publish a list of security event.
post /security-events
Publish a list of security event.
Headers
- Authorization: required (string)
Used to send a valid OAuth2 access token.
Example:
Bearer access_token
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title":"Collection of security events",
"type":"array",
"items":
{
"title": "A security event.",
"description": "A security relevant event at the tenant, organization or account level. Security relevant events comprise all those events which may impact the confidentiality, the integrity, and / or the availability (CIA) of the system. Examples are: failed logins or failed authorization checks.",
"type": "object",
"properties": {
"source": {
"description": "The identifier of the owner of the object the security event refers to.",
"type": "string"
},
"sourceType": {
"description": "The type of the owner of the system the security event refers to (tenant, organization or account).",
"type": "string",
"enum": ["tenant", "organization"]
},
"userId": {
"description": "User that has created this security event (ex.g.: value of hybris-user-id header from Yaas proxy)",
"type": "string"
},
"clientIp": {
"description": "IP of the original client.",
"type": "string",
"anyOf": [
{ "format": "host-name" },
{ "format": "ipv4" },
{ "format": "ipv6" }
]
},
"data": {
"description": "The event data",
"type": "object",
"properties": {
"message": {
"description": "A message describing the event.",
"type": "string"
}
},
"required" : ["message"]
},
"serviceBasePath": {
"description": "The base path to the service where the security event was created, including organization, service name and version (Example: '/hybris/email/v1').",
"type": "string"
},
"serviceRegion": {
"description": "The region where the service where the security event was created is running (Example: 'us').",
"type": "string"
},
"timestamp": {
"description": "Timestamp of the in ISO 8601 format (Example: '2017-05-13T17:30:00.52Z').",
"type": "string",
"format": "date-time"
}
},
"required": ["source", "sourceType", "clientIp", "data", "serviceBasePath", "serviceRegion", "time"]
}
}
Example:
[
{
"source": "hybris",
"sourceType": "organization",
"userId": "00453A0A-19ED-1ED6-A1DF-054B3B9A5F4F",
"clientIp": "10.32.2.2",
"data": {
"message": "Unauthorized access to database"
},
"serviceBasePath": "hybris/order/v1",
"serviceRegion": "us",
"time": "2017-05-13T17:30:00.52Z"
}
]
HTTP status code 201
The batch has been completely accepted
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch correct response",
"description": "Schema for describing an accepted batch response body.",
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
}
},
"required":["acceptedRequests" ]
}
Example:
{
"acceptedRequests": 2
}
HTTP status code 400
Some request is syntactically incorrect, and no other 5xx errors have occurred. If the error occurred only for certain batches, acceptedRequest and errors fields will be properly filled. If the error is for the whole request, a normal yaas error response will be given.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch error",
"description": "Schema for describing errors in a batch.",
"oneOf": [
{
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
},
"errors": {
"type": "array",
"items": {
"title": "An error on one of the request elements.",
"properties": {
"requestIndex": {
"type": "integer",
"description": "the index of the element of the batch which generated this error. It is a zero based index."
},
"status": {
"type": "integer",
"description": "original HTTP error code, should be consistent with the response HTTP code",
"minimum": 100,
"maximum": 599
},
"type": {
"type": "string",
"description": "classification of the error type, lower case with underscore eg validation_failure",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support"
},
"details": {
"type": "array",
"description": "list of problems causing this error",
"items": {
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "errorDetail",
"description": "schema for specific error cause",
"type": "object",
"properties": {
"field": {
"type": "string",
"description": "a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type": {
"type": "string",
"description": "classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error detail message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support for error detail"
}
},
"required": ["type"]
}
}
},
"required": ["requestIndex", "status", "type"]
}
}
},
"required": ["acceptedRequests"]
},
{
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
]
}
Example:
{
"acceptedRequests": 2,
"errors": [
{
"requestIndex": 1,
"status": 400,
"message": "There are validation problems, see details section for more information",
"moreInfo": "https://api.yaas.io/patterns/errortypes.html",
"type": "validation_violation",
"details": [
{
"field": "tenant",
"message": "must be between 1 and 36 characters",
"type": "invalid_value"
}
]
}
]
}
HTTP status code 401
Given request is unauthorized. Bad or expired token. Reauthenticate the user. Any details will be provided within the response payload.
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"error",
"description":"Schema for API specified errors.",
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
Example:
{
"status":401,
"message":"Authorization: Unauthorized. Bearer TOKEN is invalid",
"type":"insufficient_credentials",
"moreInfo":"https://api.yaas.io/patterns/errortypes.html"
}
HTTP status code 403
At least one of the request has not been authorized and no other 400 or 5xx errors have occurred. In this case acceptedRequest field will be present as well as errors field. It can also mean that the request does not contain the hybris.audit_create scope in access token. It can also mean the request does not contain both hybris-client and hybris-client-owner, or contains a hybris-user-id. See message and type for clarification. In these cases a normal yaas response will be given.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch error",
"description": "Schema for describing errors in a batch.",
"oneOf": [
{
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
},
"errors": {
"type": "array",
"items": {
"title": "An error on one of the request elements.",
"properties": {
"requestIndex": {
"type": "integer",
"description": "the index of the element of the batch which generated this error. It is a zero based index."
},
"status": {
"type": "integer",
"description": "original HTTP error code, should be consistent with the response HTTP code",
"minimum": 100,
"maximum": 599
},
"type": {
"type": "string",
"description": "classification of the error type, lower case with underscore eg validation_failure",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support"
},
"details": {
"type": "array",
"description": "list of problems causing this error",
"items": {
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "errorDetail",
"description": "schema for specific error cause",
"type": "object",
"properties": {
"field": {
"type": "string",
"description": "a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type": {
"type": "string",
"description": "classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error detail message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support for error detail"
}
},
"required": ["type"]
}
}
},
"required": ["requestIndex", "status", "type"]
}
}
},
"required": ["acceptedRequests"]
},
{
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
]
}
Example:
{
"status": 403,
"message": "Given request does not have required scopes in access token. It is not authorized to perform this operation.",
"type": "insufficient_permissions"
}
HTTP status code 500
Some server side error occurred in at least one of the batch requests. If the error occurred only for certain batches, acceptedRequest and errors fields will be properly filled. If the error is for the whole request, a normal yaas error response will be given.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Batch error",
"description": "Schema for describing errors in a batch.",
"oneOf": [
{
"type": "object",
"properties": {
"acceptedRequests": {
"type": "integer",
"description": "the number of requests that were actually accepted."
},
"errors": {
"type": "array",
"items": {
"title": "An error on one of the request elements.",
"properties": {
"requestIndex": {
"type": "integer",
"description": "the index of the element of the batch which generated this error. It is a zero based index."
},
"status": {
"type": "integer",
"description": "original HTTP error code, should be consistent with the response HTTP code",
"minimum": 100,
"maximum": 599
},
"type": {
"type": "string",
"description": "classification of the error type, lower case with underscore eg validation_failure",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support"
},
"details": {
"type": "array",
"description": "list of problems causing this error",
"items": {
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "errorDetail",
"description": "schema for specific error cause",
"type": "object",
"properties": {
"field": {
"type": "string",
"description": "a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type": {
"type": "string",
"description": "classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern": "[a-z]+[a-z_]*[a-z]+"
},
"message": {
"type": "string",
"description": "descriptive error detail message for debugging"
},
"moreInfo": {
"type": "string",
"format": "uri",
"description": "link to documentation to investigate further and finding support for error detail"
}
},
"required": ["type"]
}
}
},
"required": ["requestIndex", "status", "type"]
}
}
},
"required": ["acceptedRequests"]
},
{
"type":"object",
"properties":
{
"status":
{
"type":"integer",
"description":"original HTTP error code, should be consistent with the response HTTP code",
"minimum":100,
"maximum":599
},
"type":
{
"type":"string",
"description":"classification of the error type, lower case with underscore eg validation_failure",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support"
},
"details":
{
"type":"array",
"description":"list of problems causing this error",
"items":
{
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"errorDetail",
"description":"schema for specific error cause",
"type":"object",
"properties":
{
"field":
{
"type":"string",
"description":"a bean notation expression specifying the element in request data causing the error, eg product.variants[3].name, this can be empty if violation was not field specific"
},
"type":
{
"type":"string",
"description":"classification of the error detail type, lower case with underscore eg missing_value, this value must be always interpreted in context of the general error type.",
"pattern":"[a-z]+[a-z_]*[a-z]+"
},
"message":
{
"type":"string",
"description":"descriptive error detail message for debugging"
},
"moreInfo":
{
"type":"string",
"format":"uri",
"description":"link to documentation to investigate further and finding support for error detail"
}
},
"required":["type"]
}
}
},
"required":["status" , "type" ]
}
]
}Example:
{
"acceptedRequests": 3,
"errors": [
{
"requestIndex": 3,
"status": 500,
"message": "Something went wrong while processing the request. Please contact the administrator.",
"moreInfo": "https://pattern.yaas.io/errortypes.html",
"type": "internal_service_error"
}
]
}
Security
As a data owner, you are responsible for logging events related to personal data. Those logs must be accessible to the data subject or data controller, for auditing purposes. The Audit Ingestion service enables YaaS services to easily create appropriate audit logs for all considered event categories.
The Audit Ingestion service cannot handle sensitive personal data.
Tutorials
The Audit Ingestion service allows you to create audit log events in the system. The logging pipeline processes audit log events, adding metadata attributes. The system then pushes the logs into the retrieval flow, where they are stored. For more information regarding log retrieval, see the Audit Retrieval service documentation.
Create log events for personal data changes
To create a log for a personal data change event, perform a POST request on the personal-data-changes endpoint. In the body of the request you must provide:
- source - The identifier of the owner of the object containing the personal data being changed.
- sourceType - The type of a change source. Supported values are
tenant,organization, andaccount. - userId - Optional. Identifies a user that has modified personal data of the dataSubjectId.
- objectId - The identifier of the object containing the personal data being changed.
- objectType - The object type containing the personal data, as defined by the service.
- dataSubjectId - Identifies a personal data owner.
- dataSubjectType - The type of a data subject.
- attributes - All attributes changed by the data change event.
- name - The name of an attribute for which the value changed. For nested values, use dots to separate the path.
- oldValue - The previous value of the attribute. Required in case of data change or creation. Must not contain passwords.
- value - The new value of the attribute. Required in case of data change or creation. Must not contain passwords.
- operation - The operation performed on the attribute. Supported values are
create,change, anddelete.
- serviceBasePath - The base path to the service that contains the personal data to change. Include the organization, service name, and version in the base path. For example:
/hybris/account/v1. - serviceRegion - The region where the service undergoing the personal data change runs. For example:
us. - time - The timestamp value. Time of an occurence of the event.
Make sure the tuple of serviceRegion, serviceBasePath, objectType, and objectId uniquely identifies an object within the client owner (tenant) scope.
Your log should contain a list of changes in personal data as defined in the data protection agreements.
You can only make the request with a token granted through the Client Credentials Grant. For audit logs with the values
organization or account for the sourceType field, a token must be granted for the personalData tenant, which must be subscribed to your service.Example
[
{
"source": "myexampleshop",
"sourceType": "tenant",
"userId": "00453A0A-19ED-1ED6-A1DF-054B3B9A5F4F",
"objectId": "c34497a9-bc13-4c7b-b80e-af1dfc2ceb0f",
"objectType": "order",
"dataSubjectId": "00453A0A-19ED-1ED6-A1DF-054B3B9A5F4F",
"dataSubjectType": "yaas-account",
"attributes": [
{
"name": "name",
"value": "James",
"operation": "change"
},
{
"name": "address",
"oldValue": "Other Street 1",
"value": "Some Street 1",
"operation": "change"
}
],
"serviceBasePath": "hybris/account/v1",
"serviceRegion": "us",
"time": "2017-05-13T17:30:00.52Z"
}
]
Create log events for configuration changes
To create a log in the event of a configuration change, perform a POST request on the configuration-changes endpoint. In the body of the request you must provide:
- source - The identifier of the owner of the object being changed.
- sourceType - The owner type of the changed object. Supported values are
tenant,organization, andaccount. Example: A change in the shipment provider of an order flow belonging to a project usestenant, a change of permissions for a member of an organization usesorganization. - userId - Optional. Identifies a user that has modified the configuration, the hybris-user-id header.
- objectId - Identifies the object being changed.
- objectType - The type of object as defined by the service.
- attributes - The list of all attributes changed by the data change event, and the associated old and new values.
- name - The name of the changed attribute. For nested values, use dots to separate the path.
- value - The new value of the attribute. Should never contain passwords.
- oldValue - The previous value of the attribute. Should never contain passwords.
- operation - The operation performed on the attribute. Supported values are
create,change, anddelete.
- serviceBasePath - The base path to the service the configuration change concerns. Include the organization, service name, and version in the base path. For example:
/hybris/order/v1. - serviceRegion - The region where the service undergoing the configuration change runs. For example:
us. - time - The timestamp value in ISO 8601 format. Example:
2017-05-13T17:30:00.52Z. Time of an occurence of the event.
Make sure the tuple of serviceRegion, serviceBasePath, objectType, and objectId uniquely identifies an object within the client owner (tenant) scope.
You can only make the request with a token granted through the Client Credentials Grant. For audit logs with the values
organization or account for the sourceType field, a token must be granted for the personalData tenant, which must be subscribed to your service.Example
[
{
"source": "myexampleshop",
"sourceType": "tenant",
"userId": "00453A0A-19ED-1ED6-A1DF-054B3B9A5F4F",
"objectId": "c34497a9-bc13-4c7b-b80e-af1dfc2ceb0f",
"objectType": "order",
"attributes": [
{
"name": "amount",
"oldValue": "120",
"value": "123",
"operation": "change"
},
{
"name": "paid",
"oldValue": "false",
"value": "true",
"operation": "change"
}
],
"serviceBasePath": "hybris/order/v1",
"serviceRegion": "us",
"time": "2017-05-13T17:30:00.52Z"
}
]
Create log events for security-related events
Security-relevant events comprise all those events which may impact the confidentiality, the integrity, or the availability of the system. For example, failed logins or failed authorization checks. Log security events at the tenant, organization, and account level. To create a log for a security event, perform a POST request on the security-events endpoint.
In the body of the request you must provide:
- source - Identifies the owner of the object the security event refers to.
- sourceType - The owner type of the system the security event refers to. Supported values are
tenant,organization, andaccount. - userId - Optional. The user that created the security event. For example, the value of the
hybris-user-idheader. - clientIp - The IP address of the original client trying to access or amend personal data.
- data - The event data.
- message - The string value describing the security event. The minimal required value is an empty string:
"".
- message - The string value describing the security event. The minimal required value is an empty string:
- serviceBasePath - The base path to the service for which you create the security event. Include the organization, service name, and version in the base path. For example:
/hybris/order/v1. - serviceRegion - The region where the service for which you create the security event runs. For example:
us. - time - The timestamp value in ISO 8601 format. Example:
2017-05-13T17:30:00.52Z. Time of an occurence of the event.
You can only make the request with a token granted through the Client Credentials Grant. For audit logs with the values
organization or account for the sourceType field, a token must be granted for the personalData tenant, which must be subscribed to your service.Example
[
{
"source": "hybris",
"sourceType": "organization",
"userId": "00453A0A-19ED-1ED6-A1DF-054B3B9A5F4F",
"clientIp": "10.32.2.2",
"data": {
"message": "Unauthorized access to database"
},
"serviceBasePath": "hybris/order/v1",
"serviceRegion": "us",
"time": "2017-05-13T17:30:00.52Z"
}
]
Security
As a data owner, you are responsible for logging events related to personal data. Those logs must be accessible to the data subject or data controller, for auditing purposes. The Audit Ingestion service enables YaaS services to easily create appropriate audit logs for all considered event categories.
The Audit Ingestion service cannot handle sensitive personal data.
If you find any information that is unclear or incorrect, please let us know so that we can improve the Dev Portal content.
Use our private help channel. Receive updates over email and contact our specialists directly.
If you need more information about this topic, visit hybris Experts to post your own question and interact with our community and experts.