v5.4.1

[5.4.1] - 2025-10-16

Added

• Added close-stale.yml GitHub workflow

v5.4.0

[5.4.0] - 2025-09-04

Changed

• Updated README.md, CONTRIBUTING.md, and SECURITY.md to align with Conjur Enterprise name change to Secrets Manager, Self-Hosted. CNJR-10967
• Switched to using the schemathesis/schemathesis:stable Docker image for running API contract tests.
• Updated the OpenAPI spec to indicate that the client_ip field in PolicyVersion is nullable.
• Clarified in the OpenAPI spec that the ListResources endpoint may return an object (e.g., {"count": 1}).
• Documented 422 and 500 responses for several API endpoints in the OpenAPI spec definition.
• Updated openapi from v3.0.0 to v3.1.0 in spec/openapi.yml.
• Updated openapitools/openapi-generator-cli Docker image in bin/generate_client from v4.3.1 to v7.14.0, as 4.3.1 does not support v3.1.0 openapi spec files.
• Updated python Docker image in bin/lint_specs form v3.8 to v3.13 as 3.8 reached EOL.
• Updated the Docker image of swaggerapi/swagger-editor to v5 as previous versions does not support v3.1.0 openapi spec files.
• Replaced csharp-netcore generator with csharp, as csharp-netcore was removed in OpenAPI Generator v7.0.0 and merged into the unified csharp generator.
• Updated target framework of the csharp generator to netstandard2.1 for compatibility with modern .NET platforms.
• Updated Docker image in bin/transform script from python:3.9 to python:3.12, as 3.9 is nearing end-of-life. cyberark/conjur-openapi-spec#230

v5.3.2

[5.3.2] - 2025-03-25

Fixed

• Fix annotations type definition. cyberark/conjur-openapi-spec#229

v5.3.1

Removed

• Removed possible 403 response code from Roles API endpoints. As of Conjur
  v1.19.3, requests to the Roles API return 404 when the caller has insufficient
  privilege - see cyberark/conjur#2755.
  cyberark/conjur-openapi-spec#225

v5.3.0

Added

• Add new route for enabling authenticator with default service
  cyberark/conjur-openapi-spec#215

v5.2.0

Added

• New JWT authenticator endpoints have been added to the spec.
  cyberark/conjur-openapi-spec#193

Fixed

• Request body details for secret creation so all clients can properly set secrets. This changes
  the MIME type of the request body to application/octet-stream in place of text plain,
  allowing for proper binary secrets in clients (format: binary is broken in some clients).
  cyberark/conjur-openapi-spec#187
• Authentication methods not requiring any API authentication (conjurAuth, basicAuth, etc) now
  specify an empty list as the security field ensuring utilities dont assume all authentication
  types are valid.
  cyberark/conjur-openapi-spec#196

Changed

• Consolidate bin/integration_test and bin/test_enterprise into bin/test_integration.
  Renamed bin/api_test to bin/test_api_contract and bin/start to bin/dev to maintain
  repository- and company-wide script convention.
  cyberark/conjur-openapi-spec#166
• Remove Bad Gateway error code from authn-oidc error codes following cyberark/conjur#2360
  cyberark/conjur-openapi-spec#204

v5.1.1

Added

• DAP endpoints and scripts to run tests against a DAP instance.
  cyberark/conjur-openapi-spec#144
• Basic Java client integration tests and configuration.
  cyberark/conjur-openapi-spec#181
• New return code (406) in batch secrets request for when a binary secret is requested
  without specifying a valid Accept-Encoding header.
  cyberark/conjur-openapi-spec#186

v5.1.0

This is the first release of the Conjur OpenAPI Specification, compatible with Conjur Open Source
v1.11.5! For more information about how to use this release, please see the documentation.

Added

• Example use case of spec-generated Ruby client.
  cyberark/conjur-openapi-spec#12
• The /whoami endpoint is now included in the spec. Allows for requesting info about the current client.
  cyberark/conjur-openapi-spec#56
• Authenticator status endpoint is now included in the spec file. Allows checking if certain authenticators are working.
  cyberark/conjur-openapi-spec#59
• /resources endpoint now included in the OpenAPI specification.
  cybeark/conjur-openapi-spec#62
• The authenticators index endpoint is now included in the spec file. Allows users to check which authenticators are installed and enabled.
  cyberark/conjur-openapi-spec#58
• Secrets endpoint will now except expirations as an extra kwarg. Allows for resetting the expiration date of a secret.
  cybeark/conjur-openapi-spec#64
• Secrets endpoint integration tests are now fully enumerated
  cyberark/conjur-openapi-spec#102
• Adding and deleting role members now supported in Roles spec file.
  cyberark/conjur-openapi-spec#65
• memberships query parameter supported on Roles endpoint.
  cybeark/conjur-openapi-spec#67
• all query parameter supported on Roles endpoint.
  cybeark/conjur-openapi-spec#68
• The roles graph query parameter is now included in the spec file. Allows for viewing a role as a graph/tree.
  cyberark/conjur-openapi-spec#69
• Generic authenticator endpoint that covers most Conjur platform authenticators.
  cyberark/conjur-openapi-spec#74
  cyberark/conjur-openapi-spec#70
  cyberark/conjur-openapi-spec#75
• Endpoint to configure enabled Conjur authenticators via the API.
  cyberark/conjur-openapi-spec#66
• /ca/ endpoint now included in the OpenAPI specification.
  cyberark/conjur-openapi-spec#63
• OIDC authenticate endpoint now included in the OpenAPI specification. Users can now authenticate with Conjur through an OIDC provider using a generated client.
  cyberark/conjur-openapi-spec#60
• Google Cloud Provider authenticate endpoint now included in the spec file. Users can now authenticate with Conjur using GCP.
  cyberark/conjur-openapi-spec#61
• New options to generate_client script for greater control over generated output.
• /authn-k8s/:service_id/inject_client_cert endpoint now included in the OpenAPI specification.
  cyberark/conjur-openapi-spec#3
• Basic C#/.NET client tests and generation templates are now included in the project.
  cyberark/conjur-openapi-spec#94
• Optional Accept-Encoding header parameter now included in secrets batch endpoint.
  cyberark/conjur-openapi-spec#145
• Instructions and scripts for using the API spec with Postman included.
  cyberark/conjur-openapi-spec#92
• New header parameter allowing user to set request IDs for all endpoints.
  cyberark/conjur-openapi-spec#175

Fixed

• Workaround for request body issue on revokeHostToken operation is now removed and tests have been updated.
  cyberark/conjur-openapi-spec#52
• Workaround for request body issue on createSecret operation is now removed and tests have been updated.
  cyberark/conjur-openapi-spec#105

Changed

• Operation names have been updated to match better with existing integrations and documentation.
  cyberark/conjur-openapi-spec#36
  cyberark/conjur-openapi-spec#129
• Response schemas are now more fully defined and methods will now return pre-defined objects.
  cyberark/conjur-openapi-spec#43
• Renamed the start_editor script to start_spec_ui and updated it to open the bundled version of the spec.
  cyberark/conjur-openapi-spec#168
• Updated naming and added support for environment variables in generated Ruby client.
  cyberark/conjur-openapi-spec#91