> ## Documentation Index > Fetch the complete documentation index at: https://docs.leen.dev/llms.txt > Use this file to discover all available pages before exploring further. # Create Connection > Create a connection for a given Organization. ## OpenAPI ````yaml post /provisioning/organizations/{organization_id}/connections openapi: 3.1.0 info: title: Leen Security API version: 0.0.1 servers: - url: https://api.leen.dev/v1 description: Production API - url: https://api.eu-c1.leen.dev/v1 description: Production API (EU Region) - url: https://api.ap-se2.leen.dev/v1 description: Production Api (APAC Region) security: [] paths: /provisioning/organizations/{organization_id}/connections: post: tags: - provisioning summary: Create Connection description: Create a connection for a given Organization. operationId: create_connection parameters: - name: organization_id in: path required: true schema: type: string format: uuid title: Organization Id - name: X-CONNECTION-INVITE-TOKEN in: header required: false schema: anyOf: - type: string - type: 'null' title: X-Connection-Invite-Token requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/ConnectionCreateModel' responses: '200': description: Successful Response content: application/json: schema: $ref: '#/components/schemas/ConnectionRespModel' '400': description: Vendor not allowed, validation error content: application/json: schema: $ref: '#/components/schemas/ErrorException' '422': description: Invalid connection credentials content: application/json: schema: $ref: '#/components/schemas/ErrorException' '500': description: Request failed content: application/json: schema: $ref: '#/components/schemas/ErrorException' security: - API-Key: [] components: schemas: ConnectionCreateModel: properties: vendor: allOf: - $ref: '#/components/schemas/ConnectionVendorEnum' description: Connection vendor credentials: anyOf: - $ref: '#/components/schemas/TenableCredentials' - $ref: >- #/components/schemas/leen_common__models__credentials__QualysCredentials - $ref: '#/components/schemas/SnykCredentials' - $ref: '#/components/schemas/CrowdStrikeCredentials' - $ref: '#/components/schemas/SentinelOneCredentials' - $ref: '#/components/schemas/MSDefenderEndpointCredentials' - $ref: '#/components/schemas/InsightVMCredentials' - $ref: '#/components/schemas/SemgrepCredentials' - $ref: '#/components/schemas/MSDefenderVMSCredentials' - $ref: '#/components/schemas/MSDefenderCloudCredentials' - $ref: '#/components/schemas/MSEntraCredentials' - $ref: '#/components/schemas/LaceworkCSPMCredentials' - $ref: '#/components/schemas/AWSInspector2Credentials' - $ref: '#/components/schemas/AWSAccessAnalyzerCredentials' - $ref: '#/components/schemas/AWSSecurityHubCredentials' - $ref: >- #/components/schemas/leen_common__models__credentials__ArnicaCredentials - $ref: '#/components/schemas/OktaIDPCredentials' - $ref: >- #/components/schemas/leen_common__models__credentials__AikidoCredentials - $ref: '#/components/schemas/WizVMSCredentials' - $ref: '#/components/schemas/WizCodeCredentials' - $ref: >- #/components/schemas/leen_common__models__credentials__GitlabCredentials - $ref: >- #/components/schemas/leen_common__models__credentials__TaniumVMSCredentials - $ref: >- #/components/schemas/leen_common__models__credentials__UpwindCredentials - $ref: >- #/components/schemas/leen_common__models__credentials__CheckmarxCredentials - $ref: >- #/components/schemas/leen_common__models__credentials__MendCredentials - $ref: '#/components/schemas/BlackKiteCredentials' - $ref: >- #/components/schemas/leen_framework__integrations__upwind__models__UpwindCredentials - $ref: >- #/components/schemas/leen_framework__integrations__tanium__models__TaniumVMSCredentials - $ref: >- #/components/schemas/leen_framework__integrations__qualys__models__QualysCredentials - $ref: '#/components/schemas/SentinelOneEDRCredentials' - $ref: '#/components/schemas/SentinelOneVMSCredentials' - $ref: '#/components/schemas/CrowdStrikeCredentials' - $ref: '#/components/schemas/CrowdStrikeSpotlightCredentials' - $ref: >- #/components/schemas/leen_framework__integrations__checkmarx__models__CheckmarxCredentials - $ref: >- #/components/schemas/leen_framework__integrations__gitlab__models__GitlabCredentials - $ref: >- #/components/schemas/leen_framework__integrations__mend__models__MendCredentials - $ref: '#/components/schemas/InsightVMCredentials' - $ref: '#/components/schemas/ProcessUnityCredentials' - $ref: '#/components/schemas/SemgrepCredentials' - $ref: '#/components/schemas/WizCodeCredentials' - $ref: '#/components/schemas/WizVMSCredentials' - $ref: >- #/components/schemas/leen_framework__integrations__aikido__models__AikidoCredentials - $ref: '#/components/schemas/TenableCredentials' - $ref: '#/components/schemas/SnykCredentials' - $ref: '#/components/schemas/JiraOAuth2Credentials' - $ref: '#/components/schemas/GitHubCredentials' - $ref: '#/components/schemas/OktaIDPCredentials' - $ref: '#/components/schemas/AwsSecurityHubCredentials' - $ref: '#/components/schemas/AwsInspector2Credentials' - $ref: '#/components/schemas/AwsAccessAnalyzerCredentials' - $ref: '#/components/schemas/LaceworkCSPMCredentials' - $ref: '#/components/schemas/ServiceNowCredentials' - $ref: '#/components/schemas/BitSightCredentials' - $ref: >- #/components/schemas/leen_framework__integrations__arnica__models__ArnicaCredentials - $ref: '#/components/schemas/SecurityScorecardCredentials' - $ref: '#/components/schemas/MSDefenderEndpointCredentials' - $ref: '#/components/schemas/MSEntraCredential' - $ref: '#/components/schemas/MSDefenderVMSCredentials' - $ref: '#/components/schemas/MSDefenderVMSGccHighCredentials' - $ref: '#/components/schemas/MSDefenderCloudCredentials' - $ref: '#/components/schemas/OrcaCredentials' title: Credentials description: Connection credentials identifier: anyOf: - type: string - type: 'null' title: Identifier description: >- An optional identifier for the connection, you can use this to reference the connection in your own system options: anyOf: - oneOf: - $ref: >- #/components/schemas/leen_common__models__connection_options__SnykConnectionOptions - $ref: >- #/components/schemas/leen_common__models__connection_options__MSDefenderEndpointConnectionOptions - $ref: >- #/components/schemas/leen_common__models__connection_options__MSDefenderVMSConnectionOptions - $ref: >- #/components/schemas/leen_framework__integrations__upwind__models__UpwindConnectionOptions - $ref: '#/components/schemas/TaniumVMSOptions' - $ref: >- #/components/schemas/leen_framework__integrations__qualys__models__QualysConnectionOptions - $ref: '#/components/schemas/SentinelOneEDROptions' - $ref: '#/components/schemas/SentinelOneVMSOptions' - $ref: >- #/components/schemas/leen_framework__integrations__crowdstrike__edr__models__CrowdStrikeConnectionOptions - $ref: >- #/components/schemas/leen_framework__integrations__crowdstrike__vms__models__CrowdStrikeSpotlightConnectionOptions - $ref: >- #/components/schemas/leen_framework__integrations__checkmarx__models__CheckmarxConnectionOptions - $ref: '#/components/schemas/GitlabOptions' - $ref: >- #/components/schemas/leen_framework__integrations__mend__models__MendConnectionOptions - $ref: >- #/components/schemas/leen_framework__integrations__rapid7__models__InsightVMConnectionOptions - $ref: '#/components/schemas/ProcessUnityConnectionOptions' - $ref: '#/components/schemas/SemgrepOptions' - $ref: '#/components/schemas/WizCodeOptions' - $ref: '#/components/schemas/WizVMSOptions' - $ref: >- #/components/schemas/leen_framework__integrations__aikido__models__AikidoConnectionOptions - $ref: >- #/components/schemas/leen_framework__integrations__tenable__models__TenableConnectionOptions - $ref: >- #/components/schemas/leen_framework__integrations__snyk__models__SnykConnectionOptions - $ref: '#/components/schemas/BlackKiteConnectionOptions' - $ref: '#/components/schemas/JiraConnectionOptions' - $ref: '#/components/schemas/GitHubConnectionOptions' - $ref: '#/components/schemas/OktaIDPOptions' - $ref: '#/components/schemas/AwsSecurityHubOptions' - $ref: '#/components/schemas/AwsInspector2Options' - $ref: '#/components/schemas/AwsAccessAnalyzerOptions' - $ref: '#/components/schemas/LaceworkCSPMOptions' - $ref: '#/components/schemas/ServiceNowConnectionOptions' - $ref: '#/components/schemas/BitSightConnectionOptions' - $ref: >- #/components/schemas/leen_framework__integrations__arnica__models__ArnicaConnectionOptions - $ref: '#/components/schemas/SecurityScorecardConnectionOptions' - $ref: >- #/components/schemas/leen_framework__integrations__ms_defender__edr__models__MSDefenderEndpointConnectionOptions - $ref: >- #/components/schemas/leen_framework__integrations__ms_defender__idp__models__MSEntraConnectionOptions - $ref: >- #/components/schemas/leen_framework__integrations__ms_defender__vms__models__MSDefenderVMSConnectionOptions - $ref: '#/components/schemas/MSDefenderVMSGccHighConnectionOptions' - $ref: >- #/components/schemas/leen_framework__integrations__ms_defender__cspm__model__MSDefenderCloudConnectionOptions - $ref: '#/components/schemas/OrcaConnectionOptions' - type: 'null' title: Options description: >- Connection options, **ONLY** used for Oauth2 URL overrides for Snyk and MS Defender Endpoint type: object required: - vendor - credentials title: ConnectionCreateModel ConnectionRespModel: properties: id: type: string format: uuid title: Id vendor: type: string title: Vendor is_active: type: boolean title: Is Active refresh_interval_secs: type: integer title: Refresh Interval Secs timeout_secs: type: integer title: Timeout Secs organization_id: type: string format: uuid title: Organization Id oauth2_authorize_url: anyOf: - type: string - type: 'null' title: Oauth2 Authorize Url identifier: anyOf: - type: string - type: 'null' title: Identifier state: $ref: '#/components/schemas/ConnectionStateEnum' created_at: type: string format: date-time title: Created At updated_at: type: string format: date-time title: Updated At health: $ref: '#/components/schemas/ConnectionHealthStatus' type: object required: - id - vendor - is_active - refresh_interval_secs - timeout_secs - organization_id - state - created_at - updated_at - health title: Connection ErrorException: properties: detail: type: string title: Detail description: Error message type: object required: - detail title: ErrorException ConnectionVendorEnum: type: string enum: - SEMGREP - SENTINELONE_VMS - SENTINELONE - AIKIDO - ORCA - AWS_INSPECTOR2 - AWS_ACCESS_ANALYSER - AWS_SECURITYHUB - INSIGHTVM - MS_DEFENDER_VMS - MS_ENTRA - MS_DEFENDER_VMS_GCC_HIGH - MS_DEFENDER_CLOUD - MS_DEFENDER_ENDPOINT - JIRA - QUALYS - GITHUB - ARNICA - SNYK - TANIUM_VMS - GITLAB - MEND - SERVICENOW - UPWIND - TENABLE - CHECKMARX - CROWDSTRIKE_SPOTLIGHT - CROWDSTRIKE - BLACK_KITE - BIT_SIGHT - LACEWORK_CSPM - WIZ_VMS - WIZ_CODE - OKTA_IDP title: ConnectionVendorEnum TenableCredentials: properties: client_key: type: string title: Client Key secret_key: type: string title: Secret Key type: object required: - client_key - secret_key title: TenableCredentials leen_common__models__credentials__QualysCredentials: properties: username: type: string title: Username password: type: string title: Password type: object required: - username - password title: QualysCredentials SnykCredentials: properties: api_token: anyOf: - type: string - type: 'null' title: Api Key base_url: anyOf: - type: string - type: 'null' title: Base Url default: https://app.snyk.io type: object title: SnykCredentials CrowdStrikeCredentials: properties: base_url: type: string title: Base Url client_id: type: string title: Client Id client_secret: type: string title: Client Secret type: object required: - base_url - client_id - client_secret title: CrowdStrikeCredentials SentinelOneCredentials: properties: base_url: type: string title: Base Url api_token: type: string title: Api Token type: object required: - base_url - api_token title: SentinelOneCredentials MSDefenderEndpointCredentials: properties: {} type: object title: MSDefenderEndpointCredentials InsightVMCredentials: properties: base_url: type: string title: Base Url api_key: type: string title: Api Key type: object required: - base_url - api_key title: InsightVMCredentials SemgrepCredentials: properties: web_api_token: type: string title: Web Api Token type: object required: - web_api_token title: SemgrepCredentials MSDefenderVMSCredentials: properties: {} type: object title: MSDefenderVMSCredentials MSDefenderCloudCredentials: properties: {} type: object title: MSDefenderCloudCredentials MSEntraCredentials: anyOf: - $ref: '#/components/schemas/MSEntraOAuthCredentials' - $ref: >- #/components/schemas/leen_common__models__credentials__MSEntraSecretCredentials title: MSEntraCredentials LaceworkCSPMCredentials: properties: account: type: string title: Account sub_account: anyOf: - type: string - type: 'null' title: Sub Account key_id: type: string title: Key Id secret: type: string title: Secret type: object required: - account - key_id - secret title: LaceworkCSPMCredentials AWSInspector2Credentials: properties: aws: oneOf: - $ref: '#/components/schemas/AWSDirectAccessSecrets' - $ref: '#/components/schemas/AWSLeenRoleSecrets' - $ref: '#/components/schemas/AWSRoleChainingSecrets' title: Aws discriminator: propertyName: type mapping: DIRECT_ACCESS: $ref: '#/components/schemas/AWSDirectAccessSecrets' LEEN_ROLE: $ref: '#/components/schemas/AWSLeenRoleSecrets' ROLE_CHAINING: $ref: '#/components/schemas/AWSRoleChainingSecrets' type: object required: - aws title: AWSInspector2Credentials AWSAccessAnalyzerCredentials: properties: aws: oneOf: - $ref: '#/components/schemas/AWSDirectAccessSecrets' - $ref: '#/components/schemas/AWSLeenRoleSecrets' - $ref: '#/components/schemas/AWSRoleChainingSecrets' title: Aws discriminator: propertyName: type mapping: DIRECT_ACCESS: $ref: '#/components/schemas/AWSDirectAccessSecrets' LEEN_ROLE: $ref: '#/components/schemas/AWSLeenRoleSecrets' ROLE_CHAINING: $ref: '#/components/schemas/AWSRoleChainingSecrets' type: object required: - aws title: AWSAccessAnalyzerCredentials AWSSecurityHubCredentials: properties: aws: oneOf: - $ref: '#/components/schemas/AWSDirectAccessSecrets' - $ref: '#/components/schemas/AWSLeenRoleSecrets' - $ref: '#/components/schemas/AWSRoleChainingSecrets' title: Aws discriminator: propertyName: type mapping: DIRECT_ACCESS: $ref: '#/components/schemas/AWSDirectAccessSecrets' LEEN_ROLE: $ref: '#/components/schemas/AWSLeenRoleSecrets' ROLE_CHAINING: $ref: '#/components/schemas/AWSRoleChainingSecrets' type: object required: - aws title: AWSSecurityHubCredentials leen_common__models__credentials__ArnicaCredentials: properties: access_token: type: string title: Access Token type: object required: - access_token title: ArnicaCredentials OktaIDPCredentials: properties: org_url: type: string title: Org Url api_token: type: string title: Api Token type: object required: - org_url - api_token title: OktaIDPCredentials leen_common__models__credentials__AikidoCredentials: properties: client_id: type: string title: Client Id client_secret: type: string title: Client Secret type: object required: - client_id - client_secret title: AikidoCredentials WizVMSCredentials: properties: base_url: type: string title: Base Url client_id: type: string title: Client Id client_secret: type: string title: Client Secret type: object required: - base_url - client_id - client_secret title: WizVMSCredentials WizCodeCredentials: properties: base_url: type: string title: Base Url client_id: type: string title: Client Id client_secret: type: string title: Client Secret type: object required: - base_url - client_id - client_secret title: WizCodeCredentials leen_common__models__credentials__GitlabCredentials: properties: private_access_token: type: string title: Private Access Token allowed_project_ids: anyOf: - type: string - type: 'null' title: Allowed Project Ids type: object required: - private_access_token title: GitlabCredentials description: |- Credentials for GitLab integration. Attributes: private_access_token: GitLab personal access token with API access allowed_project_ids: Optional comma-separated string of GitLab project IDs to scope the connection. leen_common__models__credentials__TaniumVMSCredentials: properties: api_token: type: string title: Api Token base_url: type: string title: Base Url next_rotation: anyOf: - type: string - type: 'null' title: Next Rotation type: object required: - api_token - base_url title: TaniumVMSCredentials description: |- Credentials for Tanium integration. Attributes: api_token: Tanium API key base_url: Tanium API base URL next_rotation: Next rotation date of the API token leen_common__models__credentials__UpwindCredentials: properties: client_id: type: string title: Client Id client_secret: type: string title: Client Secret upwind_organization_id: type: string title: Upwind Organization Id type: object required: - client_id - client_secret - upwind_organization_id title: UpwindCredentials description: |- Credentials for Upwind API access. Uses OAuth 2.0 client credentials grant flow for authentication. leen_common__models__credentials__CheckmarxCredentials: properties: tenant_name: type: string title: Tenant Name base_url: type: string title: Base Url client_id: type: string title: Client Id client_secret: type: string title: Client Secret type: object required: - tenant_name - base_url - client_id - client_secret title: CheckmarxCredentials description: |- Credentials for Checkmarx integration. Attributes: tenant_name: Checkmarx tenant name base_url: Checkmarx base URL client_id: Checkmarx client ID client_secret: Checkmarx client secret leen_common__models__credentials__MendCredentials: properties: org_uuid: type: string title: Org Uuid base_url: type: string title: Base Url user_email: type: string title: User Email user_key: type: string title: User Key type: object required: - org_uuid - base_url - user_email - user_key title: MendCredentials description: |- Credentials for Mend integration. Attributes: org_uuid: Mend organization ID base_url: Mend base URL user_email: Mend service user email user_key: Mend service user key BlackKiteCredentials: properties: client_id: type: string title: Client Id client_secret: type: string title: Client Secret type: object required: - client_id - client_secret title: BlackKiteCredentials leen_framework__integrations__upwind__models__UpwindCredentials: properties: client_id: type: string title: Client Id client_secret: type: string title: Client Secret upwind_organization_id: type: string title: Upwind Organization Id type: object required: - client_id - client_secret - upwind_organization_id title: UpwindCredentials leen_framework__integrations__tanium__models__TaniumVMSCredentials: properties: api_token: type: string title: Api Token base_url: type: string title: Base Url next_rotation: anyOf: - type: string - type: 'null' title: Next Rotation type: object required: - api_token - base_url title: TaniumVMSCredentials leen_framework__integrations__qualys__models__QualysCredentials: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS username: type: string title: Username password: type: string title: Password type: object required: - username - password title: QualysCredentials SentinelOneEDRCredentials: properties: base_url: type: string title: Base Url api_token: type: string title: Api Token type: object required: - base_url - api_token title: SentinelOneEDRCredentials SentinelOneVMSCredentials: properties: base_url: type: string title: Base Url api_token: type: string title: Api Token type: object required: - base_url - api_token title: SentinelOneVMSCredentials CrowdStrikeSpotlightCredentials: properties: base_url: type: string title: Base Url client_id: type: string title: Client Id client_secret: type: string title: Client Secret type: object required: - base_url - client_id - client_secret title: CrowdStrikeSpotlightCredentials leen_framework__integrations__checkmarx__models__CheckmarxCredentials: properties: tenant_name: type: string title: Tenant Name base_url: type: string title: Base Url client_id: type: string title: Client Id client_secret: type: string title: Client Secret type: object required: - tenant_name - base_url - client_id - client_secret title: CheckmarxCredentials leen_framework__integrations__gitlab__models__GitlabCredentials: properties: private_access_token: type: string title: Private Access Token allowed_project_ids: anyOf: - type: string - type: 'null' title: Allowed Project Ids type: object required: - private_access_token title: GitlabCredentials leen_framework__integrations__mend__models__MendCredentials: properties: base_url: anyOf: - type: string - type: 'null' title: Base Url default: https://api-saas.mend.io user_email: anyOf: - type: string - type: 'null' title: User Email user_key: anyOf: - type: string - type: 'null' title: User Key org_uuid: anyOf: - type: string - type: 'null' title: Org Uuid type: object required: - user_email - user_key - org_uuid title: MendCredentials ProcessUnityCredentials: properties: base_url: type: string title: Base Url username: type: string title: Username password: type: string title: Password third_party_import_template_id: type: integer title: Third Party Import Template Id issues_import_template_id: type: integer title: Issues Import Template Id type: object required: - base_url - username - password - third_party_import_template_id - issues_import_template_id title: ProcessUnityCredentials leen_framework__integrations__aikido__models__AikidoCredentials: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS client_id: type: string title: Client Id client_secret: type: string title: Client Secret type: object required: - client_id - client_secret title: AikidoCredentials JiraOAuth2Credentials: properties: cloud_id: anyOf: - type: string - type: 'null' title: Cloud Id access_token: anyOf: - type: string - type: 'null' title: Access Token refresh_token: anyOf: - type: string - type: 'null' title: Refresh Token token_expires_at: anyOf: - type: string format: date-time - type: 'null' title: Token Expires At type: object title: JiraOAuth2Credentials GitHubCredentials: properties: {} type: object title: GitHubCredentials AwsSecurityHubCredentials: properties: aws: oneOf: - $ref: '#/components/schemas/AWSDirectAccessSecrets' - $ref: '#/components/schemas/AWSLeenRoleSecrets' - $ref: '#/components/schemas/AWSRoleChainingSecrets' title: Aws discriminator: propertyName: type mapping: DIRECT_ACCESS: $ref: '#/components/schemas/AWSDirectAccessSecrets' LEEN_ROLE: $ref: '#/components/schemas/AWSLeenRoleSecrets' ROLE_CHAINING: $ref: '#/components/schemas/AWSRoleChainingSecrets' type: object required: - aws title: AwsSecurityHubCredentials AwsInspector2Credentials: properties: aws: oneOf: - $ref: '#/components/schemas/AWSDirectAccessSecrets' - $ref: '#/components/schemas/AWSLeenRoleSecrets' - $ref: '#/components/schemas/AWSRoleChainingSecrets' title: Aws discriminator: propertyName: type mapping: DIRECT_ACCESS: $ref: '#/components/schemas/AWSDirectAccessSecrets' LEEN_ROLE: $ref: '#/components/schemas/AWSLeenRoleSecrets' ROLE_CHAINING: $ref: '#/components/schemas/AWSRoleChainingSecrets' type: object required: - aws title: AwsInspector2Credentials AwsAccessAnalyzerCredentials: properties: aws: oneOf: - $ref: '#/components/schemas/AWSDirectAccessSecrets' - $ref: '#/components/schemas/AWSLeenRoleSecrets' - $ref: '#/components/schemas/AWSRoleChainingSecrets' title: Aws discriminator: propertyName: type mapping: DIRECT_ACCESS: $ref: '#/components/schemas/AWSDirectAccessSecrets' LEEN_ROLE: $ref: '#/components/schemas/AWSLeenRoleSecrets' ROLE_CHAINING: $ref: '#/components/schemas/AWSRoleChainingSecrets' type: object required: - aws title: AwsAccessAnalyzerCredentials ServiceNowCredentials: properties: username: type: string title: Username password: type: string title: Password instance_name: type: string title: Instance Name type: object required: - username - password - instance_name title: ServiceNowCredentials BitSightCredentials: properties: username: type: string title: Username type: object required: - username title: BitSightCredentials leen_framework__integrations__arnica__models__ArnicaCredentials: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS access_token: type: string title: Access Token type: object required: - access_token title: ArnicaCredentials SecurityScorecardCredentials: properties: api_key: type: string title: Api Key type: object required: - api_key title: SecurityScorecardCredentials MSEntraCredential: anyOf: - $ref: '#/components/schemas/MSEntraOAuth2Credentials' - $ref: >- #/components/schemas/leen_framework__integrations__ms_defender__idp__models__MSEntraSecretCredentials title: MSEntraCredential MSDefenderVMSGccHighCredentials: properties: {} type: object title: MSDefenderVMSGccHighCredentials OrcaCredentials: properties: api_token: type: string title: Api Token region: anyOf: - type: string - type: 'null' title: Region default: US type: object required: - api_token title: OrcaCredentials leen_common__models__connection_options__SnykConnectionOptions: properties: oauth2_redirect_urls: anyOf: - $ref: '#/components/schemas/Oauth2RedirectUrls' - type: 'null' description: override Leen's default splash page after authorization additionalProperties: true type: object title: SnykConnectionOptions leen_common__models__connection_options__MSDefenderEndpointConnectionOptions: properties: oauth2_redirect_urls: anyOf: - $ref: '#/components/schemas/Oauth2RedirectUrls' - type: 'null' description: override Leen's default splash page after authorization additionalProperties: true type: object title: MSDefenderEndpointConnectionOptions leen_common__models__connection_options__MSDefenderVMSConnectionOptions: properties: oauth2_redirect_urls: anyOf: - $ref: '#/components/schemas/Oauth2RedirectUrls' - type: 'null' description: override Leen's default splash page after authorization additionalProperties: true type: object title: MSDefenderVMSConnectionOptions leen_framework__integrations__upwind__models__UpwindConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: UpwindConnectionOptions TaniumVMSOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: TaniumVMSOptions leen_framework__integrations__qualys__models__QualysConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings host_params: anyOf: - type: object - type: 'null' title: Host Params description: Custom headers to be sent with host list requests host_detection_params: anyOf: - type: object - type: 'null' title: Host Detection Params description: Custom headers to be sent with detection list requests type: object title: QualysConnectionOptions SentinelOneEDROptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: SentinelOneEDROptions SentinelOneVMSOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: SentinelOneVMSOptions leen_framework__integrations__crowdstrike__edr__models__CrowdStrikeConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: CrowdStrikeConnectionOptions leen_framework__integrations__crowdstrike__vms__models__CrowdStrikeSpotlightConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: CrowdStrikeSpotlightConnectionOptions leen_framework__integrations__checkmarx__models__CheckmarxConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: CheckmarxConnectionOptions GitlabOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: GitlabOptions leen_framework__integrations__mend__models__MendConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: MendConnectionOptions leen_framework__integrations__rapid7__models__InsightVMConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: InsightVMConnectionOptions ProcessUnityConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings connection_id: type: string title: Connection Id type: object required: - connection_id title: ProcessUnityConnectionOptions SemgrepOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: SemgrepOptions WizCodeOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: WizCodeOptions WizVMSOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: WizVMSOptions leen_framework__integrations__aikido__models__AikidoConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: AikidoConnectionOptions leen_framework__integrations__tenable__models__TenableConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: TenableConnectionOptions leen_framework__integrations__snyk__models__SnykConnectionOptions: properties: oauth2_redirect_urls: anyOf: - $ref: '#/components/schemas/OAuth2RedirectUrls' - type: 'null' description: override Leen's default splash page after authorization auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: OAUTH2 refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: SnykConnectionOptions BlackKiteConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings finding_filters: anyOf: - $ref: '#/components/schemas/BlackKiteFilters' - type: 'null' type: object title: BlackKiteConnectionOptions JiraConnectionOptions: properties: oauth2_redirect_urls: anyOf: - $ref: '#/components/schemas/OAuth2RedirectUrls' - type: 'null' description: override Leen's default splash page after authorization auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: OAUTH2 refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings project_keys_filter: anyOf: - items: type: string type: array - type: 'null' title: Project Keys Filter priority_mapping: anyOf: - items: additionalProperties: type: string type: object type: array - type: 'null' title: Priority Mapping description: >- Maps JIRA priority names to standard ITSM priority levels. Ordered list where earlier entries take precedence when multiple JIRA priorities map to the same ITSM priority. If provided at connection creation, auto-mapping will be skipped. Valid values: CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, UNKNOWN. Example: [{'Highest': 'CRITICAL'}, {'High': 'HIGH'}, {'Medium': 'MEDIUM'}] status_mapping: anyOf: - items: additionalProperties: type: string type: object type: array - type: 'null' title: Status Mapping description: >- Maps JIRA status names to standard ITSM status values. Ordered list where earlier entries take precedence when multiple JIRA statuses map to the same ITSM status. If provided at connection creation, auto-mapping will be skipped. Valid values: OPEN, TODO, IN_PROGRESS, IN_REVIEW, BLOCKED, PENDING, RESOLVED, CLOSED, CANCELLED, DELETED, UNKNOWN. Example: [{'To Do': 'TODO'}, {'In Progress': 'IN_PROGRESS'}, {'Done': 'CLOSED'}] initial_sync_days: anyOf: - type: integer exclusiveMinimum: 0 - type: 'null' title: Initial Sync Days description: >- Number of days to look back on the initial sync (when no prior sync exists). Defaults to 365 days when not set. include_resolved_tickets: anyOf: - type: boolean - type: 'null' title: Include Resolved Tickets description: >- When True, resolved tickets are included in the sync. Applies to tickets, attachments, and comments queries. Defaults to False when not set (only unresolved tickets are synced). assignable_user_concurrency: type: integer exclusiveMinimum: 0 title: Assignable User Concurrency description: >- Max concurrent assignable-user API calls when fetching project members. DLT runs transformers in parallel (one per project), so this caps the burst rate against the Jira API. default: 3 site_url: anyOf: - type: string - type: 'null' title: Site Url site_name: anyOf: - type: string - type: 'null' title: Site Name enable_webhooks: anyOf: - type: boolean - type: 'null' title: Enable Webhooks jira_standard_issue_type_names: anyOf: - items: type: string type: array - type: 'null' title: Jira Standard Issue Type Names description: >- Names of standard (non-subtask) JIRA issue types, stored lowercase. Refreshed on every workflow run. Used to filter tickets via standardIssueTypes. type: object title: JiraConnectionOptions GitHubConnectionOptions: properties: oauth2_redirect_urls: anyOf: - $ref: '#/components/schemas/OAuth2RedirectUrls' - type: 'null' description: override Leen's default splash page after authorization auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: OAUTH2 refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: GitHubConnectionOptions OktaIDPOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: OktaIDPOptions AwsSecurityHubOptions: properties: vendor: type: string title: Vendor default: AWS_SECURITYHUB auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: AwsSecurityHubOptions AwsInspector2Options: properties: vendor: type: string title: Vendor default: AWS_INSPECTOR2 auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: AwsInspector2Options AwsAccessAnalyzerOptions: properties: vendor: type: string title: Vendor default: AWS_ACCESS_ANALYSER auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: AwsAccessAnalyzerOptions LaceworkCSPMOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: LaceworkCSPMOptions ServiceNowConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: ServiceNowConnectionOptions BitSightConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings finding_filters: anyOf: - $ref: '#/components/schemas/BitSightFilter' - type: 'null' type: object title: BitSightConnectionOptions leen_framework__integrations__arnica__models__ArnicaConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: ArnicaConnectionOptions SecurityScorecardConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: SecurityScorecardConnectionOptions leen_framework__integrations__ms_defender__edr__models__MSDefenderEndpointConnectionOptions: properties: oauth2_redirect_urls: anyOf: - $ref: '#/components/schemas/OAuth2RedirectUrls' - type: 'null' description: override Leen's default splash page after authorization auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: OAUTH2 refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: MSDefenderEndpointConnectionOptions leen_framework__integrations__ms_defender__idp__models__MSEntraConnectionOptions: properties: oauth2_redirect_urls: anyOf: - $ref: '#/components/schemas/OAuth2RedirectUrls' - type: 'null' description: override Leen's default splash page after authorization auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: OAUTH2 refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings filter_option: anyOf: - $ref: '#/components/schemas/EntraIDFilterOption' - type: 'null' description: Filter option for MSEntra users type: object title: MSEntraConnectionOptions leen_framework__integrations__ms_defender__vms__models__MSDefenderVMSConnectionOptions: properties: oauth2_redirect_urls: anyOf: - $ref: '#/components/schemas/OAuth2RedirectUrls' - type: 'null' description: override Leen's default splash page after authorization auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: OAUTH2 refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: MSDefenderVMSConnectionOptions MSDefenderVMSGccHighConnectionOptions: properties: oauth2_redirect_urls: anyOf: - $ref: '#/components/schemas/OAuth2RedirectUrls' - type: 'null' description: override Leen's default splash page after authorization auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: OAUTH2 refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: MSDefenderVMSGccHighConnectionOptions leen_framework__integrations__ms_defender__cspm__model__MSDefenderCloudConnectionOptions: properties: oauth2_redirect_urls: anyOf: - $ref: '#/components/schemas/OAuth2RedirectUrls' - type: 'null' description: override Leen's default splash page after authorization auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: OAUTH2 refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: MSDefenderCloudConnectionOptions OrcaConnectionOptions: properties: auth_type: allOf: - $ref: '#/components/schemas/ConnectionAuthTypeEnum' default: SECRETS refresh_intervals: additionalProperties: type: integer type: object title: Refresh Intervals description: arbitrary settings type: object title: OrcaConnectionOptions ConnectionStateEnum: type: string enum: - PENDING - ACTIVE - PAUSED - DELETED title: ConnectionStateEnum ConnectionHealthStatus: properties: name: $ref: '#/components/schemas/ConnectionHealthStatusName' status: $ref: '#/components/schemas/ConnectionHealthStatusEnum' description: type: string title: Description resolution_owner: $ref: '#/components/schemas/ResolutionOwner' details: anyOf: - items: $ref: '#/components/schemas/ConnectionHealthUnauthorizedDetail' type: array - type: 'null' title: Details type: object required: - name - status - description - resolution_owner title: ConnectionHealthStatus MSEntraOAuthCredentials: properties: {} type: object title: MSEntraOAuthCredentials leen_common__models__credentials__MSEntraSecretCredentials: properties: tenant_id: type: string title: Tenant Id client_id: type: string title: Client Id client_secret: type: string title: Client Secret type: object required: - tenant_id - client_id - client_secret title: MSEntraSecretCredentials AWSDirectAccessSecrets: properties: aws_access_key_id: type: string title: Aws Access Key Id aws_secret_access_key: type: string title: Aws Secret Access Key aws_region_name: anyOf: - type: string - type: 'null' title: Aws Region Name type: type: string enum: - DIRECT_ACCESS const: DIRECT_ACCESS title: Type default: DIRECT_ACCESS type: object required: - aws_access_key_id - aws_secret_access_key title: AWSDirectAccessSecrets AWSLeenRoleSecrets: properties: aws_role_arn: type: string title: Aws Role Arn external_id: anyOf: - type: string - type: 'null' title: External Id aws_region_name: anyOf: - type: string - type: 'null' title: Aws Region Name type: type: string enum: - LEEN_ROLE const: LEEN_ROLE title: Type default: LEEN_ROLE type: object required: - aws_role_arn title: AWSLeenRoleSecrets AWSRoleChainingSecrets: properties: aws_role_arn: type: string title: Aws Role Arn external_id: anyOf: - type: string - type: 'null' title: External Id aws_region_name: anyOf: - type: string - type: 'null' title: Aws Region Name type: type: string enum: - ROLE_CHAINING const: ROLE_CHAINING title: Type default: ROLE_CHAINING type: object required: - aws_role_arn title: AWSRoleChainingSecrets ConnectionAuthTypeEnum: type: string enum: - SECRETS - OAUTH2 - DIRECT_ACCESS - LEEN_ROLE - ROLE_CHAINING title: ConnectionAuthTypeEnum MSEntraOAuth2Credentials: properties: auth_type: type: string enum: - OAUTH2 const: OAUTH2 title: Auth Type default: OAUTH2 type: object title: MSEntraOAuth2Credentials leen_framework__integrations__ms_defender__idp__models__MSEntraSecretCredentials: properties: auth_type: type: string enum: - SECRETS const: SECRETS title: Auth Type default: SECRETS tenant_id: type: string title: Tenant Id client_id: type: string title: Client Id client_secret: type: string title: Client Secret type: object required: - tenant_id - client_id - client_secret title: MSEntraSecretCredentials Oauth2RedirectUrls: properties: success: type: string title: Success description: Redirect URL on successful authorization error: type: string title: Error description: Redirect URL on failed authorization type: object required: - success - error title: Oauth2RedirectUrls OAuth2RedirectUrls: properties: success: type: string title: Success description: Redirect URL on successful authorization error: type: string title: Error description: Redirect URL on failed authorization type: object required: - success - error title: OAuth2RedirectUrls BlackKiteFilters: properties: severity: items: $ref: '#/components/schemas/BlackKiteSeverityLevelEnum' type: array title: Severity type: object required: - severity title: BlackKiteFilters BitSightFilter: properties: severity_gte: anyOf: - type: integer - type: 'null' title: Severity Gte type: object title: BitSightFilter EntraIDFilterOption: type: string enum: - active_users_only - active_users_with_enabled_licenses_only title: EntraIDFilterOption ConnectionHealthStatusName: type: string enum: - HEALTHY - INITIALIZING - UNAUTHORIZED - CONNECTION_RECONFIGURATION_REQUIRED - VENDOR_CLIENT_ERROR - VENDOR_SERVER_ERROR - EXECUTION_TIMEOUT - RATE_LIMIT_EXCEEDED - INTERNAL_ERROR title: ConnectionHealthStatusName ConnectionHealthStatusEnum: type: string enum: - HEALTHY - UNHEALTHY - INITIALIZING title: ConnectionHealthStatusEnum ResolutionOwner: type: string enum: - LEEN - CUSTOMER - VENDOR title: ResolutionOwner ConnectionHealthUnauthorizedDetail: properties: data_export_type: anyOf: - $ref: '#/components/schemas/DataExportTypesEnum' - type: 'null' endpoint: type: string title: Endpoint type: object required: - endpoint title: ConnectionHealthUnauthorizedDetail BlackKiteSeverityLevelEnum: type: string enum: - Info - Low - Medium - High - Critical title: BlackKiteSeverityLevelEnum DataExportTypesEnum: type: string enum: - alerts - compliances - compliance_findings - config_users - cspm_alerts - device_groups - device_policies - devices - idp - idp_alerts - idp_audit_logs - idp_policies - issues - organization_identities - sast_issues - sca_issues - vms_scan_configs - vulnerabilities - resources - vulnerability_findings_v2 - grc_entity - grc_control - grc_evidence - grc_assessment_question - grc_assessment - tprm_company - tprm_finding - findings - itsm_users - itsm_groups - itsm_projects - itsm_tickets - itsm_attachments - itsm_comments title: DataExportTypesEnum securitySchemes: API-Key: type: apiKey in: header name: X-API-KEY ````