FINOS · Capability

Agent API

This document refers to Symphony API calls to send and receive messages and content. They need the on-premise Agent installed to perform decryption/encryption of content. - sessionToken and keyManagerToken can be obtained by calling the authenticationAPI on the symphony back end and the key manager respectively. Refer to the methods described in authenticatorAPI.yaml. - Actions are defined to be atomic, ie will succeed in their entirety or fail and have changed nothing. - If it returns a 40X status then it will have sent no message to any stream even if a request to some subset of the requeste

Run with Naftiko FinosAPI

What You Can Do

GET
V3health — Checks health status
/v3/health
GET
V3extendedhealth — Checks health status of services and users
/v3/health/extended
POST
Post v4 message import — Import messages from other systems into Symphony.
/v4/message/import
POST
Post v4 message blast — Post a message to multiple existing streams.
/v4/message/blast
GET
Get v1 message id — Get a message by ID
/v1/message/{id}
GET
Get v1 message search — Search messages
/v1/message/search
POST
Post v1 message search — Search messages
/v1/message/search
GET
Get v1 stream sid attachment — Download an attachment.
/v1/stream/{sid}/attachment
GET
Get v4 stream sid message — Get messages from an existing stream.
/v4/stream/{sid}/message
POST
Post v4 stream sid message create — Post a message to one existing stream.
/v4/stream/{sid}/message/create
POST
Post v4 stream sid message mid update — Update an existing message.
/v4/stream/{sid}/message/{mid}/update
POST
Post v3 stream sid share — PROVISIONAL - Share a piece of content into Symphony
/v3/stream/{sid}/share
POST
Post v1 util echo — Test endpoint, returns input.
/v1/util/echo
GET
Get v1 signals list — List signals for the requesting user. This includes signals that the user has created and public signals to which they subscribed.
/v1/signals/list
GET
Get v1 signals id get — Get details of the requested signal.
/v1/signals/{id}/get
POST
Post v1 signals create — Create a signal.
/v1/signals/create
POST
Post v1 signals id update — Update a signal.
/v1/signals/{id}/update
POST
Post v1 signals id delete — Delete a signal.
/v1/signals/{id}/delete
POST
Post v1 signals id subscribe — Subscribe to a Signal.
/v1/signals/{id}/subscribe
POST
Post v1 signals id unsubscribe — Unsubscribe to a Signal.
/v1/signals/{id}/unsubscribe
GET
Get v1 signals id subscribers — Get the subscribers of a signal
/v1/signals/{id}/subscribers
GET
Get v1 info — Get information about the Agent
/v1/info
GET
Get v1 dlp policies — Get all policies
/v1/dlp/policies
POST
Post v1 dlp policies — Creates a policy
/v1/dlp/policies
GET
Get v1 dlp policies policyid — Get a policy
/v1/dlp/policies/{policyId}
PUT
Put v1 dlp policies policyid — Updates a policy. Cannot be used for creation.
/v1/dlp/policies/{policyId}
DELETE
Delete v1 dlp policies policyid — Delete a policy
/v1/dlp/policies/{policyId}
POST
Post v1 dlp policies policyid enable — Enables a policy.
/v1/dlp/policies/{policyId}/enable
POST
Post v1 dlp policies policyid disable — Disables a policy.
/v1/dlp/policies/{policyId}/disable
GET
Get v1 dlp dictionaries — Get all dictionary metadatas
/v1/dlp/dictionaries
POST
Post v1 dlp dictionaries — Create a dictionary
/v1/dlp/dictionaries
GET
Get v1 dlp dictionaries dictid — Get dictionary metadata
/v1/dlp/dictionaries/{dictId}
PUT
Put v1 dlp dictionaries dictid — Updates a dictionary
/v1/dlp/dictionaries/{dictId}
DELETE
Delete v1 dlp dictionaries dictid — Delete a dictionary
/v1/dlp/dictionaries/{dictId}
GET
Get v1 dlp dictionaries dictid data download — Downloads Base 64 encoded dictionary content.
/v1/dlp/dictionaries/{dictId}/data/download
POST
Post v1 dlp dictionaries dictid data upload — Override dictionary content with provided content.
/v1/dlp/dictionaries/{dictId}/data/upload
GET
Get v1 dlp violations message — Get violations as a result of policy enforcement on messages.
/v1/dlp/violations/message
GET
Get v1 dlp violations stream — Get violations as a result of policy enforcement on streams.
/v1/dlp/violations/stream
GET
Get v1 dlp violations signal — Get violations as a result of policy enforcement on signals.
/v1/dlp/violations/signal
GET
Get v3 dlp policies — Get all policies
/v3/dlp/policies
POST
Post v3 dlp policies — Creates a policy
/v3/dlp/policies
GET
Get v3 dlp policies policyid — Get a policy
/v3/dlp/policies/{policyId}
POST
Post v3 dlp policies policyid update — Updates a policy. Cannot be used for creation.
/v3/dlp/policies/{policyId}/update
POST
Post v3 dlp policies policyid delete — Delete a policy
/v3/dlp/policies/{policyId}/delete
POST
Post v3 dlp policies policyid enable — Enables a policy.
/v3/dlp/policies/{policyId}/enable
POST
Post v3 dlp policies policyid disable — Disables a policy.
/v3/dlp/policies/{policyId}/disable
GET
Get v3 dlp violations message — Get violations as a result of policy enforcement on messages.
/v3/dlp/violations/message
GET
Get v3 dlp violations stream — Get violations as a result of policy enforcement on streams.
/v3/dlp/violations/stream
GET
Get v3 dlp violations signal — Get violations as a result of policy enforcement on signals.
/v3/dlp/violations/signal
GET
Get v3 dlp violation attachment — Get attachments that were sent as part of messages that were flagged by the DLP System.
/v3/dlp/violation/attachment
GET
Get v1 audittrail privilegeduser — Get a list of actions performed by a privileged account acting as privileged user given a period of time.
/v1/audittrail/privilegeduser
GET
Listdatafeed — Returns the list of active datafeeds of the user.
/v5/datafeeds
POST
Createdatafeed — Create a new real time feed of messages and events.
/v5/datafeeds
DELETE
Deletedatafeed — Delete the specified real time message / event stream ("datafeed").
/v5/datafeeds/{datafeedId}
POST
Readdatafeed — Read the specified real time message / event stream ("datafeed").
/v5/datafeeds/{datafeedId}/read
POST
Readevents — Creates and Reads a real time feed of messages and events of your pod (Datahose)
/v5/events/read

MCP Tools

v3health

Checks health status

read-only idempotent
v3extendedhealth

Checks health status of services and users

read-only idempotent
post-v4-message-import

Import messages from other systems into Symphony.

post-v4-message-blast

Post a message to multiple existing streams.

get-v1-message-id

Get a message by ID

read-only idempotent
get-v1-message-search

Search messages

read-only idempotent
post-v1-message-search

Search messages

get-v1-stream-sid-attachment

Download an attachment.

read-only idempotent
get-v4-stream-sid-message

Get messages from an existing stream.

read-only idempotent
post-v4-stream-sid-message-create

Post a message to one existing stream.

post-v4-stream-sid-message-mid-update

Update an existing message.

post-v3-stream-sid-share

PROVISIONAL - Share a piece of content into Symphony

post-v1-util-echo

Test endpoint, returns input.

get-v1-signals-list

List signals for the requesting user. This includes signals that the user has created and public signals to which they subscribed.

read-only idempotent
get-v1-signals-id-get

Get details of the requested signal.

read-only idempotent
post-v1-signals-create

Create a signal.

post-v1-signals-id-update

Update a signal.

post-v1-signals-id-delete

Delete a signal.

post-v1-signals-id-subscribe

Subscribe to a Signal.

post-v1-signals-id-unsubscribe

Unsubscribe to a Signal.

get-v1-signals-id-subscribers

Get the subscribers of a signal

read-only idempotent
get-v1-info

Get information about the Agent

read-only idempotent
get-v1-dlp-policies

Get all policies

read-only idempotent
post-v1-dlp-policies

Creates a policy

get-v1-dlp-policies-policyid

Get a policy

read-only idempotent
put-v1-dlp-policies-policyid

Updates a policy. Cannot be used for creation.

idempotent
delete-v1-dlp-policies-policyid

Delete a policy

idempotent
post-v1-dlp-policies-policyid-enable

Enables a policy.

post-v1-dlp-policies-policyid-disable

Disables a policy.

get-v1-dlp-dictionaries

Get all dictionary metadatas

read-only idempotent
post-v1-dlp-dictionaries

Create a dictionary

get-v1-dlp-dictionaries-dictid

Get dictionary metadata

read-only idempotent
put-v1-dlp-dictionaries-dictid

Updates a dictionary

idempotent
delete-v1-dlp-dictionaries-dictid

Delete a dictionary

idempotent
get-v1-dlp-dictionaries-dictid-data-download

Downloads Base 64 encoded dictionary content.

read-only idempotent
post-v1-dlp-dictionaries-dictid-data-upload

Override dictionary content with provided content.

get-v1-dlp-violations-message

Get violations as a result of policy enforcement on messages.

read-only idempotent
get-v1-dlp-violations-stream

Get violations as a result of policy enforcement on streams.

read-only idempotent
get-v1-dlp-violations-signal

Get violations as a result of policy enforcement on signals.

read-only idempotent
get-v3-dlp-policies

Get all policies

read-only idempotent
post-v3-dlp-policies

Creates a policy

get-v3-dlp-policies-policyid

Get a policy

read-only idempotent
post-v3-dlp-policies-policyid-update

Updates a policy. Cannot be used for creation.

post-v3-dlp-policies-policyid-delete

Delete a policy

post-v3-dlp-policies-policyid-enable

Enables a policy.

post-v3-dlp-policies-policyid-disable

Disables a policy.

get-v3-dlp-violations-message

Get violations as a result of policy enforcement on messages.

read-only idempotent
get-v3-dlp-violations-stream

Get violations as a result of policy enforcement on streams.

read-only idempotent
get-v3-dlp-violations-signal

Get violations as a result of policy enforcement on signals.

read-only idempotent
get-v3-dlp-violation-attachment

Get attachments that were sent as part of messages that were flagged by the DLP System.

read-only idempotent
get-v1-audittrail-privilegeduser

Get a list of actions performed by a privileged account acting as privileged user given a period of time.

read-only idempotent
listdatafeed

Returns the list of active datafeeds of the user.

read-only idempotent
createdatafeed

Create a new real time feed of messages and events.

deletedatafeed

Delete the specified real time message / event stream ("datafeed").

idempotent
readdatafeed

Read the specified real time message / event stream ("datafeed").

readevents

Creates and Reads a real time feed of messages and events of your pod (Datahose)

Capability Spec

finos-capability.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Agent API
  description: This document refers to Symphony API calls to send and receive messages and content. They need the on-premise
    Agent installed to perform decryption/encryption of content. - sessionToken and keyManagerToken can be obtained by calling
    the authenticationAPI on the symphony back end and the key manager respectively. Refer to the methods described in authenticatorAPI.yaml.
    - Actions are defined to be atomic, ie will succeed in their entirety or fail and have changed nothing. - If it returns
    a 40X status then it will have sent no message to any stream even if a request to some subset of the requeste
  tags:
  - Finos
  - API
  created: '2026-05-06'
  modified: '2026-05-06'
capability:
  consumes:
  - type: http
    namespace: finos
    baseUri: youragentURL.symphony.com/agent
    description: Agent API HTTP API.
    resources:
    - name: v3-health
      path: /v3/health
      operations:
      - name: v3health
        method: GET
        description: Checks health status
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v3-health-extended
      path: /v3/health/extended
      operations:
      - name: v3extendedhealth
        method: GET
        description: Checks health status of services and users
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v4-message-import
      path: /v4/message/import
      operations:
      - name: post-v4-message-import
        method: POST
        description: Import messages from other systems into Symphony.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v4-message-blast
      path: /v4/message/blast
      operations:
      - name: post-v4-message-blast
        method: POST
        description: Post a message to multiple existing streams.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Authorization token used to make delegated calls.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-message-id
      path: /v1/message/{id}
      operations:
      - name: get-v1-message-id
        method: GET
        description: Get a message by ID
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: id
          in: path
          type: string
          required: true
          description: Message ID as a URL-safe string
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-message-search
      path: /v1/message/search
      operations:
      - name: get-v1-message-search
        method: GET
        description: Search messages
        inputParameters:
        - name: query
          in: query
          type: string
          required: true
          description: The search query. See above for the query syntax.
        - name: skip
          in: query
          type: integer
          description: No. of results to skip.
        - name: limit
          in: query
          type: integer
          description: Max no. of results to return. If no value is provided, 50 is the default.
        - name: scope
          in: query
          type: string
          description: Describes where content should be searched for that query. It can exclusively apply to Symphony content
            or to one Connector.
        - name: sortDir
          in: query
          type: string
          description: 'Messages sort direction : ASC or DESC (default to DESC)'
        - name: tier
          in: query
          type: string
          description: 'Target search tier : hot, warm or all (default to hot)'
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: post-v1-message-search
        method: POST
        description: Search messages
        inputParameters:
        - name: skip
          in: query
          type: integer
          description: No. of results to skip.
        - name: limit
          in: query
          type: integer
          description: Max no. of results to return. If no value is provided, 50 is the default.
        - name: scope
          in: query
          type: string
          description: Describes where content should be searched for that query. It can exclusively apply to Symphony content
            or to one Connector.
        - name: sortDir
          in: query
          type: string
          description: 'Messages sort direction : ASC or DESC (default to DESC)'
        - name: tier
          in: query
          type: string
          description: 'Target search tier : hot, warm or all (default to hot)'
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-stream-sid-attachment
      path: /v1/stream/{sid}/attachment
      operations:
      - name: get-v1-stream-sid-attachment
        method: GET
        description: Download an attachment.
        inputParameters:
        - name: sid
          in: path
          type: string
          required: true
          description: Stream ID
        - name: fileId
          in: query
          type: string
          required: true
          description: The attachment ID (Base64-encoded)
        - name: messageId
          in: query
          type: string
          required: true
          description: The ID of the message containing the attachment
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v4-stream-sid-message
      path: /v4/stream/{sid}/message
      operations:
      - name: get-v4-stream-sid-message
        method: GET
        description: Get messages from an existing stream.
        inputParameters:
        - name: sid
          in: path
          type: string
          required: true
          description: Stream ID
        - name: since
          in: query
          type: integer
          required: true
          description: Timestamp of first required message. This is a long integer value representing milliseconds since Jan
            1 1970
        - name: until
          in: query
          type: integer
          description: Timestamp of last required message. This is a long integer value representing milliseconds since Jan
            1 1970
        - name: skip
          in: query
          type: integer
          description: No. of messages to skip.
        - name: limit
          in: query
          type: integer
          description: Max No. of messages to return. If no value is provided, 50 is the default. The maximum supported value
            is 500.
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v4-stream-sid-message-create
      path: /v4/stream/{sid}/message/create
      operations:
      - name: post-v4-stream-sid-message-create
        method: POST
        description: Post a message to one existing stream.
        inputParameters:
        - name: sid
          in: path
          type: string
          required: true
          description: Stream ID
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Authorization token used to make delegated calls.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v4-stream-sid-message-mid-update
      path: /v4/stream/{sid}/message/{mid}/update
      operations:
      - name: post-v4-stream-sid-message-mid-update
        method: POST
        description: Update an existing message.
        inputParameters:
        - name: sid
          in: path
          type: string
          required: true
          description: Stream ID
        - name: mid
          in: path
          type: string
          required: true
          description: ID of the message to be updated
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Authorization token used to make delegated calls.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v3-stream-sid-share
      path: /v3/stream/{sid}/share
      operations:
      - name: post-v3-stream-sid-share
        method: POST
        description: PROVISIONAL - Share a piece of content into Symphony
        inputParameters:
        - name: sid
          in: path
          type: string
          required: true
          description: Stream ID
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-util-echo
      path: /v1/util/echo
      operations:
      - name: post-v1-util-echo
        method: POST
        description: Test endpoint, returns input.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-signals-list
      path: /v1/signals/list
      operations:
      - name: get-v1-signals-list
        method: GET
        description: List signals for the requesting user. This includes signals that the user has created and public signals
          to which they subscribed.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: skip
          in: query
          type: integer
          description: No. of signals to skip.
        - name: limit
          in: query
          type: integer
          description: Max no. of signals to return. If no value is provided, 50 is the default. The maximum supported value
            is 500.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-signals-id-get
      path: /v1/signals/{id}/get
      operations:
      - name: get-v1-signals-id-get
        method: GET
        description: Get details of the requested signal.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: id
          in: path
          type: string
          required: true
          description: The ID of the signal to display.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-signals-create
      path: /v1/signals/create
      operations:
      - name: post-v1-signals-create
        method: POST
        description: Create a signal.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-signals-id-update
      path: /v1/signals/{id}/update
      operations:
      - name: post-v1-signals-id-update
        method: POST
        description: Update a signal.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: id
          in: path
          type: string
          required: true
          description: The id of the signal.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-signals-id-delete
      path: /v1/signals/{id}/delete
      operations:
      - name: post-v1-signals-id-delete
        method: POST
        description: Delete a signal.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: id
          in: path
          type: string
          required: true
          description: The id of the signal.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-signals-id-subscribe
      path: /v1/signals/{id}/subscribe
      operations:
      - name: post-v1-signals-id-subscribe
        method: POST
        description: Subscribe to a Signal.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: id
          in: path
          type: string
          required: true
          description: The id of the signal.
        - name: pushed
          in: query
          type: boolean
          description: Prevent the user to unsubscribe (only for bulk subscription)
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-signals-id-unsubscribe
      path: /v1/signals/{id}/unsubscribe
      operations:
      - name: post-v1-signals-id-unsubscribe
        method: POST
        description: Unsubscribe to a Signal.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: id
          in: path
          type: string
          required: true
          description: The id of the signal.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-signals-id-subscribers
      path: /v1/signals/{id}/subscribers
      operations:
      - name: get-v1-signals-id-subscribers
        method: GET
        description: Get the subscribers of a signal
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: id
          in: path
          type: string
          required: true
          description: The id of the signal.
        - name: skip
          in: query
          type: integer
          description: No. of results to skip.
        - name: limit
          in: query
          type: integer
          description: Max No. of subscribers to return. If no value is provided, 100 is the default.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-info
      path: /v1/info
      operations:
      - name: get-v1-info
        method: GET
        description: Get information about the Agent
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-dlp-policies
      path: /v1/dlp/policies
      operations:
      - name: get-v1-dlp-policies
        method: GET
        description: Get all policies
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: page
          in: query
          type: integer
          description: Optional parameter to specify which page to return (default is 0)
        - name: limit
          in: query
          type: integer
          description: Optional parameter to specify the number of result to return per page, default is 50. Maximum is 50.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: post-v1-dlp-policies
        method: POST
        description: Creates a policy
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-dlp-policies-policyid
      path: /v1/dlp/policies/{policyId}
      operations:
      - name: get-v1-dlp-policies-policyid
        method: GET
        description: Get a policy
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: policyId
          in: path
          type: string
          required: true
          description: Unique dictionary identifier.
        - name: policyVersion
          in: query
          type: string
          description: Optional parameter, if set to be valid policy version number, will return policy with specified policyVersion.
            Otherwise, return the latest policy.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: put-v1-dlp-policies-policyid
        method: PUT
        description: Updates a policy. Cannot be used for creation.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: policyId
          in: path
          type: string
          required: true
          description: Unique dictionary identifier.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: delete-v1-dlp-policies-policyid
        method: DELETE
        description: Delete a policy
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: policyId
          in: path
          type: string
          required: true
          description: Unique dictionary identifier.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-dlp-policies-policyid-enable
      path: /v1/dlp/policies/{policyId}/enable
      operations:
      - name: post-v1-dlp-policies-policyid-enable
        method: POST
        description: Enables a policy.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: policyId
          in: path
          type: string
          required: true
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-dlp-policies-policyid-disable
      path: /v1/dlp/policies/{policyId}/disable
      operations:
      - name: post-v1-dlp-policies-policyid-disable
        method: POST
        description: Disables a policy.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: policyId
          in: path
          type: string
          required: true
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-dlp-dictionaries
      path: /v1/dlp/dictionaries
      operations:
      - name: get-v1-dlp-dictionaries
        method: GET
        description: Get all dictionary metadatas
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: page
          in: query
          type: integer
          description: Optional parameter to specify which page to return (default is 0)
        - name: limit
          in: query
          type: integer
          description: Optional parameter to specify the number of result to return per page, default is 50. Maximum is 50.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: post-v1-dlp-dictionaries
        method: POST
        description: Create a dictionary
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-dlp-dictionaries-dictid
      path: /v1/dlp/dictionaries/{dictId}
      operations:
      - name: get-v1-dlp-dictionaries-dictid
        method: GET
        description: Get dictionary metadata
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: dictId
          in: path
          type: string
          required: true
          description: Unique dictionary identifier
        - name: dictVersion
          in: query
          type: string
          description: If set to be valid dictionary version number, will return dictionary metadata with specified version.
            Otherwise, return the latest dictionary metadata.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: put-v1-dlp-dictionaries-dictid
        method: PUT
        description: Updates a dictionary
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: dictId
          in: path
          type: string
          required: true
          description: Unique dictionary identifier
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: delete-v1-dlp-dictionaries-dictid
        method: DELETE
        description: Delete a dictionary
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: dictId
          in: path
          type: string
          required: true
          description: Unique dictionary identifier
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-dlp-dictionaries-dictid-data-download
      path: /v1/dlp/dictionaries/{dictId}/data/download
      operations:
      - name: get-v1-dlp-dictionaries-dictid-data-download
        method: GET
        description: Downloads Base 64 encoded dictionary content.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: dictId
          in: path
          type: string
          required: true
          description: Unique dictionary identifier
        - name: dictVersion
          in: query
          type: string
          description: If set to be valid dictionary version number, will return dictionary with specified version. Otherwise,
            return the latest dictionary.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-dlp-dictionaries-dictid-data-upload
      path: /v1/dlp/dictionaries/{dictId}/data/upload
      operations:
      - name: post-v1-dlp-dictionaries-dictid-data-upload
        method: POST
        description: Override dictionary content with provided content.
        inputParameters:
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        - name: dictId
          in: path
          type: string
          required: true
          description: Unique dictionary identifier
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-dlp-violations-message
      path: /v1/dlp/violations/message
      operations:
      - name: get-v1-dlp-violations-message
        method: GET
        description: Get violations as a result of policy enforcement on messages.
        inputParameters:
        - name: startTime
          in: query
          type: integer
          required: true
          description: Timestamp of the first required violation. This is a long integer value representing milliseconds since
            Jan 1 1970
        - name: endTime
          in: query
          type: integer
          description: Timestamp of the last required violation. This is a long integer value representing milliseconds since
            Jan 1 1970 If unspecified, it will default to current tim
        - name: next
          in: query
          type: string
          description: Offset of the next chunk of violations. Value is null for the first request.
        - name: limit
          in: query
          type: integer
          description: Max No. of violations to return. If no value is provided, 50 is the default. The maximum supported
            value is 500.
        - name: sessionToken
          in: header
          type: string
          required: true
          description: Session authentication token.
        - name: keyManagerToken
          in: header
          type: string
          description: Key Manager authentication token.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: v1-dlp-violations-stream
      path: /v1/dlp/violations/stream
      operations:
      - name: get-v1-dlp-violations-stream
        method: GET
        description: Get violations as a result of policy enforcement on streams.
        inputParameters:
        - name: startTime
          in: query
          type: integer
          required: true
          description: Timestamp of the first required violation. This is a long integer value representing milliseconds since
            Jan 1 1970
        - name: endTime
          in: query
          type: integer
          description: Timestamp of the last required violation. This is a long integer value representing milliseconds since
            Jan 1 1970 If unspecified, it will default to current tim
        - name: next
          in: query
          type: string
          description: Offset of the next chunk of violations. Value is null for the first request.
      

# --- truncated at 32 KB (104 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/finos/refs/heads/main/capabilities/finos-capability.yaml