Changes to the External API (v9.8.10 > v9.9.4)

External API Changes

API Docs json file

1. Authentication

API Key HTTP Header name has been changed.

	Before	After
Header Parameter name	X-QueryPie-Api-Token	Authorization

2. Alert API

Changes/Improvements

API(9.8.10)	Changes
(GET) List	All information for each alert returned → Changed to return only brief information for each alert. Detail API added to retrieve detailed information for each alert type.
(POST) Create	Previously, it was possible to create alerts for all types using a single API → creation APIs have been separated for each alert type. The previous Create API has been removed.
(PUT) Update	Previously, it was possible to update alerts for all types using a single API → update APIs have been separated for each alert type. The previous Update API has been removed.
(Delete) Delete	None

[NEW] (POST) Create, (PUT) Update, (GET) Detail API

Detailed request content can be found in the documentation.

Alert Type(9.8.10)	Doc Paths (9.9.4)
`SQL_EXECUTION`	[SQL Execution] `/api/external/alerts/sql-execution`
`SQL_EXECUTION_PREVENTED`	[Prevented SQL Execution] `/api/external/alerts/prevented-sql-execution`
`DATABASE_AUTHENTICATION_FAILED`	[DB Connection Attempt] `/api/external/alerts/db-connection-attempt`
`SENSITIVE_DATA_BY_POLICY`	[Sensitive Data Access] `api/external/alerts/sensitive-data-access` policy
`SENSITIVE_DATA_BY_LEVEL`	[Sensitive Data Access] `api/external/alerts/sensitive-data-access` level
`EXCEL_EXPORT`	[Data Export] `api/external/alerts/data-export`
`APPROVAL_REQUESTED`	[Workflow New Request] `/api/external/alerts/workflow-new-request`
	[Unusual Login Attempt](신규) `/api/external/alerts/unusual-login-attempt`

(GET) List

/api/external/notifications

Request

None

Response

Before

After

JSON

{
  "list": [
    {
      "condition": {...},
      "description": "",
      "lastAt": "2019-08-24T14:15:22Z",
      "lastStatus": "UNDEFINED",
      "notification": {...},
      "policy": {...},
      "template": "{{userName}} executed {{expRows}} rows.",
      "uuid": "a5ac2279-b715-4819-a00d-daba81739057"
    },
    ...
  ],
  "page": {...}
}

JSON

{
  "list": [
    {
      "alertType": "SQL Execution",
      "lastAt": "2019-08-24T14:15:22Z",
      "lastStatus": "UNDEFINED",
      "name": "string",
      "template": "{{userName}} executed {{expRows}} rows.",
      "uuid": "a5ac2279-b715-4819-a00d-daba81739057"
    },
    ...
  ],
  "page": {...}
}

3. Approval Rule API

(GET) List

/api/external/approval-rules

Request

Query Parameter
RequestType has been updated from SQL, ACCESS to SQL, EXPORT, ACCESS, with the addition of EXPORT.

Response

None

4. Audit Log API

(GET) List of Approval

/api/external/audit-logs

Request

Query Parameter

Before	After
pageNumber pageSize actionType clusterGroupId clusterId startDate endDate databaseType sqlFullText	cursor count actionType clusterGroupId clusterId startDate endDate databaseType sqlFullText

You can use the Response's nextCursor as is for the cursor. If it's the first call, leave it empty.
- The information in /api/docs is incorrect and will be corrected in future versions.
The count remains the same as the previous pageSize, and the max value is 100.
Redis has been added to the databaseType.

Response

Before	After
{ "list": [ { … "execMillis": 200, "execResult": false, "executedAt": "2019-08-24T14:15:22Z", … } ], "page": { "currentPage": 0, "pageSize": 0, "totalElements": 0, "totalPages": 0 } }	{ "hasNext": true, "list": [ { … "execMillis": 200, "execResult": false, (Deprecated) "executedAt": "2019-08-24T14:15:22Z", … } ], "nextCursor": "2019-08-24T16:15:22Z" }

The hasNext field has been added, indicating whether there is more data after the Response.
The execResult field has been deprecated and will be removed in future versions.
The page field has been removed, and nextCursor has been added.
- The value of executedAt for the last element in the list of the current Response represents the time between the startDate and endDate of the Request.
- By putting this value into the cursor of the Request, you can retrieve data starting from that time. (You don't need to change the startDate and endDate.)
- The information in /api/docs is incorrect and will be corrected in future versions.

(GET) Detail

/api/external/audit-logs/{id}

Request

None

Response

Before	After
{ … "execMillis": 200, "execResult": false, "executedAt": "2019-08-24T14:15:22Z", … }	{ … "execMillis": 200, "execResult": false, (Deprecated) "executedAt": "2019-08-24T14:15:22Z", … }

The execResult field has been deprecated and will be removed in future versions.

(GET) Detail

/api/external/audit-logs/{uuid}

Request

None

Response

Before	After
{ … "execMillis": 200, "execResult": false, "executedAt": "2019-08-24T14:15:22Z", … }	{ … "execMillis": 200, "execResult": false, (Deprecated) "executedAt": "2019-08-24T14:15:22Z", … }

The execResult field has been deprecated and will be removed in future versions.

5. Authentication History API

(GET) List of Authentication

/api/external/connection-auth-logs

Request

Query Parameter

Before	After
pageNumber pageSize actionType clusterGroupId clusterId startDate endDate databaseType sqlFullText	pageNumber pageSize actionType clusterGroupId clusterId startDate endDate databaseType sqlFullText

The following action types have been removed from actionType: LOGIN, LOGOUT, LOCKED, EXPIRED, LOCKED_MANUALLY, UNLOCK.
- Only CONNECT, DISCONNECT are now used.
Redis has been added to the databaseType.

Response

None

6. User Access History API

(GET) List of User Access History

/api/external/system-auth-logs

Request & Response

The following action types have been removed from actionType: CONNECT, DISCONNECT.
- Only LOGIN, LOGOUT, LOCKED, EXPIRED, LOCKED_MANUALLY, UNLOCK are now used.

7. Cloud Provider API

(GET) List of Cloud Provider

/api/external/cloud-providers

Request

None

Response

Before	After
{ "list": [ { … "subscriptionId": "string", "targetArn": "string", … } ], "page": { … } }	{ "list": [ { … "subscriptionId": "string", "synchronizableDatabaseTypes": [], "targetArn": "string", … } ], "page": { … } }

The field synchronizableDatabaseTypes has been added.
- It is an output field that indicates the types (vendors) of databases to synchronize with.
- AURORA_MY_SQL, AURORA_POSTGRESQL, MY_SQL, POSTGRESQL, MARIA_DB, ORACLE, SQL_SERVER, DYNAMO_DB, DOCUMENT_DB, REDSHIFT, ATHENA

(POST) Create Cloud Provider

/api/external/cloud-providers

Request

Before	After
{ … "subscriptionId": "string", "targetArn": "string", … }	{ … "subscriptionId": "string", "synchronizableDatabaseTypes": [], "targetArn": "string", … }

The field synchronizableDatabaseTypes has been added.
- It is an output field that indicates the types (vendors) of databases to synchronize with.
- AURORA_MY_SQL, AURORA_POSTGRESQL, MY_SQL, POSTGRESQL, MARIA_DB, ORACLE, SQL_SERVER, DYNAMO_DB, DOCUMENT_DB, REDSHIFT, ATHENA

Response

Before	After
{ … "subscriptionId": "string", "targetArn": "string", … }	{ … "subscriptionId": "string", "synchronizableDatabaseTypes": [], "targetArn": "string", … }

The field synchronizableDatabaseTypes has been added.
- It is an output field that indicates the types (vendors) of databases to synchronize with.
- AURORA_MY_SQL, AURORA_POSTGRESQL, MY_SQL, POSTGRESQL, MARIA_DB, ORACLE, SQL_SERVER, DYNAMO_DB, DOCUMENT_DB, REDSHIFT, ATHENA

(PUT) Update Cloud Provider

/api/external/cloud-providers/{cloudProviderUuid}

Request

Before	After
{ "cronExpression": "0 0 6 * * ?", "name": "AWS", "proxyAuthType": "QUERYPIE", "proxyEnabled": true, "replicationMode": "MANUAL" }	{ "cronExpression": "0 0 6 * * ?", "name": "AWS", "proxyAuthType": "QUERYPIE", "proxyEnabled": true, "replicationMode": "MANUAL", "synchronizableDatabaseTypes": [ "AURORA_MY_SQL" ] }

The field synchronizableDatabaseTypes has been added.
- It is an output field that indicates the types (vendors) of databases to synchronize with.
- AURORA_MY_SQL, AURORA_POSTGRESQL, MY_SQL, POSTGRESQL, MARIA_DB, ORACLE, SQL_SERVER, DYNAMO_DB, DOCUMENT_DB, REDSHIFT, ATHENA

Response

Before	After
{ … "subscriptionId": "string", "targetArn": "string", … }	{ … "subscriptionId": "string", "synchronizableDatabaseTypes": [], "targetArn": "string", … }

The field synchronizableDatabaseTypes has been added.
- It is an output field that indicates the types (vendors) of databases to synchronize with.
- AURORA_MY_SQL, AURORA_POSTGRESQL, MY_SQL, POSTGRESQL, MARIA_DB, ORACLE, SQL_SERVER, DYNAMO_DB, DOCUMENT_DB, REDSHIFT, ATHENA

8. Cluster Role API

(GET) List of Role

/api/external/roles

Request

None

Response

Before

After

JSON

{
  "list": [
    {
      ...
      “privilegeTypes”: “SELECT“,
      ...
    },
    ...
  ],
  "page": {...}
}

CODE

{
  "list": [
    {
      ...
      “privilegeTypes”: “SELECT“,
      “privilegeVendor”: “SQL",
      ...
    },
    ...
  ],
  "page": {...}
}

The privilegeVendor has been added.
- SQL, REDIS

(POST) Create Role

/api/external/roles

Request & Response

Before	After
JSON `{ … “privilegeTypes”: “ALL“, … }`	CODE `{ … “privilegeTypes”: “ALL“, “privilegeVendor”: “SQL", … }`

The privilegeVendor has been added.
- SQL, REDIS

(PUT) Update Role

/api/external/roles/{roleUuid}

Request & Response

Before	After
JSON `{ … “privilegeTypes”: “ALL“, … }`	CODE `{ … “privilegeTypes”: “ALL“, “privilegeVendor”: “SQL", … }`

The privilegeVendor has been added.
- SQL, REDIS

9. Connection API

(GET) List of Cluster Group

/api/external/connections

Request

None

Response

	Before	After
Request	-	없음
Response	{ "list": [ { … "clusters": [ … ], "connectionOwners": [ … ], "databaseType": "MySQL", "databaseVersion": "5.7.10", "dbUserInfos": [ { "dbUserType": "string", "dbUsername": "string" } ], "deleted": false, … "schemaName": "test_db", "useMultipleAccount": true, "useProxy": true, … } ], "page": { … } }	{ "list": [ { … "clusters": [ … ], "connectionAccount": { "kerberosProtocols": { "admin": { "principal": "string", "realm": "string", "serviceName": "string" }, "common": { "principal": "string", "realm": "string", "serviceName": "string" } }, "type": "UIDPWD", "useMultipleAccount": false, "usernamePasswords": { "admin": { "username": "string" }, "common": { "username": "string" }, "proxy": { "username": "string" } } }, "connectionOwners": [ … ], "databaseType": "MySQL", "databaseVersion": "5.7.10", "deleted": false, … "schemaName": "test_db", "useProxy": true, … } ], "page": { … } }

The fields dbUserInfo and userMultipleAccount have been removed.
- The information of these fields is now conveyed through the connectionAccount field.

The connectionAccount field has been added.
- It is a field that conveys the account information of the connection.
- The type indicates the type of the account.
  - Possible values are: NOAUTH SASL_KERBEROS SASL_PLAIN_UID UIDPWD SASL_PLAIN_UIDPWD_SSL NOAUTH_SSL DELEGATION_TOKEN O_AUTH_CLIENT_CREDENTIALS
- The useMultipleAccount is a boolean value indicating whether multiple accounts are used.
- KerberosProtocols is a field that conveys Kerberos account information.
  - Kerberos accounts do not support proxy accounts.
- usernamePasswords is a field that conveys usernamePassword account information.

(POST) Create Cluster Group

/api/external/connections

Request

	Before	After
Request	-	None
Response	{ "clusters": [ … ], "connectionOwners": [ … ], "databaseType": "MySQL", "databaseVersion": "5.7.10", "dbUserInfos": [ { "dbUserType": "string", "dbUsername": "string" } ], "deleted": false, … }	{ … "clusters": [ … ], "connectionAccount": { "kerberosProtocols": { "admin": { "principal": "string", "realm": "string", "serviceName": "string" }, "common": { "principal": "string", "realm": "string", "serviceName": "string" } }, "type": "UIDPWD", "useMultipleAccount": false, "usernamePasswords": { "admin": { "username": "string" }, "common": { "username": "string" }, "proxy": { "username": "string" } } }, "connectionOwners": [ … ], "databaseType": "MySQL", "databaseVersion": "5.7.10", "deleted": false, … }

The fields dbUserInfo and userMultipleAccount have been removed.
- The information of these fields is now conveyed through the connectionAccount field.

The connectionAccount field has been added.
- It is a field that conveys the account information of the connection.
- The type indicates the type of the account.
  - Possible values are: NOAUTH SASL_KERBEROS SASL_PLAIN_UID UIDPWD SASL_PLAIN_UIDPWD_SSL NOAUTH_SSL DELEGATION_TOKEN O_AUTH_CLIENT_CREDENTIALS
- The useMultipleAccount is a boolean value indicating whether multiple accounts are used.
- KerberosProtocols is a field that conveys Kerberos account information.
  - Kerberos accounts do not support proxy accounts.
- usernamePasswords is a field that conveys usernamePassword account information.

Response

	Before	After
Request	-	None
Response	{ … "clusters": [ … ], "connectionOwners": [ … ], "databaseType": "MySQL", "databaseVersion": "5.7.10", "dbUserInfos": [ { "dbUserType": "string", "dbUsername": "string" } ], "deleted": false, … "schemaName": "test_db", "useMultipleAccount": true, "useProxy": true, … }	{ … "clusters": [ … ], "connectionAccount": { "kerberosProtocols": { "admin": { "principal": "string", "realm": "string", "serviceName": "string" }, "common": { "principal": "string", "realm": "string", "serviceName": "string" } }, "type": "UIDPWD", "useMultipleAccount": false, "usernamePasswords": { "admin": { "username": "string" }, "common": { "username": "string" }, "proxy": { "username": "string" } } }, "connectionOwners": [ … ], "databaseType": "MySQL", "databaseVersion": "5.7.10", "deleted": false, … "schemaName": "test_db", "useProxy": true, … }

The fields dbUserInfo and userMultipleAccount have been removed.
- The information of these fields is now conveyed through the connectionAccount field.

The connectionAccount field has been added.
- It is a field that conveys the account information of the connection.
- The type indicates the type of the account.
  - Possible values are: NOAUTH SASL_KERBEROS SASL_PLAIN_UID UIDPWD SASL_PLAIN_UIDPWD_SSL NOAUTH_SSL DELEGATION_TOKEN O_AUTH_CLIENT_CREDENTIALS
- The useMultipleAccount is a boolean value indicating whether multiple accounts are used.
- KerberosProtocols is a field that conveys Kerberos account information.
  - Kerberos accounts do not support proxy accounts.
- usernamePasswords is a field that conveys usernamePassword account information.

(PATCH) Update Cluster Group

/api/external/connections/{uuid}

Request

	Before	After
Request	-	None
Response	{ "clusters": [ … ], "connectionOwners": [ … ], "databaseType": "MySQL", "databaseVersion": "5.7.10", "dbUserInfos": [ { "dbUserType": "string", "dbUsername": "string" } ], "deleted": false, … }	{ … "clusters": [ … ], "connectionAccount": { "kerberosProtocols": { "admin": { "principal": "string", "realm": "string", "serviceName": "string" }, "common": { "principal": "string", "realm": "string", "serviceName": "string" } }, "type": "UIDPWD", "useMultipleAccount": false, "usernamePasswords": { "admin": { "username": "string" }, "common": { "username": "string" }, "proxy": { "username": "string" } } }, "connectionOwners": [ … ], "databaseType": "MySQL", "databaseVersion": "5.7.10", "deleted": false, … }

The fields dbUserInfo and userMultipleAccount have been removed.
- The information of these fields is now conveyed through the connectionAccount field.

The connectionAccount field has been added.
- It is a field that conveys the account information of the connection.
- The type indicates the type of the account.
  - Possible values are: NOAUTH SASL_KERBEROS SASL_PLAIN_UID UIDPWD SASL_PLAIN_UIDPWD_SSL NOAUTH_SSL DELEGATION_TOKEN O_AUTH_CLIENT_CREDENTIALS
- The useMultipleAccount is a boolean value indicating whether multiple accounts are used.
- KerberosProtocols is a field that conveys Kerberos account information.
  - Kerberos accounts do not support proxy accounts.
- usernamePasswords is a field that conveys usernamePassword account information.

Response

	Before	After
Request	-	None
Response	{ … "clusters": [ … ], "connectionOwners": [ … ], "databaseType": "MySQL", "databaseVersion": "5.7.10", "dbUserInfos": [ { "dbUserType": "string", "dbUsername": "string" } ], "deleted": false, … "schemaName": "test_db", "useMultipleAccount": true, "useProxy": true, … }	{ … "clusters": [ … ], "connectionAccount": { "kerberosProtocols": { "admin": { "principal": "string", "realm": "string", "serviceName": "string" }, "common": { "principal": "string", "realm": "string", "serviceName": "string" } }, "type": "UIDPWD", "useMultipleAccount": false, "usernamePasswords": { "admin": { "username": "string" }, "common": { "username": "string" }, "proxy": { "username": "string" } } }, "connectionOwners": [ … ], "databaseType": "MySQL", "databaseVersion": "5.7.10", "deleted": false, … "schemaName": "test_db", "useProxy": true, … }

The fields dbUserInfo and userMultipleAccount have been removed.
- The information of these fields is now conveyed through the connectionAccount field.

The connectionAccount field has been added.
- It is a field that conveys the account information of the connection.
- The type indicates the type of the account.
  - Possible values are: NOAUTH SASL_KERBEROS SASL_PLAIN_UID UIDPWD SASL_PLAIN_UIDPWD_SSL NOAUTH_SSL DELEGATION_TOKEN O_AUTH_CLIENT_CREDENTIALS
- The useMultipleAccount is a boolean value indicating whether multiple accounts are used.
- KerberosProtocols is a field that conveys Kerberos account information.
  - Kerberos accounts do not support proxy accounts.
- usernamePasswords is a field that conveys usernamePassword account information.

10. Notification Channels API

(GET) List of Notification channel

/api/external/notification-channels

Request

Query Parameter fields have been added.

Before	After
…	dataFlowRequest.filterKey dataFlowRequest.filterValue dataFlowRequest.sortKey dataFlowRequest.sortType …

dataflowRequest.filterKey: Put the filter key, for example, "Title".
dataflowRequest.filterValue: Put the filter value (search term), for example, "channelName123".
dataflowRequest.sortKey: Put the column name to sort, for example, "createdAt".
dataflowRequest.sortType: Enter whether to sort in ascending or descending order, for example, "ASC" or "DESC".