@lap v0.3
# Machine-readable API spec. Each @endpoint block is one API call.
@api InstanceMetadataClient
@base http://169.254.169.254/metadata
@version 2019-08-15
@auth basic
@endpoints 4
@toc instance(1), attested(1), identity(2)

@group instance
@endpoint GET /instance
@desc Get Instance Metadata for the Virtual Machine.
@required {api-version: any # This is the API version to use., Metadata: any # This must be set to 'true'.}
@returns(200) OK

@endgroup

@group attested
@endpoint GET /attested/document
@desc Get Attested Data for the Virtual Machine.
@required {api-version: any # This is the API version to use., Metadata: any # This must be set to 'true'.}
@optional {nonce: any # This is a string of up to 32 random alphanumeric characters.}
@returns(200) OK

@endgroup

@group identity
@endpoint GET /identity/oauth2/token
@desc Get a Token from Azure AD
@required {Metadata: any # This must be set to 'true'., resource: any # This is the urlencoded identifier URI of the sink resource for the requested Azure AD token. The resulting token contains the corresponding aud for this resource., api-version: any # This is the API version to use.}
@optional {client_id: any # This identifies, by Azure AD client id, a specific explicit identity to use when authenticating to Azure AD. Mutually exclusive with object_id and msi_res_id., object_id: any # This identifies, by Azure AD object id, a specific explicit identity to use when authenticating to Azure AD. Mutually exclusive with client_id and msi_res_id., msi_res_id: any # This identifies, by urlencoded ARM resource id, a specific explicit identity to use when authenticating to Azure AD. Mutually exclusive with client_id and object_id., authority: any # This indicates the authority to request AAD tokens from. Defaults to the known authority of the identity to be used., bypass_cache: any # If provided, the value must be 'true'. This indicates to the server that the token must be retrieved from Azure AD and cannot be retrieved from an internal cache.}
@returns(200) Successful operation

@endpoint GET /identity/info
@desc Get information about AAD Metadata
@required {Metadata: any # This must be set to 'true'., api-version: any # This is the API version to use.}
@returns(200) Successful operation

@endgroup

@end