{"type":"model","meta":{"id":"/apps/pubhub/media/cloud-security-apis-in-eft/9d37d008417d562ab46d4b67547a68457ce288d2/28c42199-71bc-32ee-998e-c19bc5c8456e","info":{"title":"Cisco Secure Access Private Resources and Resource Groups API","description":"Manage the Private Resources and Resource Groups in the organization.","version":"1.0.0","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"Resource Groups","description":"The Secure Access Private Resource Groups"},{"name":"Private Resources","description":"The Secure Access Private Resources"},{"name":"Secure Access"}],"x-parser-conf":{"overview":{"markdownPath":"secure-access/reference/policies/private-resources-overview.md","uri":"secure-access-api-reference-private-resources-overview"}},"openapi":"3.0.1","servers":[{"url":"https://api.sse.cisco.com/{basePath}","variables":{"basePath":{"default":"policies/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"The client credential flow.","flows":{"clientCredentials":{"tokenUrl":"https://api.sse.cisco.com/auth/v2/token","scopes":{"policies.privateresourcegroups:read":"Read the Private Resource Groups resources","policies.privateresourcegroups:write":"Write the Private Resource Groups resources","policies.privateresources:read":"Read the Private Resources resources","policies.privateresources:write":"Write the Private Resources resources"}}}}}},"spec":{"type":"array","description":"The list of connection properties that describe how end users can access private resources in the organization.\nBrowser-based access requires that all resource addresses use the HTTP or HTTPS protocols.\nBranch access is always enabled for a private resource.","items":{"anyOf":[{"type":"object","description":"The connection to private resources is defined for the Cisco Secure Client.","properties":{"type":{"type":"string","description":"The type of the connection is Cisco Secure Client.","enum":["client"],"example":"client"},"reachableAddresses":{"type":"array","description":"The list of IP address, CIDRs, FQDN, or wildcard FQDN destinations.\nIPv6 is not supported. Only applies to resources you configure for client-based Zero Trust Access.","items":{"type":"string","description":"An IP or CIDR address, FQDN, or wildcard FQDN destination.","example":"172.6.0.0/32"},"example":["172.6.0.0/32"],"$$ref":"#/components/schemas/reachableAddresses"}},"required":["type","reachableAddresses"],"example":{"type":"client","reachableAddresses":["jira.com"]},"$$ref":"#/components/schemas/clientBasedAccess"},{"type":"object","description":"The connection to private resources that is defined for a network.","properties":{"type":{"type":"string","description":"The type of the connection is network.","enum":["network"],"example":"network"}},"required":["type"],"example":{"type":"network"},"$$ref":"#/components/schemas/networkBasedAccess"},{"type":"object","description":"The properties of the browser-based request.","properties":{"type":{"type":"string","description":"The type of the connection is a browser.","enum":["browser"],"example":"browser"},"protocol":{"type":"string","description":"The protocol for the communication between the proxy and the Private Resource.\nOnly applicable for browser-based Zero Trust Network Access.","enum":["HTTPS","HTTP"],"example":"HTTPS","$$ref":"#/components/schemas/protocolProxyToResource"},"sni":{"type":"string","description":"The Server Name Indication (SNI) domain name.\nOnly applicable for browser-based Zero Trust Access and when you select the HTTPS protocol.\nThe SNI must be a valid domain.","example":"","$$ref":"#/components/schemas/sni"},"sslVerificationEnabled":{"type":"boolean","description":"Specify whether to enable upstream SSL verification for the internally hosted URL by the customer.\nApplicable for browser-based Zero Trust Access only and when you select the HTTPS protocol.","default":true,"example":true,"$$ref":"#/components/schemas/sslVerificationEnabled"},"externalFQDNPrefix":{"type":"string","maxLength":50,"description":"The external fully qualified domain name (FQDN) prefix."}},"required":["type","protocol"],"example":{"type":"browser","protocol":"HTTPS"},"$$ref":"#/components/schemas/browserBasedAccessRequest"}]},"example":[{"type":"browser","externalFQDNPrefix":"jira","protocol":"HTTPS","sni":"xyz123.jira.com","sslVerificationEnabled":true},{"type":"client","reachableAddresses":["192.168.0.1","example.com"]},{"type":"network"}],"$$ref":"#/components/schemas/accessTypesRequest","title":"accessTypesRequest"}}