openapi: 3.0.3
info:
  x-api-type: Admin
  x-api-family: CDN
  title: CDN Zones
  version: 1.0.41
  description: |-
    [Download API specification](https://developer.salesforce.com/static/commercecloud/commerce-api/cdn-api-process-apis/cdn-api-process-apis-oas-v1-public.yaml)

    # API Overview

    The Content Delivery Network (CDN) API is for managing the embedded CDN (eCDN) that is included with Commerce Cloud and configured with Business Manager.

    Use the API to:

    - Ensure that traffic doesn’t circumvent proxies layered in front of your eCDN.
    - Accelerate the delivery of resources to users with caching, compression, and prioritization.
    - Customize how users interact with resources and how requests are processed, including custom pages and routing rules.
    - Provide proactive and complete application protection against new and existing exploits from bad actors.

    ## Authentication & Authorization

    For resource access, you must use a client ID and client secret from Account Manager to request an access token. The access token is used as a bearer token and added to the `Authorization` header of your API request.

    The API client must also have at least one of the following OAuth scopes: `sfcc.cdn-zones` or `sfcc.cdn-zones.rw`.

    For detailed setup instructions, see the [Authorization for Admin APIs](https://developer.salesforce.com/docs/commerce/commerce-api/guide/authorization-for-admin-apis.html) guide.

    You must include the relevant scope(s) in the client ID used to generate the token. For details, see the [Authorization Scopes Catalog.](https://developer.salesforce.com/docs/commerce/commerce-api/guide/auth-z-scope-catalog.html)

    ## Use Cases

    For detailed usage information, refer to the [CDN Zones Guides.](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones.html)
servers:
  - url: https://{shortCode}.api.commercecloud.salesforce.com/cdn/zones/v1
    variables:
      shortCode:
        default: shortCode
paths:
  /organizations/{organizationId}/storefront-zones:
    post:
      summary: Create a new storefront zone.
      operationId: createStorefrontZone
      description: |
        Create a new storefront zone for the organization. Use this endpoint to set up a new CDN zone with specific configurations for storefront applications.
      parameters:
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/StorefrontZoneCreateRequest'
            examples:
              StorefrontZoneCreateRequestBodyExample:
                $ref: '#/components/examples/StorefrontZoneCreateRequestBodyExample'
        required: true
      responses:
        '201':
          description: Successfully created new storefront zone.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StorefrontZoneCreateEnvelope'
              examples:
                StorefrontZoneCreateResponse:
                  $ref: '#/components/examples/StorefrontZoneCreateResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/mtls/code-upload-certificates:
    get:
      summary: Return all the mTLS certificates for the account.
      operationId: getCodeUploadCertificates
      description: |
        Retrieve all mTLS certificates for the account. These certificates are used for secure code upload operations and client authentication.
      parameters:
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully retrieved details of the mTLS certificates requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MtlsCertificatesResponseEnvelope'
              examples:
                MtlsCodeUploadGetCertificatesResponse:
                  $ref: '#/components/examples/MtlsCodeUploadGetCertificatesResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    post:
      summary: Set up two-factor mTLS certificates for the account and associate the staging zone code upload hostname.
      operationId: createCodeUploadCertificate
      description: |
        Create a new mTLS certificate for code upload operations. This certificate enables secure client authentication for code deployment processes.
      parameters:
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MtlsCertificateRequest'
            examples:
              MtlsCodeUploadPostCertificateRequestBodyExample:
                $ref: '#/components/examples/MtlsCodeUploadPostCertificateRequestBodyExample'
        required: true
      responses:
        '201':
          description: Returns information about the uploaded mTLS certificate.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MtlsCertificateResponseEnvelope'
              examples:
                MtlsCodeUploadGetCertificateResponse:
                  $ref: '#/components/examples/MtlsCodeUploadGetCertificateResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/mtls/code-upload-certificates/{mtlsCertificateId}:
    get:
      summary: Return the mTLS certificate for the given account's mTLS certificate ID.
      operationId: getCodeUploadCertificate
      description: |
        Retrieve a specific mTLS certificate by its ID. This endpoint provides detailed information about the certificate's configuration, status, and associated hostname.
      parameters:
        - $ref: '#/components/parameters/mtlsCertificateId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully retrieved mTLS certificate information from the mTLS certificate ID requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MtlsCertificateResponseEnvelope'
              examples:
                MtlsCodeUploadGetCertificateResponse:
                  $ref: '#/components/examples/MtlsCodeUploadGetCertificateResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    delete:
      summary: Remove an mTLS certificate and associated hostname.
      operationId: deleteCodeUploadCertificate
      description: |
        Permanently delete an mTLS certificate and its associated hostname from the account. This operation cannot be undone.
      parameters:
        - $ref: '#/components/parameters/mtlsCertificateId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '204':
          description: Successfully deleted the mTLS certificate from the account.
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/page-shield/notifications:
    get:
      summary: Get page shield notification webhooks.
      description: |
        See [eCDN PCI 4.0 Compliance Tools](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-pci-4-compliance.html).
      operationId: getPageShieldNotification
      parameters:
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully retrieved notification webhooks.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PageShieldNotificationWebhookListEnvelope'
              examples:
                PageShieldNotificationWebhookListResponse:
                  $ref: '#/components/examples/PageShieldNotificationWebhookListResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    post:
      summary: Setup page shield notification webhook.
      description: |
        See [eCDN PCI 4.0 Compliance Tools](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-pci-4-compliance.html).
      operationId: postPageShieldNotification
      parameters:
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PageShieldNotificationWebhookRequest'
            examples:
              PageShieldNotificationWebhookRequest:
                $ref: '#/components/examples/PageShieldNotificationWebhookRequest'
        required: true
      responses:
        '200':
          description: Successfully added notification webhook.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PageShieldNotificationWebhookEnvelope'
              examples:
                PageShieldNotificationWebhookResponse:
                  $ref: '#/components/examples/PageShieldNotificationWebhookResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/page-shield/notifications/{webhookId}:
    delete:
      summary: Delete page shield notification webhook.
      description: |
        See [eCDN PCI 4.0 Compliance Tools](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-pci-4-compliance.html).
      operationId: deletePageShieldNotification
      parameters:
        - $ref: '#/components/parameters/webhookId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '204':
          description: Successfully deleted notification webhook.
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/page-shield/policies:
    get:
      summary: List page shield policies.
      description: |
        See [eCDN PCI 4.0 Compliance Tools](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-pci-4-compliance.html).
      operationId: getPageShieldPolicies
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: List current page shield policies.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PageShieldPoliciesListEnvelope'
              examples:
                PageShieldPoliciesGetResponse:
                  $ref: '#/components/examples/PageShieldPoliciesGetResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    post:
      summary: Create page shield policy.
      description: |
        See [eCDN PCI 4.0 Compliance Tools](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-pci-4-compliance.html).
      operationId: createPageShieldPolicy
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PageShieldPolicyRequest'
            examples:
              PageShieldPolicyRequestBodyExample:
                $ref: '#/components/examples/PageShieldPolicyRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully created page shield policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PageShieldPoliciesEnvelope'
              examples:
                PageShieldPolicyGetResponse:
                  $ref: '#/components/examples/PageShieldPolicyGetResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/page-shield/policies/{policyId}:
    get:
      summary: Get page shield policy by policy ID.
      description: |
        See [eCDN PCI 4.0 Compliance Tools](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-pci-4-compliance.html).
      operationId: getPageShieldPolicy
      parameters:
        - $ref: '#/components/parameters/policyId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully retrieved the details of the page shield policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PageShieldPoliciesEnvelope'
              examples:
                PageShieldPolicyGetResponse:
                  $ref: '#/components/examples/PageShieldPolicyGetResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    put:
      summary: Update page shield policy by policy ID.
      description: |
        See [eCDN PCI 4.0 Compliance Tools](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-pci-4-compliance.html).
      operationId: updatePageShieldPolicy
      parameters:
        - $ref: '#/components/parameters/policyId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PageShieldPolicyRequest'
            examples:
              PageShieldPolicyPutRequestBodyExample:
                $ref: '#/components/examples/PageShieldPolicyPutRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully updated the page shield policy.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PageShieldPoliciesEnvelope'
              examples:
                PageShieldPoliciesEnvelope:
                  $ref: '#/components/examples/PageShieldPolicyPutResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
    delete:
      summary: Delete page shield policy.
      description: |
        See [eCDN PCI 4.0 Compliance Tools](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-pci-4-compliance.html).
      operationId: deletePageShieldPolicy
      parameters:
        - $ref: '#/components/parameters/policyId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '204':
          description: Successfully deleted the page shield policy.
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/page-shield/scripts:
    get:
      summary: Retrieve a list of scripts detected by page shield for a specific zone.
      description: |
        See [eCDN PCI 4.0 Compliance Tools](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-pci-4-compliance.html).
      operationId: getPageShieldScripts
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
        - $ref: '#/components/parameters/direction'
        - $ref: '#/components/parameters/excludeCdnCgi'
        - $ref: '#/components/parameters/excludeDuplicates'
        - $ref: '#/components/parameters/excludeUrls'
        - $ref: '#/components/parameters/hosts'
        - $ref: '#/components/parameters/orderBy'
        - $ref: '#/components/parameters/pageUrl'
        - $ref: '#/components/parameters/prioritizeMalicious'
        - $ref: '#/components/parameters/status'
        - $ref: '#/components/parameters/urls'
        - name: limit
          in: query
          required: false
          schema:
            type: integer
            format: int32
            default: 200
            maximum: 200
          description: Maximum records to retrieve per request, not to exceed 200. Defaults to 200.
        - name: offset
          in: query
          required: false
          schema:
            type: integer
            format: int32
            default: 0
            minimum: 0
          description: Used to retrieve the results based on a particular resource offset.
      responses:
        '200':
          description: List current page shield scripts.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PageShieldScriptListEnvelope'
              examples:
                PageShieldScriptListResponse:
                  $ref: '#/components/examples/PageShieldScriptListResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/page-shield/scripts/{scriptId}:
    get:
      summary: Fetch a script detected by Page Shield by script ID.
      description: |
        See [eCDN PCI 4.0 Compliance Tools](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-pci-4-compliance.html).
      operationId: getPageShieldScript
      parameters:
        - $ref: '#/components/parameters/scriptId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: A script detected by Page Shield by script ID.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PageShieldScriptEnvelope'
              examples:
                PageShieldScriptResponse:
                  $ref: '#/components/examples/PageShieldScriptResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/info:
    get:
      summary: Retrieve zone information.
      operationId: getZonesInfo
      description: |
        Retrieve information about all zones for the organization. This endpoint provides an overview of all CDN zones, including their status, configuration, and basic details.
      parameters:
        - $ref: '#/components/parameters/organizationId'
        - name: limit
          in: query
          required: false
          schema:
            type: integer
            format: int32
            default: 25
            maximum: 50
          description: Maximum records to retrieve per request, not to exceed 50. Defaults to 25.
        - name: offset
          in: query
          required: false
          schema:
            type: integer
            format: int32
            default: 0
            minimum: 0
          description: Used to retrieve the results based on a particular resource offset.
      responses:
        '200':
          description: Successfully retrieved zone information requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ZonesEnvelope'
              examples:
                ZonesGetResponse:
                  $ref: '#/components/examples/ZonesGetResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/waf/groups:
    get:
      summary: Retrieve all WAF groups accessible to the caller.
      description: |
        Retrieve all Web Application Firewall (WAF) groups accessible to the caller. This endpoint provides information about WAF groups and their configurations for the specified zone. Not applicable for zones using WAFv2. For zones created after the 24.5 release, use the endpoints for WAF managed rulesets.
      operationId: getWafGroups
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully retrieved details of WAF groups to which the caller has access.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WafGroupsEnvelope'
              examples:
                WafGroupsGetResponse:
                  $ref: '#/components/examples/WafGroupsGetResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/waf/groups/{groupId}:
    put:
      summary: Update the action or mode of a specific WAF group.
      description: |
        Update the action or mode of a specific Web Application Firewall (WAF) group. Use this endpoint to modify the security settings and behavior of a WAF group. Not applicable for zones using WAFv2. For any zones created after the 24.5 release, use the endpoints for WAF managed rulesets.
      operationId: updateWafGroup
      parameters:
        - $ref: '#/components/parameters/groupIdPath'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/WafGroup'
            examples:
              WafGroupPutRequestBodyExample:
                $ref: '#/components/examples/WafGroupPutRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully updated the WAF group specified by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WafGroupEnvelope'
              examples:
                WafGroupPutResponse:
                  $ref: '#/components/examples/WafGroupPutResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/waf/rules:
    get:
      summary: Retrieve WAF rules for the WAF group specified by the caller.
      description: |
        Retrieve WAF rules for the WAF group specified by the caller. This endpoint provides information about the security rules configured for a specific WAF group. Not applicable for zones using WAFv2. For any zones created after the 24.5 release, use the endpoints for WAF managed rulesets.
      operationId: getWafRules
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
        - $ref: '#/components/parameters/groupIdQuery'
      responses:
        '200':
          description: Successfully retrieved the WAF rules requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WafRulesEnvelope'
              examples:
                WafGroupPutResponse:
                  $ref: '#/components/examples/WafRulesGetResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/waf/rules/{ruleId}:
    get:
      summary: Retrieve details of a specific WAF rule.
      description: |
        Retrieve details of a specific WAF rule by its ID. This endpoint provides comprehensive information about the rule's configuration and settings. Not applicable for zones using WAFv2. For any zones created after the 24.5 release, use the endpoints for WAF managed rulesets.
      operationId: getWafRule
      parameters:
        - $ref: '#/components/parameters/ruleId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully retrieved details of the WAF rule requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WafRuleEnvelope'
              examples:
                WafRuleGetResponse:
                  $ref: '#/components/examples/WafRuleGetResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    put:
      summary: Update the action of a specific WAF rule.
      description: |
        Update the action of a specific WAF rule. Use this endpoint to modify the security behavior and response actions of a WAF rule. Not applicable for zones using WAFv2. For any zones created after the 24.5 release, use the endpoints for WAF managed rulesets.
      operationId: updateWafRule
      parameters:
        - $ref: '#/components/parameters/ruleId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/WafRule'
            examples:
              WafRulePutRequestBodyExample:
                $ref: '#/components/examples/WafRulePutRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully updated the WAF rule specified by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WafRuleEnvelope'
              examples:
                WafRulePutResponse:
                  $ref: '#/components/examples/WafRulePutResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/speed-settings:
    get:
      summary: Retrieve the speed settings for a zone.
      operationId: getSpeedSettings
      description: |
        Retrieve speed settings for the specified zone. This endpoint provides information about performance optimizations.
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully returned the speed settings requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SpeedSettingsEnvelope'
              examples:
                SpeedSettingsResponse:
                  $ref: '#/components/examples/SpeedSettingsResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    patch:
      summary: Update the speed settings for a zone.
      operationId: updateSpeedSettings
      description: |
        Update speed settings for the specified zone. Use this endpoint to modify performance optimizations.
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SpeedSetting'
            examples:
              SpeedSettingsPatchRequestBodyExample:
                $ref: '#/components/examples/SpeedSettingsPatchRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully updated the speed settings requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SpeedSettingsEnvelope'
              examples:
                SpeedSettingsResponse:
                  $ref: '#/components/examples/SpeedSettingsResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/security-settings:
    get:
      summary: Retrieve the security settings for a zone.
      operationId: getSecuritySettings
      description: |
        Retrieve security settings for the specified zone. This endpoint provides information about security configurations and protection settings.
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully returned security settings for zone.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SecuritySettingsEnvelope'
              examples:
                SecuritySettingsResponse:
                  $ref: '#/components/examples/SecuritySettingsResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    patch:
      summary: Update the security settings for a zone.
      operationId: updateSecuritySettings
      description: |
        Update security settings for the specified zone. Use this endpoint to modify security configurations and protection settings.
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SecuritySetting'
            examples:
              SecuritySettingsUpdateRequestBodyExample:
                $ref: '#/components/examples/SecuritySettingsUpdateRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully updated the security settings.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SecuritySettingsEnvelope'
              examples:
                SecuritySettingsResponse:
                  $ref: '#/components/examples/SecuritySettingsResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/cachepurge:
    post:
      summary: Purge the cache for the host specified in the request body.
      operationId: cachePurge
      description: |
        Purge cache for the specified zone. Use this endpoint to clear cached content and force fresh content to be fetched from origin servers. Unlike storefronts, SCAPI only uses server-side web tier caching, and eCDN edge caching is not at all applicable to SCAPI.
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CachePurgeRequest'
            examples:
              CachePurgeRequest:
                $ref: '#/components/examples/CachePurgeRequest'
        required: true
      responses:
        '200':
          description: Successfully returned the complete operationId statuses for the rule list operations that the server processed.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CachePurgeResponseEnvelope'
              examples:
                CachePurgeResponse:
                  $ref: '#/components/examples/CachePurgeResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/ocapicachingpagerule:
    patch:
      summary: Enable or disable the OCAPI Caching page rule.
      description: |
        Use this endpoint to toggle the caching behavior for caching requests.
      operationId: toggleOcapiCachingPageRule
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OCAPICachingToggleRequest'
            examples:
              CachingToggleRequest:
                $ref: '#/components/examples/CachingToggleRequest'
        required: true
      responses:
        '200':
          description: Successfully returned the current state of the Caching page rule.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OCAPICachingToggleRequest'
              examples:
                CachingToggleResponse:
                  $ref: '#/components/examples/CachingToggleResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/certificates:
    get:
      summary: List certificates for a zone.
      description: |
        For information on automatic certificates, see [eCDN Automatic Certificates](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-automatic-certs.html).
      operationId: getCertificates
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
        - name: limit
          in: query
          required: false
          schema:
            type: integer
            format: int32
            default: 25
            maximum: 50
          description: Maximum records to retrieve per request, not to exceed 50. Defaults to 25.
        - name: offset
          in: query
          required: false
          schema:
            type: integer
            format: int32
            default: 0
            minimum: 0
          description: Used to retrieve the results based on a particular resource offset.
      responses:
        '200':
          description: Successfully retrieved the list of certificates for the specified zone.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CertificatesEnvelope'
              examples:
                CertificatesGetResponse1:
                  $ref: '#/components/examples/CertificatesGetResponse1'
                CertificatesGetResponse2:
                  $ref: '#/components/examples/CertificatesGetResponse2'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    post:
      summary: Add certificate for a zone.
      description: |
        For information on automatic certificates, see [eCDN Automatic Certificates](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-automatic-certs.html).
      operationId: addCertificateForZone
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CertificateRequest'
            examples:
              CertificatePostRequestBodyExample:
                $ref: '#/components/examples/CertificatePostRequestBodyExample'
        required: true
      responses:
        '201':
          description: Returned information about the added certificate.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CertificateEnvelope'
              examples:
                CertificatePostResponse1:
                  $ref: '#/components/examples/CertificatePostResponse1'
                CertificatePostResponse2:
                  $ref: '#/components/examples/CertificatePostResponse2'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '409':
          description: |
            The request sent by the caller has conflicts.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Conflict:
                  $ref: '#/components/examples/Conflict'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/certificates/{certificateId}:
    delete:
      summary: Delete a custom hostname and the certificate associated with it. Note that a valid certificate is necessary for a site to remain operational. DELETING A CERTIFICATE THAT IS IN USE CAN RESULT IN DOWNTIME.
      description: |
        This operation removes both the custom hostname configuration and the associated SSL certificate.
      operationId: deleteCertificate
      parameters:
        - $ref: '#/components/parameters/certificateId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '204':
          description: Successfully deleted the custom hostname and the certificate associated with it.
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
    patch:
      summary: Update the certificate for a given certificateId for a particular zone.
      description: |
        For information on automatic certificates, see [eCDN Automatic Certificates](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-automatic-certs.html).
      operationId: updateCertificate
      parameters:
        - $ref: '#/components/parameters/certificateId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CertificateRequest'
            examples:
              CertificateUpdateRequestBodyExample:
                $ref: '#/components/examples/CertificateUpdateRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully updated the certificate requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CertificateEnvelope'
              examples:
                CertificateUpdateResponse1:
                  $ref: '#/components/examples/CertificateUpdateResponse1'
                CertificateUpdateResponse2:
                  $ref: '#/components/examples/CertificateUpdateResponse2'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/certificates/custom-hostnames/{customHostnameId}:
    patch:
      summary: Trigger the validation of a custom hostname.
      operationId: validateCustomHostname
      description: |
        This endpoint initiates the DNS validation process for custom hostnames associated with the zone.
      parameters:
        - $ref: '#/components/parameters/customHostnameId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully triggered the custom hostname validation process.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CustomHostnameValidationEnvelope'
              examples:
                CustomHostnamesPatchResponse:
                  $ref: '#/components/examples/CustomHostnamesPatchResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/mrtrules:
    get:
      summary: Get all MRT rules.
      description: |
        See [eCDN Rules for Hybrid Implementations](https://developer.salesforce.com/docs/commerce/pwa-kit-managed-runtime/guide/ecdn-rules-for-phased-headless-rollout.html).
      operationId: getMrtRules
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully retrieved all MRT rules.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MRTRulesResponseEnvelope'
              examples:
                MrtRulesGetResponse:
                  $ref: '#/components/examples/MrtRulesGetResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    post:
      summary: Create MRT rules to route to a new MRT environment.
      description: |
        See [eCDN Rules for Hybrid Implementations](https://developer.salesforce.com/docs/commerce/pwa-kit-managed-runtime/guide/ecdn-rules-for-phased-headless-rollout.html).
      operationId: createMrtRules
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MRTRulesPostRequest'
            examples:
              MrtRulesPostRequestSingleHostnameBodyExample:
                $ref: '#/components/examples/MrtRulesPostRequestSingleHostnameBodyExample'
              MrtRulesPostRequestMultipleHostnamesBodyExample:
                $ref: '#/components/examples/MrtRulesPostRequestMultipleHostnamesBodyExample'
        required: true
      responses:
        '201':
          description: Created MRT rules to route to a new MRT environment.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MRTRulesResponseEnvelope'
              examples:
                MrtRulesPostResponseSingleHostname:
                  $ref: '#/components/examples/MrtRulesPostResponseSingleHostname'
                MrtRulesPostResponseMultipleHostnames:
                  $ref: '#/components/examples/MrtRulesPostResponseMultipleHostnames'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
    patch:
      summary: Update the MRT environment hostname or add MRT rules to route to an existing MRT environment.
      description: |
        See [eCDN Rules for Hybrid Implementations](https://developer.salesforce.com/docs/commerce/pwa-kit-managed-runtime/guide/ecdn-rules-for-phased-headless-rollout.html).
      operationId: updateMrtRuleset
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MRTRulesetPatchRequest'
            examples:
              MrtRulesetPatchRequestUpdateHostnameBodyExample:
                $ref: '#/components/examples/MrtRulesetPatchRequestUpdateHostnameBodyExample'
              MrtRulesetPatchRequestAddRulesBodyExample:
                $ref: '#/components/examples/MrtRulesetPatchRequestAddRulesBodyExample'
        required: true
      responses:
        '200':
          description: Updated the MRT environment hostname or added MRT rules to route to an existing MRT environment.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MRTRulesResponseEnvelope'
              examples:
                MrtRulesetPatchResponseUpdateHostname:
                  $ref: '#/components/examples/MrtRulesetPatchResponseUpdateHostname'
                MrtRulesetPatchResponseAddRules:
                  $ref: '#/components/examples/MrtRulesetPatchResponseAddRules'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/mrtrules/{rulesetId}:
    delete:
      summary: Delete the MRT ruleset and all rules within the ruleset.
      description: |
        See [eCDN Rules for Hybrid Implementations](https://developer.salesforce.com/docs/commerce/pwa-kit-managed-runtime/guide/ecdn-rules-for-phased-headless-rollout.html).
      operationId: deleteMrtRuleset
      parameters:
        - $ref: '#/components/parameters/rulesetId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '204':
          description: Deleted the MRT ruleset and all rules within the ruleset.
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/mrtrules/{rulesetId}/rules/{ruleId}:
    delete:
      summary: Delete an MRT rule.
      description: |
        See [eCDN Rules for Hybrid Implementations](https://developer.salesforce.com/docs/commerce/pwa-kit-managed-runtime/guide/ecdn-rules-for-phased-headless-rollout.html).
      operationId: deleteMrtRule
      parameters:
        - $ref: '#/components/parameters/ruleId'
        - $ref: '#/components/parameters/rulesetId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '204':
          description: Deleted an MRT rule.
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
    patch:
      summary: Update an MRT rule.
      description: |
        See [eCDN Rules for Hybrid Implementations](https://developer.salesforce.com/docs/commerce/pwa-kit-managed-runtime/guide/ecdn-rules-for-phased-headless-rollout.html).
      operationId: updateMrtRule
      parameters:
        - $ref: '#/components/parameters/ruleId'
        - $ref: '#/components/parameters/rulesetId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MRTRulePatchRequest'
            examples:
              MrtRulePatchRequestBodyExample:
                $ref: '#/components/examples/MrtRulePatchRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully updated the MRT rule.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MRTRulesResponseEnvelope'
              examples:
                MrtRulePatchResponse:
                  $ref: '#/components/examples/MrtRulePatchResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/logpush/ownership:
    post:
      summary: Create Logpush ownership token file.
      description: |
        See [eCDN Logpush](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-logpush.html).
      operationId: createLogpushOwnership
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LogpushOwnershipPostRequest'
            examples:
              LogpushOwnershipPostRequestBodyExample:
                $ref: '#/components/examples/LogpushOwnershipPostRequestBodyExample'
        required: true
      responses:
        '201':
          description: Created a new Logpush Ownership token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogpushOwnershipPostResponse'
              examples:
                LogpushOwnershipPostResponse:
                  $ref: '#/components/examples/LogpushOwnershipPostResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/logpush/jobs:
    get:
      summary: List Logpush job.
      description: |
        See [eCDN Logpush](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-logpush.html).
      operationId: listLogpushJob
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Returned all jobs with details for the zone.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogpushJobsEnvelope'
              examples:
                LogpushGetListJob:
                  $ref: '#/components/examples/LogpushGetListJob'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    post:
      summary: Create Logpush job.
      description: |
        See [eCDN Logpush](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-logpush.html).
      operationId: createLogpushJob
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LogpushCreateRequest'
            examples:
              LogpushCreateRequestBodyExample1:
                $ref: '#/components/examples/LogpushCreateRequestBodyExample1'
              LogpushCreateRequestBodyExample2:
                $ref: '#/components/examples/LogpushCreateRequestBodyExample2'
              LogpushCreateRequestBodyExample3:
                $ref: '#/components/examples/LogpushCreateRequestBodyExample3'
        required: true
      responses:
        '201':
          description: Successfully created the Logpush job and returned the job details.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogpushEnvelope'
              examples:
                LogpushCreateResponse1:
                  $ref: '#/components/examples/LogpushCreateResponse1'
                LogpushCreateResponse2:
                  $ref: '#/components/examples/LogpushCreateResponse2'
                LogpushCreateResponse3:
                  $ref: '#/components/examples/LogpushCreateResponse3'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to therequested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/logpush/jobs/{jobId}:
    get:
      summary: Get Logpush job details.
      description: |
        See [eCDN Logpush](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-logpush.html).
      operationId: getLogpushJob
      parameters:
        - $ref: '#/components/parameters/jobId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Returned job details for the specified Logpush job ID.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogpushEnvelope'
              examples:
                LogpushGetJobById1:
                  $ref: '#/components/examples/LogpushGetJobById1'
                LogpushGetJobById2:
                  $ref: '#/components/examples/LogpushGetJobById2'
                LogpushGetJobById3:
                  $ref: '#/components/examples/LogpushGetJobById3'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    put:
      summary: Update Logpush job.
      description: |
        See [eCDN Logpush](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-logpush.html).
      operationId: updateLogpushJob
      parameters:
        - $ref: '#/components/parameters/jobId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LogpushUpdateRequest'
            examples:
              LogpushUpdateRequestBodyExample:
                $ref: '#/components/examples/LogpushUpdateRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully enabled or disabled the Logpush job and returned job details.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogpushEnvelope'
              examples:
                LogpushUpdateResponse:
                  $ref: '#/components/examples/LogpushUpdateResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
    delete:
      summary: Delete Logpush job by job ID.
      description: |
        See [eCDN Logpush](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-logpush.html).
      operationId: deleteLogpushJob
      parameters:
        - $ref: '#/components/parameters/jobId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '204':
          description: Deleted the Logpush job for the specified job ID.
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/firewall/waf/packages/owasp:
    get:
      summary: Get a OWASP ModSecurity Core Rule Set.
      operationId: getOwaspWafPackage
      description: |
        Retrieve OWASP WAF package information for the specified zone. This endpoint provides details about the OWASP security rules and configurations.
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully retrieved the OWASP ModSecurity Core Rule Set.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WAFRulePackageEnvelope'
              examples:
                WafPackagesGetExample:
                  $ref: '#/components/examples/WafPackagesGetExample'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    patch:
      summary: Patch a OWASP ModSecurity Core Rule Set.
      operationId: patchOwaspWafPackage
      description: |
        Update OWASP WAF package settings for the specified zone. Use this endpoint to modify OWASP security rule configurations.
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/WafPackagePatchRequest'
            examples:
              WafPackagesPatchRequestBodyExample:
                $ref: '#/components/examples/WafPackagesPatchRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully patched the OWASP ModSecurity Core Rule Set.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WAFRulePackageEnvelope'
              examples:
                WafPackagesGetExample:
                  $ref: '#/components/examples/WafPackagesGetExample'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/firewall-custom/rules:
    get:
      summary: Retrieve existing custom rules.
      description: |
        Retrieve existing custom rules. See [eCDN Custom Rules](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-custom-rules.html).
      operationId: getCustomRules
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
        - name: limit
          in: query
          required: false
          schema:
            type: integer
            format: int32
            default: 25
            maximum: 50
          description: Maximum records to retrieve per request, not to exceed 50. Defaults to 25.
        - name: offset
          in: query
          required: false
          schema:
            type: integer
            format: int32
            default: 0
            minimum: 0
          description: Used to retrieve the results based on a particular resource offset.
      responses:
        '200':
          description: Successfully returned the list of custom rules requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CustomRulesEnvelope'
              examples:
                CustomRulesResponse:
                  $ref: '#/components/examples/CustomRulesResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    post:
      summary: Create a custom rule.
      description: |
        See [eCDN Custom Rules](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-custom-rules.html).
      operationId: createCustomRule
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CustomRulesPostRequest'
            examples:
              CustomRulesPostRequestBodyExample:
                $ref: '#/components/examples/CustomRulesPostRequestBodyExample'
        required: true
      responses:
        '201':
          description: Successfully created the custom rule requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CustomRuleEnvelope'
              examples:
                CustomRuleResponse:
                  $ref: '#/components/examples/CustomRuleResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
    patch:
      summary: Update the order of all existing custom rules.
      description: |
        See [eCDN Custom Rules](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-custom-rules.html).
      operationId: updateOrderOfCustomRules
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CustomRulesPatchOrderRequest'
            examples:
              CustomRulesPatchOrderRequest:
                $ref: '#/components/examples/CustomRulesPatchOrderRequest'
        required: true
      responses:
        '200':
          description: Successfully updated the order of existing custom rules as requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CustomRulesEnvelope'
              examples:
                CustomRulesResponse:
                  $ref: '#/components/examples/CustomRulesResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/firewall-custom/rules/{ruleId}:
    get:
      summary: Retrieve a specific custom rule.
      description: |
        See [eCDN Custom Rules](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-custom-rules.html).
      operationId: getCustomRule
      parameters:
        - $ref: '#/components/parameters/ruleId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully returned the custom rule requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CustomRuleEnvelope'
              examples:
                CustomRuleResponse:
                  $ref: '#/components/examples/CustomRuleResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    delete:
      summary: Delete a specific custom rule.
      description: |
        See [eCDN Custom Rules](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-custom-rules.html).
      operationId: deleteCustomRule
      parameters:
        - $ref: '#/components/parameters/ruleId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '204':
          description: Successfully deleted the custom rule requested by the caller.
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
    patch:
      summary: Update a specific custom rule.
      description: |
        See [eCDN Custom Rules](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-custom-rules.html).
      operationId: updateCustomRule
      parameters:
        - $ref: '#/components/parameters/ruleId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CustomRulesPatchRequest'
            examples:
              CustomRulesPatchRequest:
                $ref: '#/components/examples/CustomRulesPatchRequest'
        required: true
      responses:
        '200':
          description: Successfully updated the custom rule requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CustomRuleEnvelope'
              examples:
                CustomRuleResponse:
                  $ref: '#/components/examples/CustomRuleResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/rate-limiting/rules:
    get:
      summary: Retrieve existing rate limiting rules.
      description: |
        See [eCDN Rate Limiting Rules](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-rate-limiting-rules.html).
      operationId: getRateLimitingRules
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully returned the list of rate limiting rules requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RateLimitingRulesEnvelope'
              examples:
                RateLimitingRulesResponse:
                  $ref: '#/components/examples/RateLimitingRulesResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    post:
      summary: Create a rate limiting rule.
      description: |
        See [eCDN Rate Limiting Rules](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-rate-limiting-rules.html).
      operationId: createRateLimitingRule
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RateLimitingRulesPostRequest'
            examples:
              RateLimitingRulesPostRequestBodyExample:
                $ref: '#/components/examples/RateLimitingRulesPostRequestBodyExample'
        required: true
      responses:
        '201':
          description: Successfully created the rate limiting rule requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RateLimitingRuleEnvelope'
              examples:
                RateLimitingRuleResponse:
                  $ref: '#/components/examples/RateLimitingRuleResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/rate-limiting/rules/{ruleId}:
    get:
      summary: Retrieve a specific rate limiting rule.
      description: |
        See [eCDN Rate Limiting Rules](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-rate-limiting-rules.html).
      operationId: getRateLimitingRule
      parameters:
        - $ref: '#/components/parameters/ruleId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully returned the rate limiting rule requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RateLimitingRuleEnvelope'
              examples:
                RateLimitingRuleResponse:
                  $ref: '#/components/examples/RateLimitingRuleResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    delete:
      summary: Delete a specific rate limiting rule.
      description: |
        See [eCDN Rate Limiting Rules](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-rate-limiting-rules.html).
      operationId: deleteRateLimitingRule
      parameters:
        - $ref: '#/components/parameters/ruleId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '204':
          description: Successfully deleted the rate limiting rule requested by the caller.
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
    patch:
      summary: Update a specific rate limiting rule.
      description: |
        See [eCDN Rate Limiting Rules](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-rate-limiting-rules.html).
      operationId: updateRateLimitingRule
      parameters:
        - $ref: '#/components/parameters/ruleId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RateLimitingRulesPatchRequest'
            examples:
              RateLimitingRulesPatchRequest:
                $ref: '#/components/examples/RateLimitingRulesPatchRequest'
        required: true
      responses:
        '200':
          description: Successfully updated the rate limiting rule requested by the caller.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RateLimitingRuleEnvelope'
              examples:
                RateLimitingRuleResponse:
                  $ref: '#/components/examples/RateLimitingRuleResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/firewall-managed/rulesets:
    get:
      summary: Retrieve WAFv2 managed rulesets.
      description: |
        See [eCDN WAFv2](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-wafv2.html).
      operationId: getWafManagedRulesets
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully returned the list of WAFv2 managed rulesets.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WAFManagedRulesetsEnvelope'
              examples:
                WAFManagedRulesetsResponse:
                  $ref: '#/components/examples/WAFManagedRulesetsResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/firewall-managed/rulesets/{rulesetId}:
    patch:
      summary: Update WAFv2 managed ruleset.
      description: |
        See [eCDN WAFv2](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-wafv2.html).
      operationId: updateWafManagedRuleset
      parameters:
        - $ref: '#/components/parameters/rulesetId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/WAFManagedRulesetRequest'
            examples:
              WAFManagedRulesetsUpdateRequestBodyExample:
                $ref: '#/components/examples/WAFManagedRulesetsUpdateRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully updated the WAFv2 managed rulesets.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WAFManagedRulesetEnvelope'
              examples:
                WAFManagedRulesetsUpdateResponse:
                  $ref: '#/components/examples/WAFManagedRulesetsUpdateResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/firewall-managed/rulesets/{rulesetId}/rules:
    get:
      summary: Retrieve all rules in the specified WAFv2 managed ruleset.
      description: |
        See [eCDN WAFv2](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-wafv2.html).
      operationId: getWafManagedRulesInRuleset
      parameters:
        - $ref: '#/components/parameters/rulesetId'
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully returned the rules in the WAFv2 managed ruleset.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WAFManagedRulesEnvelope'
              examples:
                WAFManagedRulesResponse:
                  $ref: '#/components/examples/WAFManagedRulesResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/firewall-managed/rulesets/{rulesetId}/rules/{ruleId}:
    patch:
      summary: Update a WAF managed rule in the specified WAFv2 managed ruleset.
      description: |
        See [eCDN WAFv2](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-wafv2.html).
      operationId: updateWafManagedRuleInRuleset
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/rulesetId'
        - $ref: '#/components/parameters/ruleId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/WAFManagedRuleRequest'
            examples:
              WAFManagedRulesUpdateRequestBodyExample:
                $ref: '#/components/examples/WAFManagedRulesUpdateRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully updated the WAF managed rule in the specified WAFv2 managed ruleset.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WAFManagedRuleEnvelope'
              examples:
                WAFManagedRulesUpdateResponse:
                  $ref: '#/components/examples/WAFManagedRulesUpdateResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/firewall-managed/migration:
    put:
      summary: Migrate a zone to WAFv2. Only applicable for existing zones using WAFv1.
      description: |
        See [eCDN WAFv2](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-wafv2.html).
      operationId: migrateZoneToWafV2
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully migrated the zone to WAFv2 and returned the WAF managed rulesets.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WAFManagedRulesetsEnvelope'
              examples:
                WAFManagedRulesetsResponse:
                  $ref: '#/components/examples/WAFManagedRulesetsResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/origin-header-modification/{type}:
    get:
      summary: Get the origin header modification associated with a zone. Only the `mrt` type is supported.
      operationId: getOriginHeaderModification
      description: |
        Retrieve origin header modification settings for the specified zone. This endpoint provides information about how headers are modified when forwarding requests to origin servers.
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/type'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Successfully returned the origin header modification associated with a zone.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OriginHeaderModificationEnvelope'
              examples:
                MrtPutRequest:
                  $ref: '#/components/examples/MrtGetResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    put:
      summary: Upsert an origin header modification. Only the `mrt` type is supported.
      operationId: upsertOriginHeaderModification
      description: |
        Create or update origin header modification settings for the specified zone. Use this endpoint to configure how headers are modified when forwarding requests to origin servers.
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/type'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OriginHeaderModificationPutRequest'
            examples:
              MrtPutRequestBodyExample:
                $ref: '#/components/examples/MrtPutRequestBodyExample'
        required: true
      responses:
        '200':
          description: Successfully upserted the origin header modification.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OriginHeaderModificationEnvelope'
              examples:
                MrtPutUpdateResponse:
                  $ref: '#/components/examples/MrtPutUpdateResponse'
        '201':
          description: Successfully created the origin header modification.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OriginHeaderModificationEnvelope'
              examples:
                MrtPutCreateResponse:
                  $ref: '#/components/examples/MrtPutCreateResponse'
        '400':
          description: |
            The request sent by the caller is not valid.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                BadRequest:
                  $ref: '#/components/examples/BadRequest'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
    delete:
      summary: Delete the origin header modification associated with a zone. Only the `mrt` type is supported.
      operationId: deleteOriginHeaderModification
      description: |
        Delete origin header modification settings for the specified zone. This endpoint removes header modification configurations.
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/type'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '204':
          description: Successfully deleted the origin header modification associated with a zone.
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
  /organizations/{organizationId}/zones/{zoneId}/settings/ciphers:
    get:
      summary: Get cipher suites settings by zoneId.
      description: |
        Retrieve cipher suite settings for the specified zone. This endpoint provides information about supported encryption algorithms and security protocols. See [eCDN Supported Cipher Suites](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-cipher-suite-types.html).
      operationId: getCipherSuites
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      responses:
        '200':
          description: Retrieves current zone level cipher settings.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CipherSuitesEnvelope'
              examples:
                CipherSettingsGetResponse:
                  $ref: '#/components/examples/CipherSettingsGetResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones
            - sfcc.cdn-zones.rw
    patch:
      summary: Update cipher suite settings for the zone.
      description: |
        Update cipher suite settings for the specified zone. Use this endpoint to modify supported encryption algorithms and security protocols. See [eCDN Supported Cipher Suites](https://developer.salesforce.com/docs/commerce/commerce-api/guide/cdn-zones-cipher-suite-types.html).
      operationId: updateCipherSuites
      parameters:
        - $ref: '#/components/parameters/zoneId'
        - $ref: '#/components/parameters/organizationId'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CipherSuitesRequest'
            examples:
              CipherSettingsPatchRequestBodyExample:
                $ref: '#/components/examples/CipherSettingsPatchRequestBodyExample'
        required: true
      responses:
        '200':
          description: Updates current zone level cipher settings.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CipherSuitesEnvelope'
              examples:
                CipherSettingsPatchResponse:
                  $ref: '#/components/examples/CipherSettingsPatchResponse'
        '401':
          description: |
            The caller is not authorized to access the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Unauthorized:
                  $ref: '#/components/examples/Unauthorized'
        '403':
          description: |
            The caller does not have access to the requested resource.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                Forbidden:
                  $ref: '#/components/examples/Forbidden'
        '404':
          description: |
            The resource requested by the caller was not found.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                NotFound:
                  $ref: '#/components/examples/NotFound'
        '500':
          description: |
            An error occurred on the server side.
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/ApiStandardsErrorResponse'
              examples:
                InternalServerError:
                  $ref: '#/components/examples/InternalServerError'
      security:
        - AmOAuth2:
            - sfcc.cdn-zones.rw
components:
  schemas:
    ApiStandardsErrorResponse:
      type: object
      properties:
        title:
          description: "A short, human-readable summary of the problem\ntype.  It will not change from occurrence to occurrence of the \nproblem, except for purposes of localization\n"
          type: string
          maxLength: 256
          example: You do not have enough credit
        type:
          description: |
            A URI reference [RFC3986] that identifies the
            problem type.  This specification encourages that, when
            dereferenced, it provide human-readable documentation for the
            problem type (e.g., using HTML [W3C.REC-html5-20141028]).  When
            this member is not present, its value is assumed to be
            "about:blank". It accepts relative URIs; this means
            that they must be resolved relative to the document's base URI, as
            per [RFC3986], Section 5.
          type: string
          maxLength: 2048
          example: NotEnoughMoney
        detail:
          description: A human-readable explanation specific to this occurrence of the problem.
          type: string
          pattern: ^.*$
          example: Your current balance is 30, but that costs 50
        instance:
          description: |
            A URI reference that identifies the specific
            occurrence of the problem.  It may or may not yield further
            information if dereferenced.  It accepts relative URIs; this means
            that they must be resolved relative to the document's base URI, as
            per [RFC3986], Section 5.
          type: string
          maxLength: 2048
          example: /account/12345/msgs/abc
      required:
        - title
        - type
        - detail
    OrganizationId:
      description: An identifier for the organization the request is being made by
      example: f_ecom_zzxy_prd
      type: string
      minLength: 1
      maxLength: 32
    StorefrontZoneCreateRequest:
      required:
        - domainName
      type: object
      properties:
        domainName:
          type: string
          description: Domain name for the site.
          pattern: ^.*$
          example: cc-merchant.com
      description: The storefront zone information to be created.
    StorefrontZoneCreateResponse:
      required:
        - createdOn
        - status
        - zoneId
        - zoneName
      type: object
      properties:
        zoneId:
          type: string
          description: The zone id tag.
          pattern: ^.*$
          example: 023e105f4ecef8ad9ca31a8372d0c353
        zoneName:
          type: string
          description: The domain name for the zone.
          pattern: ^.*$
          example: stg-zzzz-cc-merchant-com.cc-ecdn.net
        status:
          type: string
          description: current status of the zone
          example: active
          enum:
            - active
            - pending
            - initializing
            - moved
            - deleted
            - deactivated
        createdOn:
          type: string
          description: Date and time of zone creation.
          format: date-time
          example: '2014-01-01T05:20:00.12345Z'
      description: The response of create zone, includes zone and zone properties.
    StorefrontZoneCreateEnvelope:
      type: object
      properties:
        data:
          $ref: '#/components/schemas/StorefrontZoneCreateResponse'
      required:
        - data
      example:
        data:
          zoneId: 023e105f4ecef8ad9ca31a8372d0c353
          zoneName: stg-zzzz-cc-merchant-com.cc-ecdn.net
          status: active
          createdOn: '2014-01-01T05:20:00.12345Z'
      additionalProperties: false
    MtlsCertificateResponse:
      type: object
      properties:
        mtlsCertificateId:
          type: string
          description: ID generated by the CDN provider for the certificate.
          pattern: ^.*$
          example: 465a48f6-3d98-4c15-9312-211984ee8629
        expiresOn:
          type: string
          description: Expiration date for the mTLS certificate.
          format: date-time
          example: '2022-01-12T04:15:57Z'
        issuer:
          type: string
          description: The certificate authority that issued the mTLS certificate.
          pattern: ^.*$
          example: DigiCert
        signature:
          type: string
          description: The type of hash used for the mTLS certificate.
          pattern: ^.*$
          example: SHA256WithRSA
        uploadedOn:
          type: string
          description: Date the mTLS certificate was uploaded.
          format: date-time
          example: '2020-01-12T04:15:57Z'
        ca:
          type: boolean
          description: Indicates whether the mTLS certificate is a CA or leaf certificate.
          example: true
        serialNumber:
          type: string
          description: The mTLS certificate serial number.
          pattern: ^.*$
          example: '432217133297895665180570788458463042229861757760'
        mtlsCertificateName:
          type: string
          description: Optional name for the mTLS certificate used for ease of understanding.
          pattern: ^.*$
          example: mtls_cert_name
        mtlsAssociatedCodeUploadHostname:
          type: string
          description: Hostname associated with this mTLS certificate.
          pattern: ^.*$
          example: mtls.cert.salesforce.com
      description: mTLS certificate information.
    MtlsCertificatesResponseEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/MtlsCertificateResponse'
          type: array
      example:
        data:
          - mtlsCertificateId: 465a48f6-3d98-4c15-9312-211984ee8629
            expiresOn: '2022-01-12T04:15:57Z'
            issuer: DigiCert
            signature: SHA256WithRSA
            uploadedOn: '2020-01-12T04:15:57Z'
            ca: true
            serialNumber: '432217133297895665180570788458463042229861757760'
            mtlsCertificateName: mtls_cert_name
            mtlsAssociatedCodeUploadHostname: mtls.cert.salesforce.com
      additionalProperties: false
    MtlsCertificateRequest:
      required:
        - certificate
        - name
        - privateKey
      type: object
      properties:
        certificate:
          type: string
          description: Public key for the CA certificate in mTLS.
          pattern: ^.*$
          example: |-
            -----BEGIN CERTIFICATE-----
            MIIDtTCCAp2gAwIBAgIJAMHAwfXZ5PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
            BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
            aWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF
            MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
            ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
            CgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1
            CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB
            KwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5
            0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI
            dZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2
            izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4
            9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI
            GKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV
            BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF
            MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2
            2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP
            Mlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG
            SvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq
            2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw
            YbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=
            -----END CERTIFICATE-----
        privateKey:
          type: string
          description: Private key of the CA certificate in mTLS.
          pattern: ^.*$
          example: |-
            -----BEGIN RSA PRIVATE KEY-----
            MIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG
            dtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn
            abIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid
            tnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py
            FxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE
            ewooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb
            HBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/
            axiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb
            +ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g
            +j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv
            KLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7
            9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo
            /WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu
            iacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9
            N2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe
            VAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB
            vULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U
            lySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR
            9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7
            mEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX
            dFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe
            PG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS
            fhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W
            qu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T
            lv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi
            -----END RSA PRIVATE KEY-----
        name:
          type: string
          description: Certificate name used for ease of understanding.
          pattern: ^.*$
          example: mtls_cert_name
      description: mTLS certificate request information.
      example:
        certificate: |-
          -----BEGIN CERTIFICATE-----
          MIIDtTCCAp2gAwIBAgIJAMHAwfXZ5PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
          BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
          aWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF
          MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
          ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
          CgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1
          CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB
          KwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5
          0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI
          dZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2
          izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4
          9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI
          GKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV
          BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF
          MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2
          2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP
          Mlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG
          SvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq
          2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw
          YbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=
          -----END CERTIFICATE-----
        privateKey: |-
          -----BEGIN RSA PRIVATE KEY-----
          MIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG
          dtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn
          abIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid
          tnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py
          FxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE
          ewooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb
          HBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/
          axiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb
          +ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g
          +j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv
          KLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7
          9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo
          /WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu
          iacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9
          N2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe
          VAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB
          vULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U
          lySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR
          9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7
          mEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX
          dFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe
          PG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS
          fhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W
          qu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T
          lv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi
          -----END RSA PRIVATE KEY-----
        name: mtls_cert_name
      additionalProperties: false
    MtlsCertificateResponseEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/MtlsCertificateResponse'
      example:
        data:
          mtlsCertificateId: 465a48f6-3d98-4c15-9312-211984ee8629
          expiresOn: '2022-01-12T04:15:57Z'
          issuer: DigiCert
          signature: SHA256WithRSA
          uploadedOn: '2020-01-12T04:15:57Z'
          ca: true
          serialNumber: '432217133297895665180570788458463042229861757760'
          mtlsCertificateName: mtls_cert_name
          mtlsAssociatedCodeUploadHostname: mtls.cert.salesforce.com
      additionalProperties: false
    PageShieldNotificationWebhookResponse:
      required:
        - createdAt
        - id
        - name
        - type
        - webhookUrl
      type: object
      properties:
        id:
          type: string
          description: Webhook ID.
          pattern: ^.*$
          example: webhook_1234567890abcdef
        name:
          type: string
          description: Webhook name.
          pattern: ^.*$
          example: Security Alert Webhook
        webhookUrl:
          type: string
          description: Webhook URL.
          pattern: ^.*$
          example: https://example.com/webhook/security
        type:
          type: string
          description: Webhook type.
          pattern: ^.*$
          example: security_alert
        createdAt:
          type: string
          description: Timestamp of webhook creation.
          format: date-time
          example: '2023-01-01T00:00:00Z'
        lastSuccess:
          type: string
          description: Timestamp of the last successful notification.
          format: date-time
          example: '2023-01-01T12:00:00Z'
        lastFailure:
          type: string
          description: Timestamp of the last failed notification.
          format: date-time
          example: '2023-01-01T18:00:00Z'
        zones:
          items:
            type: string
            pattern: ^.*$
            example: zone_1234567890abcdef
          type: array
          description: Zone IDs on which to filter notifications alerts.
      description: Page shield notification for the webhook response.
      example:
        id: webhook_1234567890abcdef
        name: Security Alert Webhook
        webhookUrl: https://example.com/webhook/security
        type: security_alert
        createdAt: '2023-01-01T00:00:00Z'
        lastSuccess: '2023-01-01T12:00:00Z'
        lastFailure: '2023-01-01T18:00:00Z'
        zones:
          - zone_1234567890abcdef
      additionalProperties: false
    PageShieldNotificationWebhookListEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/PageShieldNotificationWebhookResponse'
          type: array
      example:
        data:
          - id: webhook_1234567890abcdef
            name: Security Alert Webhook
            webhookUrl: https://example.com/webhook/security
            type: security_alert
            createdAt: '2023-01-01T00:00:00Z'
            lastSuccess: '2023-01-01T12:00:00Z'
            lastFailure: '2023-01-01T18:00:00Z'
            zones:
              - zone_1234567890abcdef
      additionalProperties: false
    PageShieldNotificationWebhookRequest:
      type: object
      required:
        - webhookUrl
      properties:
        webhookUrl:
          type: string
          description: Webhook URL.
          pattern: ^.*$
          example: https://example.com/webhook/security
        secret:
          type: string
          description: Webhook optional secret.
          pattern: ^.*$
          example: webhook_secret_123
        zones:
          items:
            type: string
            pattern: ^.*$
            example: zone_1234567890abcdef
          type: array
          description: Zone names on which to filter notifications alerts.
      description: Page shield notification for the webhook request.
      example:
        webhookUrl: https://example.com/webhook/security
        secret: webhook_secret_123
        zones:
          - zone_1234567890abcdef
      additionalProperties: false
    PageShieldNotificationWebhookEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/PageShieldNotificationWebhookResponse'
      example:
        data:
          id: webhook_1234567890abcdef
          name: Security Alert Webhook
          webhookUrl: https://example.com/webhook/security
          type: security_alert
          createdAt: '2023-01-01T00:00:00Z'
          lastSuccess: '2023-01-01T12:00:00Z'
          lastFailure: '2023-01-01T18:00:00Z'
          zones:
            - zone_1234567890abcdef
      additionalProperties: false
    PageShieldPolicyResponse:
      type: object
      properties:
        action:
          type: string
          description: Action taken when expression matches allow or log.
          example: allow
          enum:
            - allow
            - log
        description:
          type: string
          description: Description for the policy.
          pattern: ^.*$
          example: Allow scripts from trusted CDN sources
        enabled:
          type: boolean
          description: Enable/disable the policy.
          example: true
        expression:
          type: string
          description: Expression of the policy.
          pattern: ^.*$
          example: http.request.uri.path contains "/trusted-cdn/"
        value:
          type: string
          description: Policy to be applied.
          pattern: ^.*$
          example: script-src
        id:
          type: string
          description: Policy ID
          pattern: ^.*$
          example: policy_1234567890abcdef
      description: Page shield policy response.
      example:
        action: allow
        description: Allow scripts from trusted CDN sources
        enabled: true
        expression: http.request.uri.path contains "/trusted-cdn/"
        value: script-src
        id: policy_1234567890abcdef
      additionalProperties: false
    PageShieldPoliciesListEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/PageShieldPolicyResponse'
          type: array
      example:
        data:
          - action: allow
            description: Allow scripts from trusted CDN sources
            enabled: true
            expression: http.request.uri.path contains "/trusted-cdn/"
            value: script-src
            id: policy_1234567890abcdef
      additionalProperties: false
    PageShieldPolicyRequest:
      type: object
      properties:
        action:
          type: string
          description: Action taken when expression matches allow or log.
          example: allow
          enum:
            - allow
            - log
        description:
          type: string
          description: Description for the policy.
          pattern: ^.*$
          example: Allow scripts from trusted CDN sources
        enabled:
          type: boolean
          description: Enable/disable the policy.
          example: true
        expression:
          type: string
          description: Expression of the policy.
          pattern: ^.*$
          example: http.request.uri.path contains "/trusted-cdn/"
        value:
          type: string
          description: Policy to be applied.
          pattern: ^.*$
          example: script-src
      description: Page shield policy request object.
      example:
        action: allow
        description: Allow scripts from trusted CDN sources
        enabled: true
        expression: http.request.uri.path contains "/trusted-cdn/"
        value: script-src
      additionalProperties: false
    PageShieldPoliciesEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/PageShieldPolicyResponse'
      example:
        data:
          action: allow
          description: Allow scripts from trusted CDN sources
          enabled: true
          expression: http.request.uri.path contains "/trusted-cdn/"
          value: script-src
          id: policy_1234567890abcdef
      additionalProperties: false
    PageShieldScriptVersion:
      type: object
      required:
        - isMaliciousCode
      properties:
        hash:
          type: string
          description: The computed hash of the analyzed script.
          pattern: ^.*$
          example: 1243453456abc
        jsIntegrityScore:
          type: integer
          description: The integrity score of the JavaScript content.
          example: 1
        obfuscationScore:
          type: integer
          description: The obfuscation score of the JavaScript content.
          example: 2
        dataflowScore:
          type: integer
          description: The dataflow score of the JavaScript content.
          example: 1
        malwareScore:
          type: integer
          description: The malware score of the JavaScript content.
          example: 1
        cryptoMiningScore:
          type: integer
          description: The crypto mining score of the JavaScript content.
          example: 1
        mageCartScore:
          type: integer
          description: The Magecart score of the JavaScript content.
          example: 2
        fetchedAt:
          type: string
          description: The timestamp of when the script was last fetched.
          format: date-time
          example: '2023-01-01T00:00:00Z'
        isMaliciousCode:
          type: boolean
          description: Indicates whether the script has been reported as malicious.
          example: false
      description: Version details for the JavaScript script.
      example:
        hash: 1243453456abc
        jsIntegrityScore: 1
        obfuscationScore: 2
        dataflowScore: 1
        malwareScore: 1
        cryptoMiningScore: 1
        mageCartScore: 2
        fetchedAt: '2023-01-01T00:00:00Z'
        isMaliciousCode: false
      additionalProperties: false
    PageShieldScriptResponse:
      type: object
      properties:
        id:
          type: string
          description: Page Shield script ID.
          pattern: ^.*$
          example: 12345678901234asdfasfasdf
        url:
          type: string
          description: Page Shield script URL.
          pattern: ^.*$
          example: https://sfdc-test.net/on/demandware.static/Sites-SiteNemesis-Site/-/en_US//lib/jquery/ui/jquery-ui.min.js
        host:
          type: string
          description: Hostname where the script was detected by Page Shield.
          pattern: ^.*$
          example: sfdc-test.net
        addedAt:
          type: string
          description: Date the script was added to Page Shield.
          format: date-time
          example: '2022-01-01T05:20:00Z'
        firstSeenAt:
          type: string
          description: Date the script was detected by Page Shield.
          format: date-time
          example: '2022-01-01T05:20:00Z'
        lastSeenAt:
          type: string
          description: Date the script was recently detected by Page Shield.
          format: date-time
          example: '2022-01-01T05:20:00Z'
        fetchedAt:
          type: string
          description: The timestamp when the script was last fetched.
          format: date-time
          example: '2022-01-01T05:20:00Z'
        domainReportedMalicious:
          type: boolean
          description: Reported domain is malicious.
          example: false
        hash:
          type: string
          description: The computed hash of the analyzed script.
          pattern: ^.*$
          example: 1243453456abc
        cryptoMiningScore:
          type: integer
          description: The crypto mining score of the JavaScript content.
          example: 1
        dataflowScore:
          type: integer
          description: The dataflow score of the JavaScript content.
          example: 1
        jsIntegrityScore:
          type: integer
          description: The integrity score of the JavaScript content.
          example: 1
        mageCartScore:
          type: integer
          description: The Magecart score of the JavaScript content.
          example: 2
        malwareScore:
          type: integer
          description: The malware score of the JavaScript content.
          example: 1
        obfuscationScore:
          type: integer
          description: The obfuscation score of the JavaScript content.
          example: 2
        maliciousDomainCategories:
          items:
            type: string
            pattern: ^.*$
            example: Malware
          type: array
          description: Malicious domain category.
          example:
            - Malware
        maliciousUrlCategories:
          items:
            type: string
            pattern: ^.*$
            example: Malware
          type: array
          description: Malicious URL category.
          example:
            - Malware
        urlContainsCdnCgiPath:
          type: boolean
          description: URL contains CDN CGI path.
          example: false
        urlReportedMalicious:
          type: boolean
          description: Reported URL is malicious.
          example: false
        pageUrls:
          items:
            type: string
            pattern: ^.*$
            example: blog.test.salesforce.com/page1
          type: array
          description: Page URLs
          example:
            - blog.test.salesforce.com/page1
            - blog.test.salesforce.com/page2
        firstPageUrl:
          type: string
          description: First page URL for the JavaScript.
          pattern: ^.*$
          example: blog.test.salesforce.com
        status:
          type: string
          description: The current status of the script. Possible values are active, inactive, or infrequent.
          pattern: ^.*$
          example: active
        versions:
          items:
            $ref: '#/components/schemas/PageShieldScriptVersion'
          type: array
          description: List of script versions.
      description: Response of Page Shield script object.
      example:
        id: 12345678901234asdfasfasdf
        url: https://sfdc-test.net/on/demandware.static/Sites-SiteNemesis-Site/-/en_US//lib/jquery/ui/jquery-ui.min.js
        host: sfdc-test.net
        addedAt: '2022-01-01T05:20:00Z'
        firstSeenAt: '2022-01-01T05:20:00Z'
        lastSeenAt: '2022-01-01T05:20:00Z'
        fetchedAt: '2022-01-01T05:20:00Z'
        domainReportedMalicious: false
        hash: 1243453456abc
        cryptoMiningScore: 1
        dataflowScore: 1
        jsIntegrityScore: 1
        mageCartScore: 2
        malwareScore: 1
        obfuscationScore: 2
        maliciousDomainCategories:
          - Malware
        maliciousUrlCategories:
          - Malware
        urlContainsCdnCgiPath: false
        urlReportedMalicious: false
        pageUrls:
          - blog.test.salesforce.com/page1
          - blog.test.salesforce.com/page2
        firstPageUrl: blog.test.salesforce.com
        status: active
        versions: []
      additionalProperties: false
    PageShieldScriptListEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/PageShieldScriptResponse'
          type: array
      example:
        data:
          - id: 12345678901234asdfasfasdf
            url: https://sfdc-test.net/on/demandware.static/Sites-SiteNemesis-Site/-/en_US//lib/jquery/ui/jquery-ui.min.js
            host: sfdc-test.net
            addedAt: '2022-01-01T05:20:00Z'
            firstSeenAt: '2022-01-01T05:20:00Z'
            lastSeenAt: '2022-01-01T05:20:00Z'
            fetchedAt: '2022-01-01T05:20:00Z'
            domainReportedMalicious: false
            hash: 1243453456abc
            cryptoMiningScore: 1
            dataflowScore: 1
            jsIntegrityScore: 1
            mageCartScore: 2
            malwareScore: 1
            obfuscationScore: 2
            maliciousDomainCategories:
              - Malware
            maliciousUrlCategories:
              - Malware
            urlContainsCdnCgiPath: false
            urlReportedMalicious: false
            pageUrls:
              - blog.test.salesforce.com/page1
              - blog.test.salesforce.com/page2
            firstPageUrl: blog.test.salesforce.com
            status: active
            versions: []
      additionalProperties: false
    PageShieldScriptEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/PageShieldScriptResponse'
      example:
        data:
          id: 12345678901234asdfasfasdf
          url: https://sfdc-test.net/on/demandware.static/Sites-SiteNemesis-Site/-/en_US//lib/jquery/ui/jquery-ui.min.js
          host: sfdc-test.net
          addedAt: '2022-01-01T05:20:00Z'
          firstSeenAt: '2022-01-01T05:20:00Z'
          lastSeenAt: '2022-01-01T05:20:00Z'
          fetchedAt: '2022-01-01T05:20:00Z'
          domainReportedMalicious: false
          hash: 1243453456abc
          cryptoMiningScore: 1
          dataflowScore: 1
          jsIntegrityScore: 1
          mageCartScore: 2
          malwareScore: 1
          obfuscationScore: 2
          maliciousDomainCategories:
            - Malware
          maliciousUrlCategories:
            - Malware
          urlContainsCdnCgiPath: false
          urlReportedMalicious: false
          pageUrls:
            - blog.test.salesforce.com/page1
            - blog.test.salesforce.com/page2
          firstPageUrl: blog.test.salesforce.com
          status: active
          versions: []
      additionalProperties: false
    Zone:
      title: Zone
      type: object
      required:
        - name
        - status
        - zoneId
      properties:
        zoneId:
          maxLength: 100
          type: string
          description: Identity of the zone.
          example: example1-zone-Id
        name:
          maxLength: 100
          type: string
          description: Name given to the zone. This needs to be a DNS domain name for eg example.com
          example: example1.com
        status:
          type: string
          description: Status of the zone for eg "Pending" , "Active"
          enum:
            - active
            - pending
            - initializing
            - moved
            - deleted
            - deactivated
          example: pending
      description: Zone is the container for hostnames and various CDN settings/properties. Each zone is tied to a single origin.
      example:
        zoneId: example1-zone-Id
        name: example1.com
        status: pending
      additionalProperties: false
    ZonesEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/Zone'
          type: array
      example:
        data:
          - zoneId: example1-zone-Id
            name: example1.com
            status: pending
          - zoneId: example2-zone-Id
            name: example2.com
            status: active
      additionalProperties: false
    WafGroup:
      required:
        - mode
      type: object
      properties:
        groupId:
          maxLength: 100
          type: string
          example: 372e67954025e0ba6aaa6d586b9e0b60
        action:
          type: string
          description: The action to apply to WAF group
          example: block
          enum:
            - block
            - challenge
            - monitor
            - default
        mode:
          type: string
          description: Mode of the waf rule - on vs off
          example: 'on'
          enum:
            - 'on'
            - 'off'
        description:
          type: string
          description: Description of the WAF Group.
          pattern: ^.*$
          example: Test WAF Group to protect against SQL injection
      example:
        groupId: 372abe67954025e0ba6aaa6d586b9e0b
        zoneId: example1-zone-Id
        action: monitor
        mode: true
        description: SQL injection protection
      additionalProperties: false
    WafGroupsEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/WafGroup'
          type: array
    WafGroupEnvelope:
      type: object
      properties:
        data:
          $ref: '#/components/schemas/WafGroup'
    WafRule:
      required:
        - action
      type: object
      properties:
        ruleId:
          type: string
          pattern: ^.*$
          example: 892e67954025e0ba6atefd586b9e58b3
        groupId:
          maxLength: 100
          type: string
          example: 372e67954025e0ba6aaa6d586b9e0b60
        action:
          type: string
          description: The action to apply to WAF rule
          example: block
          enum:
            - block
            - challenge
            - monitor
            - disable
            - default
        defaultAction:
          type: string
          description: The action to apply to WAF rule
          example: block
          enum:
            - block
            - challenge
            - monitor
            - disable
        description:
          type: string
          description: Description of the WAF Group.
          pattern: ^.*$
          example: Test WAF Rule to protect against SQL injection
      example:
        ruleId: 892e67954025e0ba6atefd586b9e58b3
        groupId: 372abe67954025e0ba6aaa6d586b9e0b
        action: monitor
        defaultAction: challenge
        description: SQL injection protection
      additionalProperties: false
    WafRulesEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/WafRule'
          type: array
      example:
        data:
          - ruleId: 892e67954025e0ba6atefd586b9e58b3
            groupId: 372abe67954025e0ba6aaa6d586b9e0b
            action: monitor
            defaultAction: challenge
            description: SQL injection protection
      additionalProperties: false
    WafRuleEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/WafRule'
      example:
        data:
          ruleId: 892e67954025e0ba6atefd586b9e58b3
          groupId: 372abe67954025e0ba6aaa6d586b9e0b
          action: monitor
          defaultAction: challenge
          description: SQL injection protection
      additionalProperties: false
    SpeedSetting:
      type: object
      properties:
        brotliCompression:
          type: string
          description: Brotli compression setting of a zone.
          default: 'off'
          example: 'off'
          enum:
            - 'on'
            - 'off'
        http2Prioritization:
          type: string
          description: Http2 prioritization setting for a zone.
          default: 'off'
          example: 'off'
          enum:
            - 'on'
            - 'off'
        webp:
          type: string
          description: Support for the WebP image format when using image modification for a zone. The WebP image format can be used with supported clients for added performance benefits. Setting this property to `on` will return an error when the `polish` property is set to `off`.
          default: 'off'
          example: 'off'
          enum:
            - 'on'
            - 'off'
        polish:
          type: string
          description: The level of polish (image quality) used for image modification. The value `lossless` corresponds to **Polish Level Basic** in the UI, and the value `lossy` corresponds to **Polish Level Basic+JPEG.** To disable image modification, set this property to `off`. Setting this property to `off` will prevent you from setting the `webp` property to `on`.
          default: 'off'
          example: 'off'
          enum:
            - 'off'
            - lossless
            - lossy
        earlyHints:
          type: string
          description: Early Hints for a zone.
          default: 'off'
          example: 'off'
          enum:
            - 'on'
            - 'off'
        http3:
          type: string
          description: Http3 for a zone.
          default: 'off'
          example: 'off'
          enum:
            - 'on'
            - 'off'
        http2ToOrigin:
          type: string
          description: Http2 to Origin for a zone.
          default: 'off'
          example: 'off'
          enum:
            - 'on'
            - 'off'
      example:
        brotliCompression: 'off'
      additionalProperties: false
    SpeedSettingsEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/SpeedSetting'
    SecuritySetting:
      required:
        - alwaysUseHttps
      type: object
      properties:
        hsts:
          type: object
          properties:
            enabled:
              type: boolean
              description: Enable strict transport security.
              example: true
            includeSubdomains:
              type: boolean
              description: Include all subdomains for strict transport security.
              example: true
            maxAge:
              type: number
              description: Max age in seconds of the strict transport security.
              example: 31536000
            preload:
              type: boolean
              description: Preload any URLs that are included in the response headers.
              example: false
          description: The security header for a zone.
          example:
            enabled: true
            includeSubdomains: true
            maxAge: 31536000
            preload: false
          additionalProperties: false
        securityLevel:
          type: string
          description: Security profile for your zone, which will automatically adjust each of the security settings.
          enum:
            - 'off'
            - essentially_off
            - low
            - medium
            - high
            - under_attack
          example: medium
        tls13Enabled:
          type: boolean
          description: Enable Crypto TLS 1.3 feature for this zone.
          example: true
        wafEnabled:
          type: boolean
          description: Enable WAF (OWASP) protection for this zone. Not applicable for zones using WAFv2.
          example: true
        alwaysUseHttps:
          type: boolean
          description: Redirect all http requests to https.
          example: true
      example:
        hsts:
          enabled: true
          includeSubdomains: true
          maxAge: 31536000
          preload: false
        securityLevel: medium
        tls13Enabled: true
        wafEnabled: true
        alwaysUseHttps: true
      additionalProperties: false
    SecuritySettingsEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/SecuritySetting'
      example:
        data:
          hsts:
            enabled: true
            includeSubdomains: true
            maxAge: 31536000
            preload: false
          securityLevel: medium
          tls13Enabled: true
          wafEnabled: true
          alwaysUseHttps: true
      additionalProperties: false
    CachePurgeRequest:
      type: object
      properties:
        path:
          type: string
          description: Path for clearing the cache. Allowed paths follow the format "<hostname>/dw/shop/*/products", "<hostname>/dw/image/v2/{realm}_{instance}/*", "<hostname>/worker.js", "<hostname>/mobify*" or "<hostname>/callback*". Regular expressions and wildcards are not supported in the path.
          pattern: ^.*$
          example: www.sfcc-ecdn-test5.net/dw/shop/v21_9/products
        tags:
          type: array
          description: List of cache tags to purge. When specified, all cached content associated with these tags will be purged.
          items:
            type: string
            pattern: ^.*$
            example: product-123
          example:
            - product-123
            - category-456
      description: Request for doing a cache purge
      example:
        path: www.sfcc-ecdn-test5.net/dw/shop/v21_9/products
        tags:
          - product-123
          - category-456
      additionalProperties: false
    CachePurgeResponse:
      type: object
      required:
        - cachePurged
        - details
      properties:
        cachePurged:
          type: boolean
          description: The name of the list.
          example: false
        details:
          type: string
          description: Details of errors if any.
          pattern: ^.*$
          example: '1084 : Unable to purge ''<url>''.'
      description: Response from a cache purge request
      example:
        cachePurged: false
        details: '1084 : Unable to purge ''<url>''.'
      additionalProperties: false
    CachePurgeResponseEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/CachePurgeResponse'
      example:
        data:
          cachePurged: false
          details: '1084 : Unable to purge ''<url>''.'
      additionalProperties: false
    OCAPICachingToggleRequest:
      type: object
      required:
        - enableOCAPICachingPageRule
      properties:
        enableOCAPICachingPageRule:
          type: boolean
          description: True to enable API Caching Page rule, false to disable.
          example: true
      description: Request to enable or disable API Caching Page rule
    DCVDelegationRecord:
      description: eCDN automatic renewal certificate DCV delegation records.
      type: object
      properties:
        dcvCname:
          description: DNS CNAME for Domain Control Validation.
          type: string
          pattern: ^.*$
          example: _acme-challenge.example.com
        dcvCnameValue:
          description: DNS CNAME value for Domain Control Validation.
          type: string
          pattern: ^.*$
          example: abc123def456ghi789.acme-validation.com
      example:
        dcvCname: _acme-challenge.example.com
        dcvCnameValue: abc123def456ghi789.acme-validation.com
      additionalProperties: false
    Certificate:
      required:
        - certificateId
        - certificateType
        - status
      type: object
      properties:
        certificateId:
          type: string
          description: Id generated by CDN provider for the certificate.
          pattern: ^.*$
          example: f90712123fb02287348dd34c0a282bb9
        hosts:
          items:
            type: string
            pattern: ^.*$
            example: example.com
          type: array
          description: List of hosts the certificate applies to.
          example:
            - example.com
            - www.example.com
        expiresOn:
          type: string
          description: Date of expiration for the certificate.
          format: date-time
          example: '2025-12-31T23:59:59Z'
        uploadedOn:
          type: string
          description: Date the certificate was uploaded.
          format: date-time
          example: '2024-01-01T00:00:00Z'
        issuer:
          type: string
          description: The certificate authority that issued the certificate.
          pattern: ^.*$
          example: Let's Encrypt Authority X3
        signature:
          type: string
          description: The type of hash used for the certificate.
          pattern: ^.*$
          example: SHA256
        status:
          type: string
          description: Current status of the certificate.
          enum:
            - ACTIVE
            - EXPIRED
            - DELETED
            - PENDING
            - INITIALIZING
            - PENDING_VALIDATION
            - PENDING_ISSUANCE
            - PENDING_DEPLOYMENT
            - PENDING_DELETION
            - VALIDATION_TIMED_OUT
            - DEPLOYMENT_TIMED_OUT
            - DELETION_TIMED_OUT
            - INITIALIZING_TIMED_OUT
            - PENDING_EXPIRATION
            - ISSUANCE_TIMED_OUT
          example: ACTIVE
        minTlsVersion:
          type: string
          description: Minimum TLS Version only allows HTTPS connections from visitors that support the selected TLS protocol version or newer.
          pattern: ^.*$
          example: '1.2'
        certificateType:
          type: string
          description: Indicates certificate is custom cert uploaded by customer or automatic renewal certificate by eCDN.
          enum:
            - custom
            - automatic
            - custom_legacy
          example: custom
        certificateAuthority:
          type: string
          description: Indicates certificate issuer for automatic renewal certificate by eCDN.
          enum:
            - google
            - lets_encrypt
            - digicert
          example: lets_encrypt
        certificateValidation:
          type: string
          description: Indicates certificate validation type for automatic renewal certificate by eCDN.
          enum:
            - http
            - txt
          example: http
        certificateVerificationTXTName:
          type: string
          description: eCDN automatic renewal certificate verification txt name.
          pattern: ^.*$
          example: _acme-challenge.example.com
        certificateVerificationTXTValue:
          type: string
          description: eCDN automatic renewal certificate verification txt value.
          pattern: ^.*$
          example: abc123def456ghi789
        certificateVerificationStatus:
          type: string
          description: Current status of certificate verification.
          enum:
            - ACTIVE
            - EXPIRED
            - PENDING
            - INITIALIZING
            - PENDING_VALIDATION
            - PENDING_ISSUANCE
            - PENDING_DEPLOYMENT
          example: ACTIVE
        wildcardHostname:
          type: boolean
          description: Set to true for a wildcard custom hostname.
          example: false
        wildcardCertificateVerificationTXTName:
          type: string
          description: eCDN automatic renewal certificate verification txt name.
          pattern: ^.*$
          example: _acme-challenge.wildcard.example.com
        wildcardCertificateVerificationTXTValue:
          type: string
          description: eCDN automatic renewal certificate verification txt value.
          pattern: ^.*$
          example: wildcard_abc123def456
        wildcardCertificateVerificationStatus:
          type: string
          description: Current status of certificate verification.
          enum:
            - ACTIVE
            - EXPIRED
            - PENDING
            - INITIALIZING
            - PENDING_VALIDATION
            - PENDING_ISSUANCE
            - PENDING_DEPLOYMENT
          example: ACTIVE
        customHostnameVerificationTXTName:
          type: string
          description: Custom Hostname verification txt name.
          pattern: ^.*$
          example: _acme-challenge.custom.example.com
        customHostnameVerificationTXTValue:
          type: string
          description: Custom Hostname verification txt value.
          pattern: ^.*$
          example: custom_abc123def456
        customHostnameId:
          type: string
          description: Custom hostname associated with the zone
          pattern: ^.*$
          example: f90712123fb02287348dd34c0a282bb9
        customHostname:
          type: string
          description: Custom hostname associated with the zone
          pattern: ^.*$
          example: custom.example.com
        customHostnameStatus:
          type: string
          description: Current status of custom hostname validation.
          enum:
            - ACTIVE
            - EXPIRED
            - DELETED
            - PENDING
            - INITIALIZING
            - PENDING_VALIDATION
            - PENDING_ISSUANCE
            - PENDING_DEPLOYMENT
            - PENDING_DELETION
            - MOVED
          example: ACTIVE
        dcvDelegationRecords:
          description: eCDN automatic renewal certificate DCV delegation records
          items:
            $ref: '#/components/schemas/DCVDelegationRecord'
          type: array
      description: The certificate information
      example:
        certificateId: f90712123fb02287348dd34c0a282bb9
        hosts:
          - example.com
          - www.example.com
        expiresOn: '2025-12-31T23:59:59Z'
        uploadedOn: '2024-01-01T00:00:00Z'
        issuer: Let's Encrypt Authority X3
        signature: SHA256
        status: ACTIVE
        minTlsVersion: '1.2'
        certificateType: custom
        certificateAuthority: lets_encrypt
        certificateValidation: http
        certificateVerificationTXTName: _acme-challenge.example.com
        certificateVerificationTXTValue: abc123def456ghi789
        certificateVerificationStatus: ACTIVE
        wildcardHostname: false
        wildcardCertificateVerificationTXTName: _acme-challenge.wildcard.example.com
        wildcardCertificateVerificationTXTValue: wildcard_abc123def456
        wildcardCertificateVerificationStatus: ACTIVE
        customHostnameVerificationTXTName: _acme-challenge.custom.example.com
        customHostnameVerificationTXTValue: custom_abc123def456
        customHostnameId: f90712123fb02287348dd34c0a282bb9
        customHostname: custom.example.com
        customHostnameStatus: ACTIVE
        dcvDelegationRecords: []
      additionalProperties: false
    CertificatesEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/Certificate'
          type: array
      example:
        data:
          - certificateId: f90712123fb02287348dd34c0a282bb9
            hosts:
              - example.com
              - www.example.com
            expiresOn: '2025-12-31T23:59:59Z'
            uploadedOn: '2024-01-01T00:00:00Z'
            issuer: Let's Encrypt Authority X3
            signature: SHA256
            status: ACTIVE
            minTlsVersion: '1.2'
            certificateType: custom
            certificateAuthority: lets_encrypt
            certificateValidation: http
            certificateVerificationTXTName: _acme-challenge.example.com
            certificateVerificationTXTValue: abc123def456ghi789
            certificateVerificationStatus: ACTIVE
            wildcardHostname: false
            wildcardCertificateVerificationTXTName: _acme-challenge.wildcard.example.com
            wildcardCertificateVerificationTXTValue: wildcard_abc123def456
            wildcardCertificateVerificationStatus: ACTIVE
            customHostnameVerificationTXTName: _acme-challenge.custom.example.com
            customHostnameVerificationTXTValue: custom_abc123def456
            customHostnameId: f90712123fb02287348dd34c0a282bb9
            customHostname: custom.example.com
            customHostnameStatus: ACTIVE
            dcvDelegationRecords: []
      additionalProperties: false
    CertificateRequest:
      required:
        - hostname
      type: object
      properties:
        hostname:
          type: string
          description: Hostname that certificate needs to be applied to.
          pattern: ^.*$
          example: example.com
        bundleMethod:
          type: string
          description: Bundle method of the custom certificate chain for verification.
          pattern: ^.*$
          example: ubiquitous
        certificateType:
          type: string
          description: Indicates certificate is custom or automatic certificate renewal by eCDN. Optional field, if nothing specified the default value is custom. Valid values are custom or automatic.
          pattern: ^.*$
          example: custom
        certificate:
          type: string
          description: Public key of the custom certificate. Required if the certificateType value is custom.
          pattern: ^.*$
          example: |-
            -----BEGIN CERTIFICATE-----
            MIIDtTCCAp2gAwIBAgIJAMHAwfXZ5PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
            BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
            aWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF
            MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
            ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
            CgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1
            CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB
            KwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5
            0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI
            dZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2
            izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4
            9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI
            GKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV
            BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF
            MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2
            2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP
            Mlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG
            SvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq
            2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw
            YbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=
            -----END CERTIFICATE-----
        privateKey:
          type: string
          description: Private key associated with the custom certificate. Required if the `certificateType` value is custom.
          pattern: ^.*$
          example: |-
            -----BEGIN RSA PRIVATE KEY-----
            MIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG
            dtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn
            abIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid
            tnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py
            FxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE
            ewooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb
            HBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/
            axiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb
            +ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g
            +j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv
            KLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7
            9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo
            /WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu
            iacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9
            N2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe
            VAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB
            vULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U
            lySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR
            9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7
            mEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX
            dFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe
            PG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS
            fhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W
            qu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T
            lv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi
            -----END RSA PRIVATE KEY-----
        certificateAuthority:
          type: string
          description: Certificate authority only for automatic certificate renewal by eCDN. Required if the `certificateType` value is automatic. Valid values are `google` or `lets_encrypt`.
          pattern: ^.*$
          example: lets_encrypt
        certificateValidation:
          type: string
          description: Certificate validation type is optional only for `certificateType` automatic, default value is `http`. Valid values are `http` or `txt`.
          pattern: ^.*$
          example: http
        wildcardHostname:
          type: boolean
          description: Set to true for a wildcard custom hostname.
          example: false
      description: Certificate request information
      example:
        hostname: example.com
        bundleMethod: ubiquitous
        certificateType: custom
        certificate: |-
          -----BEGIN CERTIFICATE-----
          MIIDtTCCAp2gAwIBAgIJAMHAwfXZ5PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
          BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
          aWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF
          MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
          ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
          CgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1
          CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB
          KwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5
          0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI
          dZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2
          izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4
          9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI
          GKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV
          BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF
          MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2
          2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP
          Mlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG
          SvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq
          2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw
          YbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=
          -----END CERTIFICATE-----
        privateKey: |-
          -----BEGIN RSA PRIVATE KEY-----
          MIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG
          dtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn
          abIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid
          tnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py
          FxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE
          ewooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb
          HBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/
          axiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb
          +ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g
          +j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv
          KLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7
          9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo
          /WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu
          iacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9
          N2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe
          VAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB
          vULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U
          lySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR
          9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7
          mEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX
          dFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe
          PG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS
          fhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W
          qu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T
          lv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi
          -----END RSA PRIVATE KEY-----
        certificateAuthority: lets_encrypt
        certificateValidation: http
        wildcardHostname: false
      additionalProperties: false
    CertificateEnvelope:
      required:
        - data
      type: object
      properties:
        data:
          $ref: '#/components/schemas/Certificate'
      example:
        data:
          certificateId: f90712123fb02287348dd34c0a282bb9
          hosts:
            - example.com
            - www.example.com
          expiresOn: '2025-12-31T23:59:59Z'
          uploadedOn: '2024-01-01T00:00:00Z'
          issuer: Let's Encrypt Authority X3
          signature: SHA256
          status: ACTIVE
          minTlsVersion: '1.2'
          certificateType: custom
          certificateAuthority: lets_encrypt
          certificateValidation: http
          certificateVerificationTXTName: _acme-challenge.example.com
          certificateVerificationTXTValue: abc123def456ghi789
          certificateVerificationStatus: ACTIVE
          wildcardHostname: false
          wildcardCertificateVerificationTXTName: _acme-challenge.wildcard.example.com
          wildcardCertificateVerificationTXTValue: wildcard_abc123def456
          wildcardCertificateVerificationStatus: ACTIVE
          customHostnameVerificationTXTName: _acme-challenge.custom.example.com
          customHostnameVerificationTXTValue: custom_abc123def456
          customHostnameId: f90712123fb02287348dd34c0a282bb9
          customHostname: custom.example.com
          customHostnameStatus: ACTIVE
          dcvDelegationRecords: []
      additionalProperties: false
    CustomHostnameValidationResponse:
      required:
        - customHostname
        - customHostnameId
        - customHostnameStatus
        - customHostnameVerificationTXTName
        - customHostnameVerificationTXTValue
      type: object
      properties:
        customHostnameId:
          type: string
          description: Identifier generated by the CDN provider for the custom hostname.
          pattern: ^.*$
          example: a439eb1f-5e71-4544-bb29-54d18ax62277
        customHostname:
          type: string
          description: Name of the custom hostname
          pattern: ^.*$
          example: test.example.com
        customHostnameVerificationTXTName:
          type: string
          description: Custom hostname verification txt name.
          pattern: ^.*$
          example: _acme-challenge.test.example.com
        customHostnameVerificationTXTValue:
          type: string
          description: Custom hostname verification txt value.
          pattern: ^.*$
          example: DBCtxdyQSyo9eXxys-uGVCwPFHLsc8_lu11QetQz4IA
        customHostnameStatus:
          type: string
          description: Current status of the custom hostname.
          example: ACTIVE
          enum:
            - PENDING
            - ACTIVE
            - MOVED
            - DELETED
      description: Custom hostname validation information.
      example:
        customHostnameId: a439eb1f-5e71-4544-bb29-54d18ax62277
        customHostname: test.example.com
        customHostnameVerificationTXTName: _acme-challenge.test.example.com
        customHostnameVerificationTXTValue: DBCtxdyQSyo9eXxys-uGVCwPFHLsc8_lu11QetQz4IA
        customHostnameStatus: ACTIVE
      additionalProperties: false
    CustomHostnameValidationEnvelope:
      type: object
      properties:
        data:
          $ref: '#/components/schemas/CustomHostnameValidationResponse'
      required:
        - data
      example:
        data:
          customHostnameId: a439eb1f-5e71-4544-bb29-54d18ax62277
          customHostname: test.example.com
          customHostnameVerificationTXTName: _acme-challenge.test.example.com
          customHostnameVerificationTXTValue: DBCtxdyQSyo9eXxys-uGVCwPFHLsc8_lu11QetQz4IA
          customHostnameStatus: ACTIVE
      additionalProperties: false
    MRTRules:
      required:
        - enabled
        - expression
        - id
        - lastUpdated
        - mrtHostname
        - ref
      type: object
      properties:
        id:
          type: string
          description: The ID of the rule.
          pattern: ^.*$
          example: 12345678901234asdfasfasdf
        expression:
          type: string
          description: The expression that determines the rule's routing behavior.
          pattern: ^.*$
          example: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path1/.*" or http.request.uri.path matches "^.*/path2/.*/products/.*"))
        description:
          type: string
          description: The description of the rule.
          pattern: ^.*$
          example: Phased rollout rule for dev-customer.salesforce.com
        lastUpdated:
          type: string
          description: Date when the rule was last updated.
          format: date-time
          example: '2022-01-01T05:20:00Z'
        ref:
          type: string
          description: The ref of the rule.
          pattern: ^.*$
          example: 12345678901234asdfasfasdf1234567
        enabled:
          type: boolean
          description: Whether or not the rule is enabled.
          example: true
        mrtHostname:
          type: string
          description: Managed runtime hostname this rule targets.
          pattern: ^.*$
          example: customer-pwa-hybrid.mobify-storefront.com
      description: A rule in an MRT ruleset.
      example:
        id: 12345678901234asdfasfasdf
        expression: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path1/.*" or http.request.uri.path matches "^.*/path2/.*/products/.*"))
        description: Phased rollout rule for dev-customer.salesforce.com
        lastUpdated: '2022-01-01T05:20:00Z'
        ref: 12345678901234asdfasfasdf1234567
        enabled: true
        mrtHostname: customer-pwa-hybrid.mobify-storefront.com
      additionalProperties: false
    MRTRuleset:
      required:
        - id
        - lastUpdated
        - name
        - rules
      type: object
      properties:
        id:
          type: string
          description: The ID of the ruleset.
          pattern: ^.*$
          example: 12345678901234asdfasfasdf
        name:
          type: string
          description: The name of the ruleset.
          pattern: ^.*$
          example: MRT Rules
        lastUpdated:
          type: string
          description: Date when the ruleset was last updated.
          format: date-time
          example: '2022-01-01T05:20:00Z'
        rules:
          items:
            $ref: '#/components/schemas/MRTRules'
          type: array
          description: The rules defined by the ruleset.
      description: An MRT ruleset. Defines a list of MRT rules that will route certain storefront requests to the managed runtime instance.
      example:
        id: 12345678901234asdfasfasdf
        name: MRT Rules
        lastUpdated: '2022-01-01T05:20:00Z'
        rules: []
      additionalProperties: false
    MRTRulesResponse:
      required:
        - ruleset
      type: object
      properties:
        ruleset:
          $ref: '#/components/schemas/MRTRuleset'
      description: Response for MRT rules. MRT rules are a way to route certain storefront requests to the managed runtime instance.
      example:
        ruleset:
          id: 12345678901234asdfasfasdf
          name: MRT Rules
          lastUpdated: '2022-01-01T05:20:00Z'
          rules: []
      additionalProperties: false
    MRTRulesResponseEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/MRTRulesResponse'
      example:
        data:
          ruleset:
            id: 12345678901234asdfasfasdf
            name: MRT Rules
            lastUpdated: '2022-01-01T05:20:00Z'
            rules: []
      additionalProperties: false
    MRTRulesPostRequest:
      required:
        - expressions
        - mrtHostname
      type: object
      properties:
        mrtHostname:
          type: string
          description: The customer's MRT instance hostname.
          pattern: ^.*$
          example: customer-react-project-production.mobify-storefront.com
        expressions:
          items:
            type: string
            pattern: ^.*$
            example: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path1/.*" or http.request.uri.path matches "^.*/path2/.*/products/.*"))
          type: array
          description: An array containing the expressions for each MRT rule.
          example:
            - (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path1/.*" or http.request.uri.path matches "^.*/path2/.*/products/.*"))
        descriptions:
          items:
            type: string
            pattern: ^.*$
            example: Phased rollout rule for dev-customer.salesforce.com
          type: array
          description: An array containing the descriptions for each MRT rule. The number of descriptions provided must match the number of expressions provided. Optional.
          example:
            - Phased rollout rule for dev-customer.salesforce.com
      description: POST request for creating MRT rules. MRT rules are a way to route certain storefront requests to the managed runtime instance.
      example:
        mrtHostname: customer-react-project-production.mobify-storefront.com
        expressions:
          - (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path1/.*" or http.request.uri.path matches "^.*/path2/.*/products/.*"))
        descriptions:
          - Phased rollout rule for dev-customer.salesforce.com
      additionalProperties: false
    MRTRulesetPatchRequest:
      required:
        - mrtHostname
      type: object
      properties:
        oldMrtHostname:
          type: string
          description: The customer's current MRT instance hostname.
          pattern: ^.*$
          example: customer-react-projec-production.mobify-storefront.com
        mrtHostname:
          type: string
          description: The customer's MRT instance hostname.
          pattern: ^.*$
          example: customer-react-projec-production.mobify-storefront.com
        expressions:
          items:
            type: string
            pattern: ^.*$
            example: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path1/.*" or http.request.uri.path matches "^.*/path2/.*/products/.*"))
          type: array
          description: An array containing the expressions for each MRT rule.
          example:
            - (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path1/.*" or http.request.uri.path matches "^.*/path2/.*/products/.*"))
        descriptions:
          items:
            type: string
            pattern: ^.*$
            example: Phased rollout rule for dev-customer.salesforce.com
          type: array
          description: An array containing the descriptions for each MRT rule. The number of descriptions provided must match the number of expressions provided. Optional.
          example:
            - Phased rollout rule for dev-customer.salesforce.com
      description: PATCH request for updating the MRT environment hostname or adding MRT rules to route to an existing MRT environment.
      example:
        mrtHostname: customer-react-projec-production.mobify-storefront.com
        expressions:
          - (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path1/.*" or http.request.uri.path matches "^.*/path2/.*/products/.*"))
        descriptions:
          - Phased rollout rule for dev-customer.salesforce.com
      additionalProperties: false
    MRTRulePatchRequest:
      type: object
      properties:
        enabled:
          type: boolean
          description: Whether or not the rule is enabled.
          example: true
        expression:
          type: string
          description: The expression that determines the MRT rule's routing behavior.
          pattern: ^.*$
          example: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path1/.*" or http.request.uri.path matches "^.*/path2/.*/products/.*"))
        description:
          type: string
          description: The description of the rule. Optional.
          pattern: ^.*$
          example: Phased rollout rule for dev-customer.salesforce.com
      description: PATCH request for updating an MRT rule. You may use the PATCH request to update the rule's expression and description as well as disable/enable the rule.
      example:
        enabled: true
        expression: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path1/.*" or http.request.uri.path matches "^.*/path2/.*/products/.*"))
        description: Phased rollout rule for dev-customer.salesforce.com
      additionalProperties: false
    LogpushOwnershipPostRequest:
      required:
        - destinationPath
      type: object
      properties:
        destinationPath:
          type: string
          description: Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. You can use the special string {DATE} in the URL path to separate logs into daily subdirectories; for example s3://customer-bucket/logs/{DATE}?region=us-east-1&sse=AES256. The name of the directory will be replaced with the date in YYYYMMDD format (e.g. 20220215) when the logs are stored.
          pattern: ^.*$
          example: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
      description: POST request for creating new Logpush Ownership.
      example:
        destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
      additionalProperties: false
    LogpushOwnershipPostResponse:
      required:
        - data
      type: object
      properties:
        data:
          required:
            - destinationPath
            - fileName
          type: object
          properties:
            destinationPath:
              type: string
              description: Destination where logs will be sent (S3 bucket only).
              pattern: ^.*$
              example: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
            fileName:
              type: string
              description: File path where the ownership challenge file is written.
              pattern: ^.*$
              example: site-name/20230101/ownership-challenge-d12345678.txt
          description: The customer's new Logpush Ownership.
      description: POST response for created new Logpush Ownership.
      example:
        data:
          destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
          fileName: site-name/20230101/ownership-challenge-d12345678.txt
      additionalProperties: false
    LogpushResponse:
      type: object
      properties:
        jobId:
          type: integer
          description: Unique ID of the job.
          example: 123456
        name:
          type: string
          description: Logpush job name; the name cannot be changed after the job is created.
          pattern: ^.*$
          example: my-logpush-job
        logType:
          type: string
          description: Type of logs; available log types are `http_requests`, `firewall_events`, and `page_shield_events`.
          example: http_requests
          enum:
            - http_requests
            - firewall_events
            - page_shield_events
        filter:
          type: string
          description: Filter provides a way to customize which logs you want to receive. Filters are added as escaped JSON strings formatted. If the filter is not displayed, it indicates that all logs should be included.
          pattern: ^.*$
          example: '{"where":{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}}'
        logFields:
          items:
            type: string
            pattern: ^.*$
            example: ClientRequestBytes
          type: array
          description: List of log fields. Depending on the type of log, the list of fields that you would like to see in the logs may vary.
          example:
            - ClientRequestBytes
            - ClientRequestHost
            - ClientRequestMethod
        destinationPath:
          type: string
          description: Uniquely identifies s3 bucket for logs.
          pattern: ^.*$
          example: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
        enabled:
          type: boolean
          description: Flag that indicates if the job is enabled or disabled.
          example: false
        lastComplete:
          type: string
          description: The last time that the log has been successfully transmitted to the destination.
          format: date-time
          example: '2023-01-02T00:00:00Z'
        lastError:
          type: string
          description: The last time the job failed. If empty, the job has either never failed or has run successfully at least once since the last failure.
          format: date-time
          example: '2023-01-01T10:00:00Z'
        errorMessage:
          type: string
          description: Provide details for the last failure message. If this field is empty, it indicates that the job successfully transmitted logs to the destination.
          pattern: ^.*$
          example: No permissions to write to destination bucket
        createdOn:
          type: string
          description: Job creation time.
          format: date-time
          example: '2023-01-01T00:00:27Z'
      description: Logpush job response
      example:
        jobId: 123456
        name: my-logpush-job
        logType: http_requests
        filter: '{"where":{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}}'
        logFields:
          - ClientRequestBytes
          - ClientRequestHost
          - ClientRequestMethod
        destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
        enabled: false
        lastComplete: '2023-01-02T00:00:00Z'
        lastError: '2023-01-01T10:00:00Z'
        errorMessage: No permissions to write to destination bucket
        createdOn: '2023-01-01T00:00:27Z'
      additionalProperties: false
    LogpushJobsEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/LogpushResponse'
          type: array
      example:
        data:
          - jobId: 123456
            name: my-logpush-job
            logType: http_requests
            filter: '{"where":{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}}'
            logFields:
              - ClientRequestBytes
              - ClientRequestHost
              - ClientRequestMethod
            destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
            enabled: false
            lastComplete: '2023-01-02T00:00:00Z'
            lastError: '2023-01-01T10:00:00Z'
            errorMessage: No permissions to write to destination bucket
            createdOn: '2023-01-01T00:00:27Z'
      additionalProperties: false
    LogpushCreateRequest:
      required:
        - destinationPath
        - logFields
        - logType
        - name
      type: object
      properties:
        destinationPath:
          type: string
          description: Uniquely identifies s3 bucket for logs. Additional configuration parameters like region can be included. The string {DATE} in the URL path to separate logs into daily subdirectories; for example `s3://customer-bucket/logs/{DATE}?region=us-east-1&sse=AES256` The name of the directory will be replaced with the date in YYYYMMDD format (e.g. 20220215) when the logs are stored.
          pattern: ^.*$
          example: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
        name:
          type: string
          description: Logpush job name; the name cannot be changed after the job is created.
          pattern: ^.*$
          example: my-logpush-job
        filter:
          type: string
          description: Filter provides a way to customize which logs you want to receive. Filters are added as escaped JSON strings formatted. Default will include all logs.
          pattern: ^.*$
          example: '{"where":{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}}'
        logFields:
          items:
            type: string
            pattern: ^.*$
            example: ClientRequestBytes
          type: array
          description: List of log fields. Depending on the type of log, the list of fields that you would like to see in the logs may vary.
          example:
            - ClientRequestBytes
            - ClientRequestHost
            - ClientRequestMethod
        ownershipChallengeToken:
          type: string
          description: Ownership token to proves the ownership of the destinationPath.
          pattern: ^.*$
          example: abc00000000000000000000
        logType:
          type: string
          description: Type of logs. Available log types are `http_requests`, `firewall_events`, and `page_shield_events`.
          example: http_requests
          enum:
            - http_requests
            - firewall_events
            - page_shield_events
      description: Request for create Logpush job.
      example:
        destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
        name: my-logpush-job
        filter: '{"where":{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}}'
        logFields:
          - ClientRequestBytes
          - ClientRequestHost
          - ClientRequestMethod
        ownershipChallengeToken: abc00000000000000000000
        logType: http_requests
      additionalProperties: false
    LogpushEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/LogpushResponse'
      example:
        data:
          jobId: 123456
          name: my-logpush-job
          logType: http_requests
          filter: '{"where":{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}}'
          logFields:
            - ClientRequestBytes
            - ClientRequestHost
            - ClientRequestMethod
          destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
          enabled: false
          lastComplete: '2023-01-02T00:00:00Z'
          lastError: '2023-01-01T10:00:00Z'
          errorMessage: No permissions to write to destination bucket
          createdOn: '2023-01-01T00:00:27Z'
      additionalProperties: false
    LogpushUpdateRequest:
      type: object
      properties:
        enabled:
          type: boolean
          description: Flag that indicates if the job is enabled or disabled.
          example: true
        filter:
          type: string
          description: Provides customized selection for logs you want to receive. Filters are added as escaped, formatted JSON strings. By default, all logs are included.
          pattern: ^.*$
          example: '{"where":{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}}'
        logFields:
          items:
            type: string
            pattern: ^.*$
            example: ClientRequestBytes
          type: array
          description: List of log fields. Depending on the log type, the list of fields that you can specify to be displayed in the log might vary.
          example:
            - ClientRequestBytes
            - ClientRequestHost
            - ClientRequestMethod
      description: Request for update Logpush job
      example:
        enabled: true
        filter: '{"where":{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}}'
        logFields:
          - ClientRequestBytes
          - ClientRequestHost
          - ClientRequestMethod
      additionalProperties: false
    WAFRulePackage:
      required:
        - action_mode
        - description
        - detection_mode
        - id
        - name
        - sensitivity
        - zone_id
      type: object
      properties:
        id:
          maxLength: 32
          type: string
          example: a25a9a7e9c00afc1fb2e0245519d725b
        name:
          type: string
          description: Name of the firewall package
          pattern: ^.*$
          example: OWASP Top 10 Protection
        description:
          type: string
          description: Summary of purpose/function of firewall package
          pattern: ^.*$
          example: Protection against OWASP Top 10 vulnerabilities
        detection_mode:
          type: string
          description: How the rules within the package are evaluated during the course of a request. When a package uses anomaly detection, each rule is given a score when triggered. If the total score of all triggered rules exceeds the sensitivity defined on the package, the action defined on the package is taken. Traditional detection decides which action to take when it is triggered by the request. If multiple rules are triggered, the action with highest protection is used. For example, a block action beats a challenge.
          pattern: ^.*$
          example: traditional
        zone_id:
          type: string
          description: Zone identifier with which this rule package is associated.
          pattern: ^.*$
          example: zone_1234567890abcdef
        sensitivity:
          type: string
          description: Sensitivity for traditional (owasp) rule package.
          enum:
            - low
            - medium
            - high
            - 'off'
          example: medium
        action_mode:
          type: string
          description: The default action that is taken for rules under traditional(owasp) firewall package.
          enum:
            - simulate
            - challenge
            - block
          example: block
    WAFRulePackageEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/WAFRulePackage'
      example:
        data:
          id: a25a9a7e9c00afc1fb2e0245519d725b
          name: OWASP Top 10 Protection
          description: Protection against OWASP Top 10 vulnerabilities
          detection_mode: traditional
          zone_id: zone_1234567890abcdef
          sensitivity: medium
          action_mode: block
      additionalProperties: false
    WafPackagePatchRequest:
      required:
        - action_mode
        - sensitivity
      type: object
      properties:
        sensitivity:
          type: string
          description: Sensitivity for traditional (owasp) rule package.
          enum:
            - low
            - medium
            - high
            - 'off'
          example: medium
        action_mode:
          type: string
          description: The default action that is taken for rules under traditional(owasp) firewall package.
          enum:
            - simulate
            - challenge
            - block
          example: block
      example:
        sensitivity: medium
        action_mode: block
      additionalProperties: false
    CustomRule:
      required:
        - actions
        - description
        - enabled
        - expression
        - lastUpdated
        - ruleId
      type: object
      properties:
        ruleId:
          type: string
          description: The ID of the custom rule.
          pattern: ^.*$
          example: 2c0fc9fa937b11eaa1b71c4d701ab86e
        description:
          type: string
          description: The description of the custom rule.
          pattern: ^.*$
          example: Block traffic for malformed URL requests.
        expression:
          type: string
          description: The expression that determines the custom rule's behavior.
          pattern: ^.*$
          example: (http.request.uri.path matches \"^/path1/.*\")
        actions:
          items:
            type: string
            pattern: ^.*$
            example: block
          type: array
          description: The action(s) applied by the custom rule.
          example:
            - block
        lastUpdated:
          type: string
          description: Date when the custom rule was last updated.
          format: date-time
          example: '2022-01-01T05:20:00Z'
        enabled:
          type: boolean
          description: Whether or not the custom rule is enabled.
          example: true
      description: A custom rule.
    CustomRulesEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/CustomRule'
          type: array
      example:
        data:
          - ruleId: 2c0fc9fa937b11eaa1b71c4d701ab86e
            description: Block traffic for malformed URL requests.
            expression: (http.request.uri.path matches "^/path1/.*")
            actions:
              - block
            lastUpdated: '2022-01-01T05:20:00Z'
            enabled: true
          - ruleId: ffffe61cf25e4ec49c34b029ff3060f7
            description: Rate limit form traffic
            expression: http.request.uri.path eq "/form"
            actions:
              - block
            lastUpdated: '2022-12-14T21:25:22.329194Z'
            enabled: false
      additionalProperties: false
    RulePosition:
      type: object
      properties:
        before:
          type: string
          description: Insert the current rule before this ruleId.
          pattern: ^.*$
          example: 2c0fc9fa937b11eaa1b71c4d701ab86e
        after:
          type: string
          description: Insert the current rule after this ruleId.
          pattern: ^.*$
          example: 2c0fc9fa937b11eaa1b71c4d701ab86e
      description: Used to specify the position of a rule.
    CustomRulesPostRequest:
      type: object
      required:
        - actions
        - description
        - expression
      properties:
        description:
          type: string
          description: A description of the custom rule.
          pattern: ^.*$
          example: Block traffic for malformed URL requests
        expression:
          type: string
          description: The expression that determines the custom rule's behavior.
          pattern: ^.*$
          example: (http.request.uri.path matches \"^/path1/.*\")
        actions:
          items:
            type: string
            pattern: ^.*$
            example: block
          type: array
          description: The action(s) applied by the custom rule.
          example:
            - block
        enabled:
          type: boolean
          description: Whether or not the custom rule is enabled.
          example: true
        position:
          $ref: '#/components/schemas/RulePosition'
      description: Create a custom rule.
    CustomRuleEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/CustomRule'
      example:
        data:
          ruleId: 2c0fc9fa937b11eaa1b71c4d701ab86e
          description: Block traffic for malformed URL requests.
          expression: (http.request.uri.path matches "^/path1/.*")
          actions:
            - block
          lastUpdated: '2022-01-01T05:20:00Z'
          enabled: true
      additionalProperties: false
    CustomRulesPatchOrderRequest:
      type: object
      required:
        - ruleIds
      properties:
        ruleIds:
          items:
            type: string
            pattern: ^.*$
            example: ffffe61cf25e4ec49c34b029ff3060f7
          type: array
          description: An array of ruleIds representing the new order of custom rules.
          example:
            - ffffe61cf25e4ec49c34b029ff3060f7
            - 2c0fc9fa937b11eaa1b71c4d701ab86e
      description: Update the order of all existing custom rules.
    CustomRulesPatchRequest:
      type: object
      properties:
        description:
          type: string
          description: A description of the custom rule.
          pattern: ^.*$
          example: Block traffic for malformed URL requests
        expression:
          type: string
          description: The expression that determines the custom rule's behavior.
          pattern: ^.*$
          example: (http.request.uri.path matches \"^/path1/.*\")
        actions:
          items:
            type: string
            pattern: ^.*$
            example: block
          type: array
          description: The action(s) applied by the custom rule.
          example:
            - block
        enabled:
          type: boolean
          description: Whether or not the custom rule is enabled.
          example: true
        position:
          $ref: '#/components/schemas/RulePosition'
      description: Update a custom rule.
    RateLimitingRule:
      required:
        - action
        - characteristics
        - description
        - enabled
        - expression
        - lastUpdated
        - period
        - requestsPerPeriod
        - ruleId
        - mitigationTimeout
      type: object
      properties:
        ruleId:
          type: string
          description: The ID of the rate limiting rule.
          pattern: ^.*$
          example: 2c0fc9fa937b11eaa1b71c4d701ab86e
        description:
          type: string
          description: The description of the rate limiting rule.
          pattern: ^.*$
          example: Rate limit /path1.
        expression:
          type: string
          description: The expression that defines when to evaluate the rate limiting rule.
          pattern: ^.*$
          example: (http.request.uri.path matches "^/path1/.*")
        characteristics:
          items:
            type: string
            pattern: ^.*$
            example: cf.unique_visitor_id
          type: array
          description: Set of parameters defining how to group requests when tracking the request rate.
          example:
            - cf.unique_visitor_id
        action:
          type: string
          description: The action applied by the rate limiting rule. Valid actions are "block", "managed_challenge", "js_challenge", "legacy_captcha", and "log".
          pattern: ^.*$
          example: block
        period:
          type: integer
          description: The period of time to consider when evaluating the request rate (in seconds). Valid values are 10, 60, 120, 300, and 600.
          example: 60
        requestsPerPeriod:
          type: integer
          description: The limit for the number of requests in the specified period of time.
          example: 50
        mitigationTimeout:
          type: integer
          description: After the rate is reached, the rate limiting rule applies the rule action to further requests for the period of time defined in this field (in seconds). When set to 0, the rule throttles requests over the maximum configured rate. When greater than 0, the action is presented for the selected duration after the configured rate is exceeded. Valid values are 0, 60, 120, 300, 600, 3600, and 86400.
          example: 600
        countingExpression:
          type: string
          description: The expression that defines what kind of requests we want to rate limit.
          pattern: ^.*$
          example: (http.request.uri.path matches "^/path1/.*" and http.response.code eq 400)
        lastUpdated:
          type: string
          description: Date when the rate limiting rule was last updated.
          format: date-time
          example: '2022-01-01T05:20:00Z'
        enabled:
          type: boolean
          description: Whether or not the rate limiting rule is enabled.
          example: true
      description: A rate limiting rule.
    RateLimitingRulesEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/RateLimitingRule'
          type: array
    RateLimitingRulesPostRequest:
      required:
        - action
        - characteristics
        - description
        - expression
        - period
        - requestsPerPeriod
        - mitigationTimeout
      type: object
      properties:
        description:
          type: string
          description: The description of the rate limiting rule.
          pattern: ^.*$
          example: Rate limit /path1.
        expression:
          type: string
          description: The expression that defines when to evaluate the rate limiting rule.
          pattern: ^.*$
          example: (http.request.uri.path matches "^/path1/.*")
        characteristics:
          items:
            type: string
            pattern: ^.*$
            example: cf.unique_visitor_id
          type: array
          description: Set of parameters defining how to group requests when tracking the request rate.
          example:
            - cf.unique_visitor_id
        action:
          type: string
          description: The action applied by the rate limiting rule. Valid actions are "block", "managed_challenge", "js_challenge", "legacy_captcha", and "log".
          pattern: ^.*$
          example: block
        period:
          type: integer
          description: The period of time to consider when evaluating the request rate (in seconds). Valid values are 10, 60, 120, 300, and 600.
          example: 60
        requestsPerPeriod:
          type: integer
          description: The limit for the number of requests in the specified period of time.
          example: 50
        mitigationTimeout:
          type: integer
          description: After the rate is reached, the rate limiting rule applies the rule action to further requests for the period of time defined in this field (in seconds). When set to 0, the rule throttles requests over the maximum configured rate. When greater than 0, the action is presented for the selected duration after the configured rate is exceeded. Valid values are 0, 60, 120, 300, 600, 3600, and 86400.
          example: 600
        countingExpression:
          type: string
          description: The expression that defines what kind of requests we want to rate limit.
          pattern: ^.*$
          example: (http.request.uri.path matches "^/path1/.*" and http.response.code eq 400)
        enabled:
          type: boolean
          description: Whether or not the rate limiting rule is enabled.
          example: true
        position:
          $ref: '#/components/schemas/RulePosition'
      description: Create a rate limiting rule.
    RateLimitingRuleEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/RateLimitingRule'
    RateLimitingRulesPatchRequest:
      type: object
      properties:
        description:
          type: string
          description: The description of the rate limiting rule.
          pattern: ^.*$
          example: Rate limit /path1.
        expression:
          type: string
          description: The expression that defines when to evaluate the rate limiting rule.
          pattern: ^.*$
          example: (http.request.uri.path matches "^/path1/.*")
        characteristics:
          items:
            type: string
            pattern: ^.*$
            example: cf.unique_visitor_id
          type: array
          description: Set of parameters defining how to group requests when tracking the request rate.
          example:
            - cf.unique_visitor_id
        action:
          type: string
          description: The action applied by the rate limiting rule. Valid actions are "block", "managed_challenge", "js_challenge", "legacy_captcha", and "log".
          pattern: ^.*$
          example: block
        period:
          type: integer
          description: The period of time to consider when evaluating the request rate (in seconds). Valid values are 10, 60, 120, 300, and 600.
          example: 60
        requestsPerPeriod:
          type: integer
          description: The limit for the number of requests in the specified period of time.
          example: 50
        mitigationTimeout:
          type: integer
          description: After the rate is reached, the rate limiting rule applies the rule action to further requests for the period of time defined in this field (in seconds). When set to 0, the rule throttles requests over the maximum configured rate. When greater than 0, the action is presented for the selected duration after the configured rate is exceeded. Valid values are 0, 60, 120, 300, 600, 3600, and 86400.
          example: 600
        countingExpression:
          type: string
          description: The expression that defines what kind of requests we want to rate limit.
          pattern: ^.*$
          example: (http.request.uri.path matches "^/path1/.*" and http.response.code eq 400)
        enabled:
          type: boolean
          description: Whether or not the rate limiting rule is enabled.
          example: true
        position:
          $ref: '#/components/schemas/RulePosition'
      description: Update a rate limiting rule.
    WAFManagedRuleset:
      required:
        - action
        - enabled
        - name
        - rulesetId
      type: object
      properties:
        name:
          type: string
          description: The name of the WAF managed ruleset.
          pattern: ^.*$
          example: OWASP Core Ruleset
        rulesetId:
          type: string
          description: The ID of the WAF managed ruleset.
          pattern: ^.*$
          example: 4814384a9e5d4991b9815dcfc25d2f1f
        action:
          type: string
          description: The action applied by the WAF managed ruleset.
          pattern: ^.*$
          example: default
        anomalyScore:
          type: string
          description: The anomaly score threshold of the WAF managed ruleset. Only applicable for the OWASP Core Ruleset.
          pattern: ^.*$
          example: low
        anomalyScoreThreshold:
          type: integer
          description: The numerical value of the anomaly score threshold of the WAF managed ruleset. Only applicable for the OWASP Core Ruleset.
          example: 60
        paranoiaLevel:
          type: integer
          description: The paranoia level of the WAF managed ruleset. Higher paranoia levels activate more aggressive rules. Only applicable for the OWASP Core Ruleset.
          example: 1
        enabled:
          type: boolean
          description: Whether or not the WAF managed ruleset is enabled.
          example: true
      description: A WAF managed ruleset.
      example:
        name: OWASP Core Ruleset
        rulesetId: 4814384a9e5d4991b9815dcfc25d2f1f
        action: default
        anomalyScore: low
        anomalyScoreThreshold: 60
        paranoiaLevel: 1
        enabled: true
      additionalProperties: false
    WAFManagedRulesetsEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          type: array
          items:
            $ref: '#/components/schemas/WAFManagedRuleset'
      example:
        data:
          - name: OWASP Core Ruleset
            rulesetId: 4814384a9e5d4991b9815dcfc25d2f1f
            action: default
            anomalyScore: low
            anomalyScoreThreshold: 60
            paranoiaLevel: 1
            enabled: true
      additionalProperties: false
    WAFManagedRulesetRequest:
      type: object
      properties:
        action:
          type: string
          description: The action applied by the WAF managed ruleset.
          pattern: ^.*$
          example: default
        anomalyScore:
          type: string
          description: The anomaly score threshold of the WAF managed ruleset. Only applicable for the OWASP Core Ruleset.
          pattern: ^.*$
          example: low
        paranoiaLevel:
          type: integer
          description: The paranoia level of the WAF managed ruleset. Higher paranoia levels activate more aggressive rules. Only applicable for the OWASP Core Ruleset.
          example: 1
        enabled:
          type: boolean
          description: Whether or not the WAF managed ruleset is enabled.
          example: true
      description: A WAF managed ruleset request body.
      example:
        action: default
        anomalyScore: low
        paranoiaLevel: 1
        enabled: true
      additionalProperties: false
    WAFManagedRulesetEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/WAFManagedRuleset'
      example:
        data:
          name: OWASP Core Ruleset
          rulesetId: 4814384a9e5d4991b9815dcfc25d2f1f
          action: default
          anomalyScore: low
          anomalyScoreThreshold: 60
          paranoiaLevel: 1
          enabled: true
      additionalProperties: false
    WAFManagedRule:
      required:
        - action
        - categories
        - description
        - enabled
        - lastUpdated
        - ruleId
      type: object
      properties:
        ruleId:
          type: string
          description: The ID of the WAF managed rule.
          pattern: ^.*$
          example: 5de7edfa648c4d6891dc3e7f84534ffa
        action:
          type: string
          description: The action applied by the WAF managed rule.
          pattern: ^.*$
          example: block
        score:
          type: integer
          description: The score of the WAF managed rule. Only applicable for the OWASP Managed Ruleset.
          example: 5
        categories:
          items:
            type: string
            pattern: ^.*$
            example: broken-access-control
          type: array
          description: A list of categories describing the function of the WAF managed rule.
          example:
            - broken-access-control
            - wordpress
        description:
          type: string
          description: The description of the WAF managed rule.
          pattern: ^.*$
          example: Wordpress - Broken Access Control
        lastUpdated:
          type: string
          description: Date when the WAF managed rule was last updated.
          format: date-time
          example: '2024-01-01T05:20:00Z'
        enabled:
          type: boolean
          description: Whether or not the WAF managed rule is enabled.
          example: true
      description: A WAF managed rule.
      example:
        ruleId: 5de7edfa648c4d6891dc3e7f84534ffa
        action: block
        score: 5
        categories:
          - broken-access-control
          - wordpress
        description: Wordpress - Broken Access Control
        lastUpdated: '2024-01-01T05:20:00Z'
        enabled: true
      additionalProperties: false
    WAFManagedRulesEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          items:
            $ref: '#/components/schemas/WAFManagedRule'
          type: array
      example:
        data:
          - ruleId: 5de7edfa648c4d6891dc3e7f84534ffa
            action: block
            score: 5
            categories:
              - broken-access-control
              - wordpress
            description: Wordpress - Broken Access Control
            lastUpdated: '2024-01-01T05:20:00Z'
            enabled: true
      additionalProperties: false
    WAFManagedRuleRequest:
      type: object
      properties:
        action:
          type: string
          description: The action applied by the WAF managed rule.
          pattern: ^.*$
          example: block
        enabled:
          type: boolean
          description: Whether or not the WAF managed rule is enabled.
          example: true
      description: A PATCH request for updating a WAF managed rule.
      example:
        action: block
        enabled: true
      additionalProperties: false
    WAFManagedRuleEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/WAFManagedRule'
      example:
        data:
          ruleId: 5de7edfa648c4d6891dc3e7f84534ffa
          action: block
          score: 5
          categories:
            - broken-access-control
            - wordpress
          description: Wordpress - Broken Access Control
          lastUpdated: '2024-01-01T05:20:00Z'
          enabled: true
      additionalProperties: false
    OriginHeaderModification:
      required:
        - headerName
        - headerValue
        - lastUpdated
      type: object
      properties:
        headerName:
          type: string
          description: The name of the header forwarded to the origin.
          pattern: ^.*$
          example: x-sfdc-access-control
        headerValue:
          type: string
          description: The masked value of the header forwarded to the origin.
          pattern: ^.*$
          example: '****************789'
        lastUpdated:
          type: string
          description: Date when the rule was last updated.
          format: date-time
          example: '2022-01-01T05:20:00Z'
      description: An origin header modification rule.
    OriginHeaderModificationEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/OriginHeaderModification'
    OriginHeaderModificationPutRequest:
      required:
        - headerValue
      type: object
      properties:
        headerValue:
          type: string
          description: The value of the header forwarded to the origin.
          pattern: ^.*$
          example: '123456789'
        headerName:
          type: string
          description: The name of the header forwarded to the origin. Cannot be modified for the MRT origin.
          pattern: ^.*$
          example: x-sfdc-access-control
      description: Put request for creating/updating the origin header modification.
    CipherSuitesResponse:
      required:
        - cipherSuiteType
        - ciphers
      type: object
      properties:
        ciphers:
          items:
            type: string
            pattern: ^.*$
            example: ECDHE-ECDSA-AES128-GCM-SHA256
          type: array
          description: List of zone level ciphers in the suite.
          example:
            - ECDHE-ECDSA-AES128-GCM-SHA256
            - ECDHE-RSA-AES128-GCM-SHA256
        cipherSuiteType:
          type: string
          description: Classification of the ciphers in the suite.
          example: Modern
          enum:
            - Compatible
            - Modern
            - Custom
            - Legacy
      description: Cipher suites information.
      example:
        cipherSuiteType: Modern
      additionalProperties: false
    CipherSuitesEnvelope:
      type: object
      required:
        - data
      properties:
        data:
          $ref: '#/components/schemas/CipherSuitesResponse'
      example:
        data:
          cipherSuiteType: Modern
      additionalProperties: false
    CipherSuitesRequest:
      required:
        - cipherSuiteType
      type: object
      properties:
        ciphers:
          items:
            type: string
            pattern: ^.*$
            example: ECDHE-ECDSA-AES128-GCM-SHA256
          type: array
          description: List of zone level ciphers in the suite.
          example:
            - ECDHE-ECDSA-AES128-GCM-SHA256
            - ECDHE-RSA-AES128-GCM-SHA256
        cipherSuiteType:
          type: string
          description: Classification of all ciphers in the suite.
          example: Modern
          enum:
            - Compatible
            - Modern
            - Custom
            - Legacy
      description: Cipher suites information.
      example:
        cipherSuiteType: Modern
      additionalProperties: false
  securitySchemes:
    AmOAuth2:
      type: oauth2
      description: AccountManager OAuth 2.0 bearer token Authentication.
      flows:
        clientCredentials:
          tokenUrl: https://account.demandware.com/dwsso/oauth2/access_token
          scopes:
            sfcc.cdn-zones: CDN API Scope READONLY
            sfcc.cdn-zones.rw: CDN API Scope
        authorizationCode:
          authorizationUrl: https://account.demandware.com/dwsso/oauth2/authorize
          tokenUrl: https://account.demandware.com/dwsso/oauth2/access_token
          scopes:
            sfcc.cdn-zones: CDN API Scope READONLY
            sfcc.cdn-zones.rw: CDN API Scope
  parameters:
    organizationId:
      description: An identifier for the organization the request is being made by
      name: organizationId
      in: path
      required: true
      example: f_ecom_zzxy_prd
      schema:
        $ref: '#/components/schemas/OrganizationId'
    mtlsCertificateId:
      name: mtlsCertificateId
      in: path
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: 465a48f6-3d98-4c15-9312-211984ee8629
    webhookId:
      name: webhookId
      in: path
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: f90712123fb02287348dd34c0a282bb9
    zoneId:
      name: zoneId
      in: path
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: f90712123fb02287348dd34c0a282bb9
    policyId:
      name: policyId
      in: path
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: f90712123fb02287348dd34c0a282bb9
    direction:
      name: direction
      in: query
      description: The direction used to sort returned scripts.
      required: false
      schema:
        type: string
        enum:
          - asc
          - desc
        example: asc
    excludeCdnCgi:
      name: excludeCdnCgi
      in: query
      description: When true, excludes scripts existing in a /cdn-cgi path from the returned scripts. Default is true.
      required: false
      schema:
        type: boolean
        example: true
    excludeDuplicates:
      name: excludeDuplicates
      in: query
      description: When true, excludes duplicate scripts. Default is false.
      required: false
      schema:
        type: boolean
        example: false
    excludeUrls:
      name: excludeUrls
      in: query
      description: Excludes scripts with a URL that contains one of the URL-encoded URLs separated by commas.
      required: false
      schema:
        type: string
        pattern: ^.*$
        example: https://example.com/script1.js,https://example.com/script2.js
    hosts:
      name: hosts
      in: query
      description: Includes scripts that match one or more URL-encoded hostnames separated by commas. Wildcards are supported at the beginning and end of each hostname.
      required: false
      schema:
        type: string
        pattern: ^.*$
        example: '*.example.com,test.example.com'
    orderBy:
      name: orderBy
      in: query
      description: The field used to sort returned scripts.
      required: false
      schema:
        type: string
        enum:
          - first_seen_at
          - last_seen_at
        example: last_seen_at
    pageUrl:
      name: pageUrl
      in: query
      description: Includes scripts that match one or more page URLs (separated by commas) where they were last detected. Wildcards are supported at the beginning and end of each page URL.
      required: false
      schema:
        type: string
        pattern: ^.*$
        example: https://example.com/page1,https://example.com/page2
    prioritizeMalicious:
      name: prioritizeMalicious
      in: query
      description: When true, lists malicious scripts first in the returned scripts.
      required: false
      schema:
        type: boolean
        example: true
    status:
      name: status
      in: query
      description: Filters the returned scripts using a comma-separated list of script statuses. Accepted values are 'active', 'infrequent', and 'inactive'. Default is 'active'.
      required: false
      schema:
        type: string
        pattern: ^.*$
        example: active,infrequent
    urls:
      name: urls
      in: query
      description: Includes scripts with a URL that contains one or more URL-encoded URLs separated by commas.
      required: false
      schema:
        type: string
        pattern: ^.*$
        example: https://example.com/script1.js,https://example.com/script2.js
    scriptId:
      name: scriptId
      in: path
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: f90712123fb02287348dd34c0a282bb9
    groupIdPath:
      name: groupId
      in: path
      description: WAF Group that contains the WAF rules.
      example: f90712123fb02287348dd34c0a282bb9
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: f90712123fb02287348dd34c0a282bb9
    groupIdQuery:
      name: groupId
      in: query
      description: WAF Group that contains the WAF rules.
      example: f90712123fb02287348dd34c0a282bb9
      required: false
      schema:
        type: string
        pattern: ^.*$
        example: f90712123fb02287348dd34c0a282bb9
    ruleId:
      name: ruleId
      in: path
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: ffffe61cf25e4ec49c34b029ff3060f7
    certificateId:
      name: certificateId
      in: path
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: f90712123fb02287348dd34c0a282bb9
    customHostnameId:
      name: customHostnameId
      in: path
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: f90712123fb02287348dd34c0a282bb9
    rulesetId:
      name: rulesetId
      in: path
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: f90712123fb02287348dd34c0a282bb9
    jobId:
      name: jobId
      in: path
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: f90712123fb02287348dd34c0a282bb9
    type:
      name: type
      in: path
      description: The type of origin header modification. Only the `mrt` type is supported.
      required: true
      schema:
        type: string
        pattern: ^.*$
        example: mrt
  examples:
    StorefrontZoneCreateRequestBodyExample:
      value:
        domainName: cc-merchant.com
    StorefrontZoneCreateResponse:
      value:
        data:
          zoneId: 023e105f4ecef8ad9ca31a8372d0c353
          zoneName: stg-zzzz-cc-merchant-com.cc-ecdn.net
          createdOn: '2022-01-01T05:20:00.12345Z'
          status: active
    BadRequest:
      value:
        type: https://api.commercecloud.salesforce.com/documentation/error/v1/errors/bad-request
        title: Bad Request
        detail: Request body contains 1 or more attributes that contains errors.
    Unauthorized:
      value:
        type: https://api.commercecloud.salesforce.com/documentation/error/v1/errors/unauthorized
        title: UnAuthorized Access
        detail: The authorization token passed is no longer valid
    Forbidden:
      value:
        type: https://api.commercecloud.salesforce.com/documentation/error/v1/errors/forbidden-access
        title: Forbidden
        detail: Access to requested resource is forbidden.
    NotFound:
      value:
        type: https://api.commercecloud.salesforce.com/documentation/error/v1/errors/resource-not-found
        title: Not Found
        detail: Requested resource was not found
    InternalServerError:
      value:
        type: https://api.commercecloud.salesforce.com/documentation/error/v1/errors/internal-server
        title: Internal Server Error
        detail: An internal server error occured. Please contact support.
    MtlsCodeUploadGetCertificatesResponse:
      value:
        data:
          - mtlsCertificateId: 465a48f6-3d98-4c15-9312-211984ee8629
            expiresOn: '2022-01-12T04:15:57Z'
            issuer: DigiCert
            signature: SHA256WithRSA
            uploadedOn: '2020-01-12T04:15:57Z'
            ca: true
            serialNumber: '432217133297895665180570788458463042229861757760'
            mtlsCertificateName: mtls_cert_name
            mtlsAssociatedCodeUploadHostname: mtls.cert.salesforce.com
          - mtlsCertificateId: 465a48f6-3d98-4c15-9312-211984ee8630
            expiresOn: '2022-01-12T04:15:57Z'
            issuer: DigiCert
            signature: SHA256WithRSA
            uploadedOn: '2020-01-12T04:15:57Z'
            ca: true
            serialNumber: '432217133297895665180570788458463042229861757761'
            mtlsCertificateName: mtls_cert_name
            mtlsAssociatedCodeUploadHostname: mtls.cert.salesforce.com
    MtlsCodeUploadPostCertificateRequestBodyExample:
      value:
        name: mtls_cert_name
        certificate: |-
          -----BEGIN CERTIFICATE-----
          MIIDtTCCAp2gAwIBAgIJAMHAwfXZ5PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
          BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
          aWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF
          MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
          ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
          CgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1
          CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB
          KwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5
          0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI
          dZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2
          izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4
          9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI
          GKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV
          BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF
          MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2
          2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP
          Mlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG
          SvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq
          2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw
          YbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=
          -----END CERTIFICATE-----
        privateKey: |-
          -----BEGIN RSA PRIVATE KEY-----
          MIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG
          dtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn
          abIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid
          tnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py
          FxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE
          ewooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb
          HBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/
          axiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb
          +ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g
          +j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv
          KLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7
          9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo
          /WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu
          iacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9
          N2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe
          VAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB
          vULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U
          lySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR
          9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7
          mEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX
          dFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe
          PG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS
          fhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W
          qu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T
          lv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi
          -----END RSA PRIVATE KEY-----
    MtlsCodeUploadGetCertificateResponse:
      value:
        data:
          mtlsCertificateId: 465a48f6-3d98-4c15-9312-211984ee8629
          expiresOn: '2022-01-12T04:15:57Z'
          issuer: DigiCert
          signature: SHA256WithRSA
          uploadedOn: '2020-01-12T04:15:57Z'
          ca: true
          serialNumber: '432217133297895665180570788458463042229861757760'
          mtlsCertificateName: mtls_cert_name
          mtlsAssociatedCodeUploadHostname: mtls.cert.salesforce.com
    PageShieldNotificationWebhookListResponse:
      value:
        data:
          - id: webhook_1234567890abcdef
            name: Security Alert Webhook
            webhookUrl: https://example.com/webhook/security
            type: security_alert
            createdAt: '2023-01-01T00:00:00Z'
            lastSuccess: '2023-01-01T12:00:00Z'
            lastFailure: '2023-01-01T18:00:00Z'
            zones:
              - zone_1234567890abcdef
    PageShieldNotificationWebhookRequest:
      value:
        webhookUrl: https://example.com/webhook/security
        secret: webhook_secret_123
        zones:
          - zone_1234567890abcdef
    PageShieldNotificationWebhookResponse:
      value:
        data:
          id: webhook_1234567890abcdef
          name: Security Alert Webhook
          webhookUrl: https://example.com/webhook/security
          type: security_alert
          createdAt: '2023-01-01T00:00:00Z'
          lastSuccess: '2023-01-01T12:00:00Z'
          lastFailure: '2023-01-01T18:00:00Z'
          zones:
            - zone_1234567890abcdef
    PageShieldPoliciesGetResponse:
      value:
        data:
          - action: log
            description: example page shield policy 1
            enabled: true
            expression: (http.request.full_uri contains "/Checkout-Begin" and http.host eq "www.example.com")
            value: script-src salesforce.com *.salesforce.com https://www.example.com/on/demandware.static/Sites-RefArch-Site/-/en_US/v1738096133818/js/checkout.js 'unsafe-inline'
            id: 4805ab87bb867579757a4564ba46ebca
          - action: log
            description: example page shield policy 2
            enabled: true
            expression: ends_with(http.request.uri.path, "/test1")
            value: script-src 'none'
            id: 7650c87c9c2846c296ea4564ba46ebca
    PageShieldPolicyRequestBodyExample:
      value:
        action: log
        description: example page shield policy
        enabled: true
        expression: ends_with(http.request.uri.path, "/test1")
        value: script-src 'none'
    PageShieldPolicyGetResponse:
      value:
        data:
          action: log
          description: example page shield policy
          enabled: true
          expression: ends_with(http.request.uri.path, "/test1")
          value: script-src 'none'
          id: 7650c87c9c2846c296ea4564ba46ebca
    PageShieldPolicyPutRequestBodyExample:
      value:
        action: allow
        enabled: true
    PageShieldPolicyPutResponse:
      value:
        data:
          action: allow
          description: example page shield policy
          enabled: true
          expression: ends_with(http.request.uri.path, "/test1")
          value: script-src 'none'
          id: 7650c87c9c2846c296ea4564ba46ebca
    PageShieldScriptListResponse:
      value:
        data:
          - id: 12345678901234asdfasfasdf
            url: https://sfdc-test.net/on/demandware.static/Sites-SiteNemesis-Site/-/en_US//lib/jquery/ui/jquery-ui.min.js
            host: sfdc-test.net
            addedAt: '2022-01-01T05:20:00Z'
            firstSeenAt: '2022-01-01T05:20:00Z'
            lastSeenAt: '2022-01-01T05:20:00Z'
            fetchedAt: '2022-01-01T05:20:00Z'
            domainReportedMalicious: false
            hash: 1243453456abc
            cryptoMiningScore: 1
            dataflowScore: 1
            jsIntegrityScore: 1
            mageCartScore: 2
            malwareScore: 1
            obfuscationScore: 2
            maliciousDomainCategories:
              - Malware
            maliciousUrlCategories:
              - Malware
            urlContainsCdnCgiPath: false
            urlReportedMalicious: false
            pageUrls:
              - blog.test.salesforce.com/page1
              - blog.test.salesforce.com/page2
            firstPageUrl: blog.test.salesforce.com
            status: active
            versions: []
    PageShieldScriptResponse:
      value:
        data:
          id: 12345678901234asdfasfasdf
          url: https://sfdc-test.net/on/demandware.static/Sites-SiteNemesis-Site/-/en_US//lib/jquery/ui/jquery-ui.min.js
          host: sfdc-test.net
          addedAt: '2022-01-01T05:20:00Z'
          firstSeenAt: '2022-01-01T05:20:00Z'
          lastSeenAt: '2022-01-01T05:20:00Z'
          fetchedAt: '2022-01-01T05:20:00Z'
          domainReportedMalicious: false
          hash: 1243453456abc
          cryptoMiningScore: 1
          dataflowScore: 1
          jsIntegrityScore: 1
          mageCartScore: 2
          malwareScore: 1
          obfuscationScore: 2
          maliciousDomainCategories:
            - Malware
          maliciousUrlCategories:
            - Malware
          urlContainsCdnCgiPath: false
          urlReportedMalicious: false
          pageUrls:
            - blog.test.salesforce.com/page1
            - blog.test.salesforce.com/page2
          firstPageUrl: blog.test.salesforce.com
          status: active
          versions: []
    ZonesGetResponse:
      value:
        data:
          - zoneId: e4288c0a1f80fa5490b598d74c69bde4
            name: sfcc-cdn.net
            status: pending
    WafGroupsGetResponse:
      value:
        data:
          - groupId: f90712123fb02287348dd34c0a282bb9
            mode: 'on'
            description: 'This WAF Group contains a number of rules that have been created to deal with specific attack types. '
          - groupId: da9d75b083345c63f48e6fde5f617a8b
            mode: 'on'
            description: This WAF Group contains rules to deal with known malicious traffic or patch flaws in specific web applications.
    WafGroupPutRequestBodyExample:
      value:
        action: monitor
        mode: 'on'
    WafGroupPutResponse:
      value:
        data:
          groupId: f90712123fb02287348dd34c0a282bb9
          mode: 'on'
          description: 'This WAF Group contains a number of rules that have been created to deal with specific attack types. '
    WafRulesGetResponse:
      value:
        data:
          - ruleId: '100001'
            groupId: f90712123fb02287348dd34c0a282bb9
            action: monitor
            defaultAction: challenge
            description: Anomaly:Header:User-Agent - Missing
          - ruleId: '100002'
            groupId: f90712123fb02287348dd34c0a282bb9
            action: monitor
            defaultAction: challenge
            description: DoS - IE6 Binary POST
          - ruleId: 100002A
            groupId: f90712123fb02287348dd34c0a282bb9
            action: monitor
            defaultAction: challenge
            description: DoS - CtrlFunc Botnet
    WafRuleGetResponse:
      value:
        data:
          ruleId: '100001'
          groupId: f90712123fb02287348dd34c0a282bb9
          action: monitor
          defaultAction: challenge
          description: Anomaly:Header:User-Agent - Missing
    WafRulePutRequestBodyExample:
      value:
        action: monitor
    WafRulePutResponse:
      value:
        data:
          ruleId: '100001'
          groupId: f90712123fb02287348dd34c0a282bb9
          action: monitor
          defaultAction: challenge
          description: 'Anomaly:Header:User-Agent - Missing '
    SpeedSettingsResponse:
      value:
        data:
          brotliCompression: 'off'
          http2Prioritization: 'off'
          webp: 'off'
          polish: 'off'
          earlyHints: 'off'
          http3: 'off'
          http2ToOrigin: 'off'
    SpeedSettingsPatchRequestBodyExample:
      value:
        brotliCompression: 'off'
        http2Prioritization: 'off'
    SecuritySettingsResponse:
      value:
        data:
          hsts:
            enabled: false
            includeSubdomains: false
            maxAge: 200
            preload: false
          securityLevel: medium
          tls13Enabled: false
          alwaysUseHttps: true
    SecuritySettingsUpdateRequestBodyExample:
      value:
        hsts:
          enabled: false
          preload: true
        securityLevel: high
        tls13Enabled: true
        alwaysUseHttps: true
    CachePurgeRequest:
      value:
        path: www.sfcc-ecdn-test5.net/dw/shop/v21_9/products
        tags:
          - product-123
          - category-456
    CachePurgeResponse:
      value:
        data:
          cachePurged: true
          details: Cache purged successfully
    CachingToggleRequest:
      value:
        enableOCAPICachingPageRule: true
    CachingToggleResponse:
      value:
        data:
          enableOCAPICachingPageRule: true
    CertificatesGetResponse1:
      value:
        data:
          - certificateId: 14b72e2c-db8e-40ec-9f89-d80ca431a36e
            status: PENDING_VALIDATION
            minTlsVersion: '1.2'
            certificateType: automatic
            certificateAuthority: google
            certificateValidation: txt
            certificateVerificationTXTName: _acme-challenge.test.example.com
            certificateVerificationTXTValue: DBCtxdyQSyo9eXxys-uGVCwPFHLsc8_lu11QetQz4IA
            certificateVerificationStatus: PENDING
            customHostnameId: 6c8beb36-a679-4eca-a09a-e3d6aca12787
            customHostname: test.example.com
            customHostnameStatus: ACTIVE
          - certificateId: 16b3f671-de15-4ba8-8c02-84ba011b7751
            hosts:
              - shop.example.com
            expiresOn: '2024-05-27T22:58:10Z'
            uploadedOn: '2024-02-27T22:58:11Z'
            issuer: LetsEncrypt
            signature: SHA256WithRSA
            status: ACTIVE
            minTlsVersion: '1.2'
            certificateType: automatic
            certificateAuthority: lets_encrypt
            certificateValidation: http
            customHostnameId: dd625c6d-8553-4d14-abc2-6d747866c8d9
            customHostname: shop.example.com
            customHostnameStatus: ACTIVE
          - certificateId: f135013c-2bf7-4225-b043-84cf35a93e12
            hosts:
              - '*.example.com'
            expiresOn: '2024-04-09T20:36:39Z'
            uploadedOn: '2024-03-19T22:32:41Z'
            issuer: LetsEncrypt
            signature: SHA256WithRSA
            status: ACTIVE
            minTlsVersion: '1.2'
            certificateType: custom
            customHostnameId: 6567aee6-bdbe-4cb1-9f4b-73209c5e867a
            customHostname: www.example.com
            customHostnameStatus: ACTIVE
    CertificatesGetResponse2:
      value:
        data:
          - certificateId: dc95610a-9a20-4e24-b6d6-232df5fc32d1
            hosts:
              - shop.example.com
            expiresOn: '2024-05-14T23:00:45Z'
            uploadedOn: '2024-03-19T21:28:36Z'
            issuer: LetsEncrypt
            signature: SHA256WithRSA
            status: ACTIVE
            certificateType: custom_legacy
          - certificateId: 3a2a71c6-c00f-41c4-86dd-d6dc434851d5
            hosts:
              - www.example.com
            expiresOn: '2024-04-15T17:07:59Z'
            uploadedOn: '2024-03-19T21:28:36Z'
            issuer: LetsEncrypt
            signature: SHA256WithRSA
            status: ACTIVE
            certificateType: custom_legacy
    CertificatePostRequestBodyExample:
      value:
        hostname: www.salesforce.com
        certificate: |-
          -----BEGIN CERTIFICATE-----
          MIIDtTCCAp2gAwIBAgIJAMHAwfXZ5PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
          BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
          aWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF
          MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
          ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
          CgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1
          CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB
          KwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5
          0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI
          dZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2
          izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4
          9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBT/LbE49rWf288N6sJA5BRb6FJI
          GKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV
          BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF
          MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2
          2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP
          Mlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG
          SvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq
          2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw
          YbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=
          -----END CERTIFICATE-----
        privateKey: |-
          -----BEGIN RSA PRIVATE KEY-----
          MIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG
          dtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn
          abIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid
          tnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py
          FxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE
          ewooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb
          HBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/
          axiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb
          +ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g
          +j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv
          KLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7
          9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo
          /WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu
          iacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9
          N2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe
          VAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB
          vULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U
          lySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR
          9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7
          mEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX
          dFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe
          PG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS
          fhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W
          qu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T
          lv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi
          -----END RSA PRIVATE KEY-----
    CertificatePostResponse1:
      value:
        data:
          certificateId: 730a1be4-22d7-11eb-aff1-0242ac120002
          status: ACTIVE
          hosts:
            - salesforce.com
          expiresOn: '2022-01-12T04:15:57Z'
          uploadedOn: '2020-01-12T04:15:57Z'
          issuer: DigiCert
          signature: SHA256WithRSA
          certificateType: custom
          customHostnameVerificationTXTName: _salesforce.com
          customHostnameVerificationTXTValue: 4c9c3f4f-2e91-4c5d-a902-f12f9c285b9e
          customHostnameId: 465a48f6-3d98-4c15-9312-211984ee8629
          customHostname: test.salesforce.com
          customHostnameStatus: ACTIVE
    CertificatePostResponse2:
      value:
        data:
          certificateId: 730a1be4-22d7-11eb-aff1-0242ac120002
          hosts:
            - salesforce.com
          expiresOn: '2022-01-12T04:15:57Z'
          uploadedOn: '2020-01-12T04:15:57Z'
          status: PENDING
          certificateType: automatic
          certificateAuthority: google
          certificateValidation: txt
          certificateVerificationTXTName: _acme-challenge.test.example.com
          certificateVerificationTXTValue: SH5Yet8S5dBwPXcRcCjXdf9FXMBVnQjihQ8oN8LoMv0
          certificateVerificationStatus: PENDING
          customHostnameVerificationTXTName: _salesforce.com
          customHostnameVerificationTXTValue: 4c9c3f4f-2e91-4c5d-a902-f12f9c285b9e
          customHostnameId: 465a48f6-3d98-4c15-9312-211984ee8629
          customHostname: test.salesforce.com
          customHostnameStatus: ACTIVE
    Conflict:
      value:
        type: https://api.commercecloud.salesforce.com/documentation/error/v1/errors/conflicted
        title: Resource Conflict
        detail: The request made for the resource is not valid.
    CertificateUpdateRequestBodyExample:
      value:
        hostname: www.salesforce.com
        certificate: |-
          -----BEGIN CERTIFICATE-----
          MIIDtTCCAp2gAwIBAgIJAMHAwfXZ5PWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
          BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
          aWRnaXRzIFB0eSBMdGQwHhcNMTYwODI0MTY0MzAxWhcNMTYxMTIyMTY0MzAxWjBF
          MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
          ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
          CgKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmGdtcGbg/1
          CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKnabIRuGvB
          KwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpidtnKX/a+5
          0GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+pyFxIXjbEI
          dZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pEewooaeO2
          izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABo4GnMIGkMB0GA1UdDgQWBBT/LbE4
          9rWf288N6sJA5BRb6FJIGDB1BgNVHSMEbjBsgBTLbE49rWf288N6sJA5BRb6FJI
          GKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV
          BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAMHAwfXZ5/PWMAwGA1UdEwQF
          MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHHFwl0tH0quUYZYO0dZYt4R7SJ0pCm2
          2satiyzHl4OnXcHDpekAo7/a09c6Lz6AU83cKy/+x3/djYHXWba7HpEu0dR3ugQP
          Mlr4zrhd9xKZ0KZKiYmtJH+ak4OM4L3FbT0owUZPyjLSlhMtJVcoRp5CJsjAMBUG
          SvD8RX+T01wzox/Qb+lnnNnOlaWpqu8eoOenybxKp1a9ULzIVvN/LAcc+14vioFq
          2swRWtmocBAs8QR9n4uvbpiYvS8eYueDCWMM4fvFfBhaDZ3N9IbtySh3SpFdQDhw
          YbjM2rxXiyLGxB4Bol7QTv4zHif7Zt89FReT/NBy4rzaskDJY5L6xmY=
          -----END CERTIFICATE-----
        privateKey: |-
          -----BEGIN RSA PRIVATE KEY-----
          MIIEowIBAAKCAQEAwQHoetcl9+5ikGzV6cMzWtWPJHqXT3wpbEkRU9Yz7lgvddmG
          dtcGbg/1CGZu0jJGkMoppoUo4c3dts3iwqRYmBikUP77wwY2QGmDZw2FvkJCJlKn
          abIRuGvBKwzESIXgKk2016aTP6/dAjEHyo6SeoK8lkIySUvK0fyOVlsiEsCmOpid
          tnKX/a+50GjB79CJH4ER2lLVZnhePFR/zUOyPxZQQ4naHf7yu/b5jhO0f8fwt+py
          FxIXjbEIdZliWRkRMtzrHOJIhrmJ2A1J7iOrirbbwillwjjNVUWPf3IJ3M12S9pE
          ewooaeO2izNTERcG9HzAacbVRn2Y2SWIyT/18QIDAQABAoIBACbhTYXBZYKmYPCb
          HBR1IBlCQA2nLGf0qRuJNJZg5iEzXows/6tc8YymZkQE7nolapWsQ+upk2y5Xdp/
          axiuprIs9JzkYK8Ox0r+dlwCG1kSW+UAbX0bQ/qUqlsTvU6muVuMP8vZYHxJ3wmb
          +ufRBKztPTQ/rYWaYQcgC0RWI20HTFBMxlTAyNxYNWzX7RKFkGVVyB9RsAtmcc8g
          +j4OdosbfNoJPS0HeIfNpAznDfHKdxDk2Yc1tV6RHBrC1ynyLE9+TaflIAdo2MVv
          KLMLq51GqYKtgJFIlBRPQqKoyXdz3fGvXrTkf/WY9QNq0J1Vk5ERePZ54mN8iZB7
          9lwy/AkCgYEA6FXzosxswaJ2wQLeoYc7ceaweX/SwTvxHgXzRyJIIT0eJWgx13Wo
          /WA3Iziimsjf6qE+SI/8laxPp2A86VMaIt3Z3mJN/CqSVGw8LK2AQst+OwdPyDMu
          iacE8lj/IFGC8mwNUAb9CzGU3JpU4PxxGFjS/eMtGeRXCWkK4NE+G08CgYEA1Kp9
          N2JrVlqUz+gAX+LPmE9OEMAS9WQSQsfCHGogIFDGGcNf7+uwBM7GAaSJIP01zcoe
          VAgWdzXCv3FLhsaZoJ6RyLOLay5phbu1iaTr4UNYm5WtYTzMzqh8l1+MFFDl9xDB
          vULuCIIrglM5MeS/qnSg1uMoH2oVPj9TVst/ir8CgYEAxrI7Ws9Zc4Bt70N1As+U
          lySjaEVZCMkqvHJ6TCuVZFfQoE0r0whdLdRLU2PsLFP+q7qaeZQqgBaNSKeVcDYR
          9B+nY/jOmQoPewPVsp/vQTCnE/R81spu0mp0YI6cIheT1Z9zAy322svcc43JaWB7
          mEbeqyLOP4Z4qSOcmghZBSECgYACvR9Xs0DGn+wCsW4vze/2ei77MD4OQvepPIFX
          dFZtlBy5ADcgE9z0cuVB6CiL8DbdK5kwY9pGNr8HUCI03iHkW6Zs+0L0YmihfEVe
          PG19PSzK9CaDdhD9KFZSbLyVFmWfxOt50H7YRTTiPMgjyFpfi5j2q348yVT0tEQS
          fhRqaQKBgAcWPokmJ7EbYQGeMbS7HC8eWO/RyamlnSffdCdSc7ue3zdVJxpAkQ8W
          qu80pEIF6raIQfAf8MXiiZ7auFOSnHQTXUbhCpvDLKi0Mwq3G8Pl07l+2s6dQG6T
          lv6XTQaMyf6n1yjzL+fzDrH3qXMxHMO/b13EePXpDMpY7HQpoLDi
          -----END RSA PRIVATE KEY-----
    CertificateUpdateResponse1:
      value:
        data:
          certificateId: 730a1be4-22d7-11eb-aff1-0242ac120002
          status: ACTIVE
          hosts:
            - salesforce.com
          expiresOn: '2022-01-12T04:15:57Z'
          uploadedOn: '2020-01-12T04:15:57Z'
          customHostnameVerificationTXTName: _salesforce.com
          customHostnameVerificationTXTValue: 4c9c3f4f-2e91-4c5d-a902-f12f9c285b9e
          customHostnameId: 465a48f6-3d98-4c15-9312-211984ee8629
          customHostname: test.salesforce.com
          customHostnameStatus: ACTIVE
          certificateType: custom
    CertificateUpdateResponse2:
      value:
        data:
          certificateId: 730a1be4-22d7-11eb-aff1-0242ac120002
          hosts:
            - salesforce.com
          expiresOn: '2022-01-12T04:15:57Z'
          uploadedOn: '2020-01-12T04:15:57Z'
          status: PENDING
          certificateType: automatic
          certificateAuthority: google
          certificateValidation: txt
          certificateVerificationTXTName: _acme-challenge.test.example.com
          certificateVerificationTXTValue: SH5Yet8S5dBwPXcRcCjXdf9FXMBVnQjihQ8oN8LoMv0
          certificateVerificationStatus: PENDING
          customHostnameVerificationTXTName: _salesforce.com
          customHostnameVerificationTXTValue: 4c9c3f4f-2e91-4c5d-a902-f12f9c285b9e
          customHostnameId: 465a48f6-3d98-4c15-9312-211984ee8629
          customHostname: test.salesforce.com
          customHostnameStatus: ACTIVE
    CustomHostnamesPatchResponse:
      value:
        data:
          customHostnameId: 465a48f6-3d98-4c15-9312-211984ee8629
          customHostname: test.salesforce.com
          customHostnameVerificationTXTName: _salesforce.com
          customHostnameVerificationTXTValue: 4c9c3f4f-2e91-4c5d-a902-f12f9c285b9e
          customHostnameStatus: ACTIVE
    MrtRulesGetResponse:
      value:
        data:
          ruleset:
            id: 12345678901234asdfasfasdf1234567
            name: MRT Rules
            lastUpdated: '2022-09-27T18:32:34.675182Z'
            rules:
              - id: 12345678901234asdfasfasdf1234567
                expression: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "/on/path1/.*" or http.request.uri.path matches "/on/path2/.*" or http.request.uri.path matches ".*routeDetails=true" or http.request.uri.path eq "/path3.txt" ))
                description: Phased rollout rule for dev-customer.salesforce.com
                lastUpdated: '2022-09-15T21:14:42.372459Z'
                ref: 12345678901234asdfasfasdf1234567
                enabled: true
                mrtHostname: customer.mobify-storefront.com
              - id: 12345678901234asdfasfasdf1234567
                expression: (http.host in {"test-customer.salesforce.com" "test2-customer.salesforce.com"} and not ( http.request.uri.path matches "^/path4/.*" or http.request.uri.path matches "^.*/path5/.*/products/.*"))
                description: Phased rollout rule for test-customer.salesforce.com
                lastUpdated: '2022-09-15T21:14:42.372459Z'
                ref: 12345678901234asdfasfasdf1233333
                enabled: true
                mrtHostname: customer.mobify-storefront.com
              - id: 12345678901234asdfasfasdf1234567
                expression: (http.host eq "prd-customer.salesforce.com" and not ( http.request.uri.path matches "^/path4/.*" or http.request.uri.path matches "^.*/path5/.*/products/.*"))
                description: Phased rollout rule for prd-customer.salesforce.com
                lastUpdated: '2022-09-15T21:14:42.372459Z'
                ref: 98745678901234asdfasfasdf1234567
                enabled: true
                mrtHostname: customer.mobify-storefront.com
    MrtRulesPostRequestSingleHostnameBodyExample:
      value:
        mrtHostname: customer.mobify-storefront.com
        expressions:
          - (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "/on/path1/.*" or http.request.uri.path matches "/on/path2/.*" or http.request.uri.path matches ".*routeDetails=true" or http.request.uri.path eq "/path3.txt" ))
        descriptions:
          - Phased rollout rule for dev-customer.salesforce.com
    MrtRulesPostRequestMultipleHostnamesBodyExample:
      value:
        mrtHostname: customer.mobify-storefront.com
        expressions:
          - (http.host in {"test-customer.salesforce.com" "test2-customer.salesforce.com"} and not ( http.request.uri.path matches "^/path4/.*" or http.request.uri.path matches "^.*/path5/.*/products/.*"))
        descriptions:
          - Phased rollout rule for test-customer.salesforce.com and test2-customer.salesforce.com
    MrtRulesPostResponseSingleHostname:
      value:
        data:
          ruleset:
            id: 12345678901234asdfasfasdf1234567
            name: MRT Rules
            lastUpdated: '2022-09-27T18:32:34.675182Z'
            rules:
              - id: 12345678901234asdfasfasdf1234567
                expression: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "/on/path1/.*" or http.request.uri.path matches "/on/path2/.*" or http.request.uri.path matches ".*routeDetails=true" or http.request.uri.path eq "/path3.txt" ))
                description: Phased rollout rule for dev-customer.salesforce.com
                lastUpdated: '2022-09-15T21:14:42.372459Z'
                ref: 12345678901234asdfasfasdf1234567
                enabled: true
                mrtHostname: customer.mobify-storefront.com
    MrtRulesPostResponseMultipleHostnames:
      value:
        data:
          ruleset:
            id: 12345678901234asdfasfasdf1234567
            name: MRT Rules
            lastUpdated: '2022-09-27T18:32:34.675182Z'
            rules:
              - id: 12345678901234asdfasfasdf1234567
                expression: (http.host in {"test-customer.salesforce.com" "test2-customer.salesforce.com"} and not ( http.request.uri.path matches "^/path4/.*" or http.request.uri.path matches "^.*/path5/.*/products/.*"))
                description: Phased rollout rule for test-customer.salesforce.com and test2-customer.salesforce.com
                lastUpdated: '2022-09-15T21:14:42.372459Z'
                ref: 12345678901234asdfasfasdf1234567
                enabled: true
                mrtHostname: customer.mobify-storefront.com
    MrtRulesetPatchRequestUpdateHostnameBodyExample:
      value:
        oldMrtHostname: old-hostname.mobify-storefront.com
        mrtHostname: new-hostname.mobify-storefront.com
    MrtRulesetPatchRequestAddRulesBodyExample:
      value:
        mrtHostname: customer.mobify-storefront.com
        expressions:
          - (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "/on/path1/.*" or http.request.uri.path matches "/on/path2/.*" or http.request.uri.path matches ".*routeDetails=true" or http.request.uri.path eq "/path3.txt" ))
          - (http.host in {"test-customer.salesforce.com" "test2-customer.salesforce.com"} and not ( http.request.uri.path matches "^/path4/.*" or http.request.uri.path matches "^.*/path5/.*/products/.*"))
        descriptions:
          - Phased rollout rule for dev-customer.salesforce.com
    MrtRulesetPatchResponseUpdateHostname:
      value:
        data:
          ruleset:
            id: 12345678901234asdfasfasdf1234567
            name: MRT Rules
            lastUpdated: '2022-09-27T18:32:34.675182Z'
            rules:
              - id: 12345678901234asdfasfasdf1234567
                expression: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "/on/path1/.*" or http.request.uri.path matches "/on/path2/.*" or http.request.uri.path matches ".*routeDetails=true" or http.request.uri.path eq "/path3.txt" ))
                description: Phased rollout rule for dev-customer.salesforce.com
                lastUpdated: '2022-09-15T21:14:42.372459Z'
                ref: 12345678901234asdfasfasdf1234567
                enabled: true
                mrtHostname: new-hostname.mobify-storefront.com
              - id: 12345678901234asdfasfasdf1234568
                expression: (http.host in {"test-customer.salesforce.com" "test2-customer.salesforce.com"} and not ( http.request.uri.path matches "^/path4/.*" or http.request.uri.path matches "^.*/path5/.*/products/.*"))
                description: Phased rollout rule for test-customer.salesforce.com and test2-customer.salesforce.com
                lastUpdated: '2022-09-15T21:14:42.372459Z'
                ref: 12345678901234asdfasfasdf1234568
                enabled: true
                mrtHostname: new-hostname.mobify-storefront.com
    MrtRulesetPatchResponseAddRules:
      value:
        data:
          ruleset:
            id: 12345678901234asdfasfasdf1234567
            name: MRT Rules
            lastUpdated: '2022-09-27T18:32:34.675182Z'
            rules:
              - id: 12345678901234asdfasfasdf1234567
                expression: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "/on/path1/.*" or http.request.uri.path matches "/on/path2/.*" or http.request.uri.path matches ".*routeDetails=true" or http.request.uri.path eq "/path3.txt" ))
                description: Phased rollout rule for dev-customer.salesforce.com
                lastUpdated: '2022-09-15T21:14:42.372459Z'
                ref: 12345678901234asdfasfasdf1234567
                enabled: true
                mrtHostname: customer.mobify-storefront.com
              - id: 12345678901234asdfasfasdf1234568
                expression: (http.host in {"test-customer.salesforce.com" "test2-customer.salesforce.com"} and not ( http.request.uri.path matches "^/path4/.*" or http.request.uri.path matches "^.*/path5/.*/products/.*"))
                description: Phased rollout rule for test-customer.salesforce.com and test2-customer.salesforce.com
                lastUpdated: '2022-09-15T21:14:42.372459Z'
                ref: 12345678901234asdfasfasdf1234568
                enabled: true
                mrtHostname: customer.mobify-storefront.com
    MrtRulePatchRequestBodyExample:
      value:
        enabled: true
        expression: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path4/.*" or http.request.uri.path matches "^.*/path5/.*/products/.*"))
        description: Phased rollout rule for dev-customer.salesforce.com
    MrtRulePatchResponse:
      value:
        data:
          ruleset:
            id: 12345678901234asdfasfasdf1234567
            name: MRT Rules
            lastUpdated: '2022-09-15T21:14:42.372459Z'
            rules:
              - id: 12345678901234asdfasfasdf1234567
                expression: (http.host eq "dev-customer.salesforce.com" and not ( http.request.uri.path matches "^/path4/.*" or http.request.uri.path matches "^.*/path5/.*/products/.*"))
                description: Phased rollout rule for dev-customer.salesforce.com
                lastUpdated: '2022-09-27T18:32:34.675182Z'
                ref: 12345678901234asdfasfasdf1234567
                enabled: true
                mrtHostname: customer.mobify-storefront.com
    LogpushOwnershipPostRequestBodyExample:
      value:
        destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
    LogpushOwnershipPostResponse:
      value:
        data:
          destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
          fileName: site-name/20230101/ownership-challenge-f1234567.txt
    LogpushGetListJob:
      value:
        data:
          - jobId: 123456
            name: example1-job-name
            logType: http_requests
            logFields:
              - ClientRequestBytes
              - ClientRequestHost
              - ClientRequestMethod
            destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
            lastComplete: '2023-03-14T02:09:32Z'
            createdOn: '2023-01-01T00:00:27Z'
          - jobId: 123457
            name: example2-job-name
            logType: firewall_events
            logFields:
              - RuleID
              - ClientRequestUserAgent
              - ClientRequestPath
            filter: '{"where":{"and":[{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}, {"key":"EdgeResponseStatus","operator":"in","value":[502, 503, 504, 520, 521, 522, 522, 523, 524, 525, 526, 530]}]}}'
            destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
            lastComplete: '2023-03-22T02:09:32Z'
            createdOn: '2023-01-03T00:00:27Z'
          - jobId: 123458
            name: example3-job-name
            logType: page_shield_events
            logFields:
              - Action
              - CSPDirective
              - Host
              - PageURL
              - PolicyID
              - ResourceType
              - Timestamp
              - URL
              - URLHost
            destinationPath: s3://customer-bucket/site-name/page-shield-events/{DATE}?region=us-east-1&sse=AES256
            lastComplete: '2025-01-02T02:09:32Z'
            createdOn: '2025-01-01T00:00:27Z'
    LogpushCreateRequestBodyExample1:
      value:
        name: example-job-name
        destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
        ownershipChallengeToken: abc00000000000000000000
        logFields:
          - ClientRequestBytes
          - ClientRequestHost
          - ClientRequestMethod
        logType: http_requests
    LogpushCreateRequestBodyExample2:
      value:
        name: example-job-name-with-filter
        destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
        ownershipChallengeToken: abc00000000000000000000
        logFields:
          - ClientRequestBytes
          - ClientRequestPath
          - ClientRequestHost
          - ClientRequestMethod
          - EdgeResponseStatus
        filter: '{"where":{"and":[{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}, {"key":"EdgeResponseStatus","operator":"in","value":[502, 503, 504, 520, 521, 522, 522, 523, 524, 525, 526, 530]}]}}'
        logType: http_requests
    LogpushCreateRequestBodyExample3:
      value:
        name: example-job-name
        destinationPath: s3://customer-bucket/site-name/page-shield-events/{DATE}?region=us-east-1&sse=AES256
        ownershipChallengeToken: abc00000000000000000000
        logFields:
          - Action
          - CSPDirective
          - Host
          - PageURL
          - PolicyID
          - ResourceType
          - Timestamp
          - URL
          - URLHost
        logType: page_shield_events
    LogpushCreateResponse1:
      value:
        data:
          jobId: 123456
          name: example-job-name
          logType: http_requests
          logFields:
            - ClientRequestBytes
            - ClientRequestHost
            - ClientRequestMethod
          destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
          enabled: false
          createdOn: '2023-01-01T00:00:27Z'
    LogpushCreateResponse2:
      value:
        data:
          jobId: 123456
          name: example-job-name-with-filter
          logType: http_requests
          logFields:
            - ClientRequestBytes
            - ClientRequestPath
            - ClientRequestHost
            - ClientRequestMethod
            - EdgeResponseStatus
          filter: '{"where":{"and":[{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}, {"key":"EdgeResponseStatus","operator":"in","value":[502, 503, 504, 520, 521, 522, 522, 523, 524, 525, 526, 530]}]}}'
          destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
          enabled: false
          createdOn: '2023-01-01T00:00:27Z'
    LogpushCreateResponse3:
      value:
        data:
          jobId: 123458
          name: example-job-name
          logType: page_shield_events
          logFields:
            - Action
            - CSPDirective
            - Host
            - PageURL
            - PolicyID
            - ResourceType
            - Timestamp
            - URL
            - URLHost
          destinationPath: s3://customer-bucket/site-name/page-shield-events/{DATE}?region=us-east-1&sse=AES256
          enabled: true
          createdOn: '2025-01-01T00:00:27Z'
    LogpushGetJobById1:
      value:
        data:
          jobId: 123456
          name: example-job-name
          logType: http_requests
          logFields:
            - ClientRequestBytes
            - ClientRequestHost
            - ClientRequestMethod
          destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
          lastComplete: '2023-03-14T02:09:32Z'
          createdOn: '2023-01-01T00:00:27Z'
    LogpushGetJobById2:
      value:
        data:
          jobId: 123456
          name: example-job-name
          logType: http_requests
          logFields:
            - ClientRequestBytes
            - ClientRequestHost
            - ClientRequestMethod
          destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
          lastComplete: '2023-03-14T02:09:32Z'
          lastError: '2023-03-16T02:00:00Z'
          errorMessage: No permissions to write to destination bucket
          createdOn: '2023-01-01T00:00:27Z'
    LogpushGetJobById3:
      value:
        data:
          jobId: 123456
          name: example-job-name
          logType: http_requests
          logFields:
            - ClientRequestBytes
            - ClientRequestPath
            - ClientRequestHost
            - ClientRequestMethod
            - EdgeResponseStatus
          filter: '{"where":{"and":[{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}, {"key":"EdgeResponseStatus","operator":"in","value":[502, 503, 504, 520, 521, 522, 522, 523, 524, 525, 526, 530]}]}}'
          destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
          lastComplete: '2023-03-14T02:09:32Z'
          createdOn: '2023-01-01T00:00:27Z'
    LogpushUpdateRequestBodyExample:
      value:
        enabled: true
        filter: '{"where":{"key":"ClientRequestPath","operator":"contains","value":"/example-path"}}'
        logFields:
          - ClientRequestBytes
          - ClientRequestHost
          - ClientRequestMethod
    LogpushUpdateResponse:
      value:
        data:
          jobId: 123456
          name: example-job-name
          enabled: true
          logType: http_requests
          logFields:
            - ClientRequestBytes
            - ClientRequestHost
            - ClientRequestMethod
          destinationPath: s3://customer-bucket/site-name/{DATE}?region=us-east-1&sse=AES256
          lastComplete: '2023-03-14T02:09:32Z'
          lastError: '2023-01-01T00:00:27Z'
          errorMessage: ''
    WafPackagesGetExample:
      value:
        data:
          id: c504870194831cd12c3fc0284f294abb
          name: OWASP ModSecurity Core Rule Set
          description: OWASP Core Ruleset (2013) provides protection against common attack categories, including SQL Injection and Cross-Site Scripting.
          zone_id: 56702a674281951f541f9f304f7431f0
          detection_mode: anomaly
          sensitivity: low
          action_mode: simulate
    WafPackagesPatchRequestBodyExample:
      value:
        sensitivity: low
        action_mode: simulate
    CustomRulesResponse:
      value:
        data:
          - ruleId: ffffe61cf25e4ec49c34b029ff3060f7
            description: Block traffic for malformed URL requests
            expression: (http.request.uri.path matches "^/path1/.*")
            actions:
              - block
            lastUpdated: '2022-12-14T21:25:22.329194Z'
            enabled: false
          - ruleId: 2c0fc9fa937b11eaa1b71c4d701ab86e
            description: Skip user agent
            expression: (http.user_agent contains "Client")
            actions:
              - skip_custom_rules, skip_waf
            lastUpdated: '2022-12-14T21:30:34.263795Z'
            enabled: true
    CustomRulesPostRequestBodyExample:
      value:
        description: Block traffic for malformed URL requests
        expression: (http.request.uri.path matches "^/path1/.*")
        actions:
          - block
        enabled: false
        position:
          before: 2c0fc9fa937b11eaa1b71c4d701ab86e
    CustomRuleResponse:
      value:
        data:
          ruleId: ffffe61cf25e4ec49c34b029ff3060f7
          description: Block traffic for malformed URL requests
          expression: (http.request.uri.path matches "^/path1/.*")
          actions:
            - block
          lastUpdated: '2022-12-14T21:25:22.329194Z'
          enabled: false
    CustomRulesPatchOrderRequest:
      value:
        ruleIds:
          - ffffe61cf25e4ec49c34b029ff3060f7
          - 2c0fc9fa937b11eaa1b71c4d701ab86e
    CustomRulesPatchRequest:
      value:
        description: Updated description for the custom rule
        expression: (http.request.uri.path matches "^/updated-path/.*")
        actions:
          - block
    RateLimitingRulesResponse:
      value:
        data:
          - ruleId: ffffe61cf25e4ec49c34b029ff3060f7
            description: Rate limit /path1
            expression: http.request.uri.path matches "^/path1/.*"
            characteristics:
              - cf.unique_visitor_id
            action: block
            period: 60
            requestsPerPeriod: 50
            mitigationTimeout: 600
            countingExpression: http.request.uri.path matches "^/path1/.*" and http.response.code eq 400
            enabled: false
            lastUpdated: '2022-12-14T21:25:22.329194Z'
          - ruleId: 2c0fc9fa937b11eaa1b71c4d701ab86e
            description: Rate limit AS number 12345
            expression: ip.src.asnum eq 12345
            characteristics:
              - ip.src
            action: managed_challenge
            period: 600
            requestsPerPeriod: 1000
            mitigationTimeout: 0
            enabled: true
            lastUpdated: '2022-12-14T21:47:24.323223Z'
    RateLimitingRulesPostRequestBodyExample:
      value:
        description: Rate limit /path1
        expression: http.request.uri.path matches "^/path1/.*"
        characteristics:
          - cf.unique_visitor_id
        action: block
        period: 60
        requestsPerPeriod: 50
        mitigationTimeout: 600
        countingExpression: http.request.uri.path matches "^/path1/.*" and http.response.code eq 400
        enabled: false
        position:
          before: 2c0fc9fa937b11eaa1b71c4d701ab86e
    RateLimitingRuleResponse:
      value:
        data:
          ruleId: ffffe61cf25e4ec49c34b029ff3060f7
          description: Rate limit /path1
          expression: http.request.uri.path matches "^/path1/.*"
          characteristics:
            - cf.unique_visitor_id
          action: block
          period: 60
          requestsPerPeriod: 50
          mitigationTimeout: 600
          countingExpression: http.request.uri.path matches "^/path1/.*" and http.response.code eq 400
          enabled: false
          lastUpdated: '2022-12-14T21:25:22.329194Z'
    RateLimitingRulesPatchRequest:
      value:
        description: Updated rate limiting rule description
        expression: http.request.uri.path matches "^/updated-path/.*"
        characteristics:
          - cf.unique_visitor_id
        action: block
        period: 120
        requestsPerPeriod: 100
        mitigationTimeout: 1200
        countingExpression: http.request.uri.path matches "^/updated-path/.*" and http.response.code eq 400
        enabled: true
    WAFManagedRulesetsResponse:
      value:
        data:
          - name: Managed Ruleset
            rulesetId: efb7b8c949ac4650a09736fc376e9aee
            action: default
            enabled: true
          - name: OWASP Core Ruleset
            rulesetId: 4814384a9e5d4991b9815dcfc25d2f1f
            action: log
            anomalyScoreThreshold: 25
            anomalyScore: high
            paranoiaLevel: 1
            enabled: true
          - name: Leaked Crednetials Check Ruleset
            rulesetId: c2e184081120413c86c3ab7e14069605
            action: block
            enabled: true
    WAFManagedRulesetsUpdateRequestBodyExample:
      value:
        action: js_challenge
        enabled: true
    WAFManagedRulesetsUpdateResponse:
      value:
        data:
          name: Managed Ruleset
          rulesetId: efb7b8c949ac4650a09736fc376e9aee
          action: js_challenge
          enabled: true
    WAFManagedRulesResponse:
      value:
        data:
          - ruleId: 8ac8bc2a661e475d940980f9317f28e1
            action: block
            score: 5
            categories:
              - application-multi
              - attack-generic
              - capec-1000
              - capec-210
              - capec-220
              - capec-272
              - capec-274
              - language-multi
              - paranoia-level-1
              - pci-12-1
              - platform-multi
            description: '911100: Method is not allowed by policy'
            lastUpdated: '2024-08-19T17:26:58.593021Z'
            enabled: false
          - ruleId: 53065ac9bd9449f3895f1865467a0e6a
            action: block
            score: 5
            categories:
              - application-multi
              - attack-reputation-scanner
              - capec-1000
              - capec-118
              - capec-224
              - capec-310
              - capec-541
              - language-multi
              - paranoia-level-1
              - pci-6-5-10
              - platform-multi
            description: '913100: Found User-Agent associated with security scanner'
            lastUpdated: '2024-08-19T17:26:58.593021Z'
            enabled: true
    WAFManagedRulesUpdateRequestBodyExample:
      value:
        action: log
        enabled: true
    WAFManagedRulesUpdateResponse:
      value:
        data:
          ruleId: 53065ac9bd9449f3895f1865467a0e6a
          action: log
          score: 5
          categories:
            - application-multi
            - attack-reputation-scanner
            - capec-1000
            - capec-118
            - capec-224
            - capec-310
            - capec-541
            - language-multi
            - paranoia-level-1
            - pci-6-5-10
            - platform-multi
          description: '913100: Found User-Agent associated with security scanner'
          lastUpdated: '2024-08-19T17:26:58.593021Z'
          enabled: true
    MrtGetResponse:
      value:
        data:
          headerName: x-sfdc-access-control
          headerValue: '********789'
          lastUpdated: '2024-04-27T18:32:34.675182Z'
    MrtPutRequestBodyExample:
      value:
        headerValue: '123456789'
    MrtPutUpdateResponse:
      value:
        data:
          headerName: x-sfdc-access-control
          headerValue: '********789'
          lastUpdated: '2024-04-27T18:32:34.675182Z'
    MrtPutCreateResponse:
      value:
        data:
          headerName: x-sfdc-access-control
          headerValue: '********789'
          lastUpdated: '2024-04-27T18:32:34.675182Z'
    CipherSettingsGetResponse:
      value:
        data:
          ciphers:
            - ECDHE-ECDSA-AES128-GCM-SHA256
            - ECDHE-RSA-AES128-GCM-SHA256
          cipherSuiteType: Custom
    CipherSettingsPatchRequestBodyExample:
      value:
        ciphers:
          - ECDHE-ECDSA-AES128-GCM-SHA256
        cipherSuiteType: Custom
    CipherSettingsPatchResponse:
      value:
        data:
          ciphers:
            - ECDHE-ECDSA-AES128-GCM-SHA256
          cipherSuiteType: Custom
