Freeboard

English

Francais
Espanol
Deutsch

English

Francais
Espanol
Deutsch

Appearance

GraphQL Schema

Download raw

graphql
"""Custom scalar for arbitrary JSON-like objects."""
scalar Object

"""Dashboard ACL access level."""
enum DashboardAccessLevel {
  VIEWER
  EDITOR
}

"""Per-dashboard ACL entry."""
type DashboardAclEntry {
  userId: ID!
  accessLevel: DashboardAccessLevel!
}

"""Collaborator view with user identity details."""
type DashboardCollaborator {
  userId: ID!
  email: String
  accessLevel: DashboardAccessLevel!
  isOwner: Boolean!
}

"""Represents a saved dashboard configuration."""
type Dashboard {
  _id: ID!
  title: String!
  version: String!
  visibility: DashboardVisibility!
  shareToken: String
  shareTokenVersion: Int!
  image: String
  datasources: [Object]
  columns: Int
  width: String
  panes: [Object]
  settings: Object
  user: String
  acl: [DashboardAclEntry!]!
  isOwner: Boolean!
  canEdit: Boolean!
  canManageSharing: Boolean!
  createdAt: String
  updatedAt: String
}

type Query {
  """Retrieve a single dashboard by ID."""
  dashboard(_id: ID!): Dashboard

  """Retrieve dashboard by opaque share token."""
  dashboardByShareToken(shareToken: String!): Dashboard

  """List dashboards available to the current user."""
  dashboards: [Dashboard]!

  """List collaborators for a dashboard."""
  dashboardCollaborators(_id: ID!): [DashboardCollaborator!]!

  """Retrieve the list of all registered users."""
  listAllUsers: [User]

  """Retrieve the currently authenticated user."""
  me: User

  """Admin-only: list unexpired invites."""
  listPendingInvites: [Invite]!

  """Publicly accessible auth policy subset for login/registration UX."""
  publicAuthPolicy: AuthPolicy!

  """Admin-visible auth policy snapshot."""
  authPolicy: AuthPolicy!
  credentialProfiles: [CredentialProfile!]!
  brokerProfiles(protocol: BrokerProfileProtocol): [BrokerProfile!]!
  adminDatasourceDiagnostics: DatasourceDiagnostics!
  adminServiceAccounts: [ServiceAccount!]!
  adminServiceAccountTokens(serviceAccountId: ID!): [ServiceAccountTokenRecord!]!
  adminAuditEvents(limit: Int, actionPrefix: String): [AuditEventRecord!]!
  adminRuntimeMetrics: AdminRuntimeMetrics!
}

type Mutation {
  """Create a new dashboard."""
  createDashboard(dashboard: CreateDashboardInput): Dashboard!

  """Update an existing dashboard by ID."""
  updateDashboard(_id: ID!, dashboard: UpdateDashboardInput): Dashboard!

  """Delete a dashboard by ID."""
  deleteDashboard(_id: ID!): Dashboard!

  """Set visibility for a dashboard."""
  setDashboardVisibility(_id: ID!, visibility: DashboardVisibility!): Dashboard!

  """Rotate the share token for a dashboard."""
  rotateDashboardShareToken(_id: ID!): Dashboard!

  """Grant or update dashboard ACL access by user email."""
  upsertDashboardAccess(_id: ID!, email: String!, accessLevel: DashboardAccessLevel!): Dashboard!

  """Revoke dashboard ACL access."""
  revokeDashboardAccess(_id: ID!, userId: ID!): Dashboard!

  """Transfer dashboard ownership."""
  transferDashboardOwnership(_id: ID!, newOwnerUserId: ID!): Dashboard!

  """Register a new user and return an authentication token."""
  registerUser(email: String!, password: String!): Token

  """Authenticate a user and return an authentication token."""
  authUser(email: String!, password: String!): Token

  """Delete the currently authenticated user's account permanently."""
  deleteMyUserAccount: User!

  """Admin-only: create a new user with an explicit role."""
  adminCreateUser(email: String!, password: String!, role: UserRole!, active: Boolean): User!

  """Admin-only: update an existing user's role and/or active state."""
  adminUpdateUser(_id: ID!, role: UserRole, active: Boolean): User!

  """Admin-only: delete a user account."""
  adminDeleteUser(_id: ID!): User!

  """Admin-only: create an invitation token for a new account."""
  adminCreateInvite(email: String!, role: UserRole!, expiresInHours: Int): InviteToken!

  """Admin-only: revoke a pending invitation token."""
  adminRevokeInvite(_id: ID!): Boolean!

  """Accept an invitation token and create a new account."""
  acceptInvite(token: String!, password: String!): Token

  """Initiate password reset (always returns true)."""
  requestPasswordReset(email: String!): Boolean!

  """Complete password reset with a valid one-time token."""
  resetPassword(token: String!, password: String!): Boolean!

  """Admin-only: issue password reset token for a user."""
  adminIssuePasswordReset(_id: ID!, expiresInHours: Int): PasswordResetToken!

  """Admin-only: update mutable auth policy fields."""
  setAuthPolicy(registrationMode: RegistrationMode, registrationDefaultRole: UserRole, editorCanPublish: Boolean, dashboardDefaultVisibility: DashboardVisibility, dashboardPublicListingEnabled: Boolean, executionMode: ExecutionMode): AuthPolicy!
  adminCreateCredentialProfile(input: CredentialProfileCreateInput!): CredentialProfile!
  adminUpdateCredentialProfile(_id: ID!, input: CredentialProfileUpdateInput!): CredentialProfile!
  adminDeleteCredentialProfile(_id: ID!): CredentialProfile!
  adminCreateBrokerProfile(input: BrokerProfileCreateInput!): BrokerProfile!
  adminUpdateBrokerProfile(_id: ID!, input: BrokerProfileUpdateInput!): BrokerProfile!
  adminDeleteBrokerProfile(_id: ID!): BrokerProfile!
  mintDatasourceSessionToken(dashboardId: ID!, datasourceId: ID!, shareToken: String): DatasourceSessionToken!
  adminCreateServiceAccount(input: ServiceAccountInput!): ServiceAccount!
  adminUpdateServiceAccount(_id: ID!, input: UpdateServiceAccountInput!): ServiceAccount!
  adminDeleteServiceAccount(_id: ID!): ServiceAccount!
  adminIssueServiceAccountToken(serviceAccountId: ID!, label: String, scopes: [ServiceAccountScope!], expiresInHours: Int): IssuedServiceAccountToken!
  adminRotateServiceAccountToken(_id: ID!, expiresInHours: Int): IssuedServiceAccountToken!
  adminRevokeServiceAccountToken(_id: ID!): Boolean!
}

type Subscription {
  """Subscribe to real-time updates for a specific dashboard by ID."""
  dashboard(_id: ID!): Dashboard
}

"""Input type for creating a new dashboard."""
input CreateDashboardInput {
  title: String!
  version: String!
  visibility: DashboardVisibility
  image: String
  datasources: [Object]
  columns: Int
  width: String
  panes: [Object]
  settings: Object
}

"""Input type for updating an existing dashboard."""
input UpdateDashboardInput {
  title: String
  version: String
  visibility: DashboardVisibility
  image: String
  datasources: [Object]
  columns: Int
  width: String
  panes: [Object]
  settings: Object
}

"""Represents an application user account."""
type User {
  """Unique identifier of the user."""
  _id: ID!

  """User's email address (used for login)."""
  email: String!

  """Role of the user."""
  role: UserRole!

  """Indicates whether the account is active."""
  active: Boolean!

  """Date and time when the user registered (ISO 8601 format)."""
  registrationDate: String!

  """Date and time when the user last logged in (ISO 8601 format)."""
  lastLogin: String!
}

"""Invite metadata without exposing secret token hash."""
type Invite {
  _id: ID!
  email: String!
  role: UserRole!
  expiresAt: String!
  revokedAt: String
  acceptedAt: String
  createdAt: String!
}

"""One-time invite token payload issued to administrators."""
type InviteToken {
  invite: Invite!
  token: String!
}

"""One-time password reset token payload issued to administrators."""
type PasswordResetToken {
  userId: ID!
  token: String!
  expiresAt: String!
}

"""Represents an authentication or registration token."""
type Token {
  """JWT or API token string returned after successful authentication."""
  token: String
}

"""Role model used across authz and user management."""
enum UserRole {
  VIEWER
  EDITOR
  ADMIN
}

"""Registration mode policy."""
enum RegistrationMode {
  DISABLED
  INVITE
  OPEN
}

"""Dashboard execution mode policy."""
enum ExecutionMode {
  SAFE
  TRUSTED
}

"""Dashboard visibility states."""
enum DashboardVisibility {
  PRIVATE
  LINK
  PUBLIC
}

"""Authentication/registration policy snapshot."""
type AuthPolicy {
  registrationMode: RegistrationMode!
  registrationDefaultRole: UserRole!
  editorCanPublish: Boolean!
  dashboardDefaultVisibility: DashboardVisibility!
  dashboardPublicListingEnabled: Boolean!
  executionMode: ExecutionMode!
  policyEditLock: Boolean!
}

enum CredentialProfileType {
  NONE
  HEADER
  BEARER
  BASIC
}

type CredentialProfile {
  _id: ID!
  name: String!
  description: String
  type: CredentialProfileType!
  allowPublicUse: Boolean!
  metadata: Object
  secretShape: Object
  createdAt: String
  updatedAt: String
}

input CredentialProfileCreateInput {
  name: String!
  description: String
  type: CredentialProfileType!
  allowPublicUse: Boolean
  metadata: Object
  secret: Object
}

input CredentialProfileUpdateInput {
  name: String
  description: String
  type: CredentialProfileType
  allowPublicUse: Boolean
  metadata: Object
  secret: Object
}

enum BrokerProfileProtocol {
  MQTT
}

type BrokerProfile {
  _id: ID!
  name: String!
  description: String
  protocol: BrokerProfileProtocol!
  brokerUrl: String!
  tls: Object
  credentialProfileId: String
  allowPublicUse: Boolean!
  topicAllowlist: [String!]!
  createdAt: String
  updatedAt: String
}

input BrokerProfileCreateInput {
  name: String!
  description: String
  protocol: BrokerProfileProtocol
  brokerUrl: String!
  tls: Object
  credentialProfileId: ID
  allowPublicUse: Boolean
  topicAllowlist: [String!]
}

input BrokerProfileUpdateInput {
  name: String
  description: String
  protocol: BrokerProfileProtocol
  brokerUrl: String
  tls: Object
  credentialProfileId: ID
  allowPublicUse: Boolean
  topicAllowlist: [String!]
}

type DatasourceSessionToken {
  token: String!
  expiresAt: String!
}

type DatasourceTypeCount {
  type: String!
  count: Int!
}

type DatasourceDiagnostics {
  totalDashboards: Int!
  totalDatasources: Int!
  credentialBoundDatasources: Int!
  externalDashboardDatasources: Int!
  invalidDatasources: Int!
  typeCounts: [DatasourceTypeCount!]!
}

enum ServiceAccountScope {
  DATASOURCE_MINT
  DATASOURCE_DIAGNOSTICS_READ
  OPS_READ
}

type ServiceAccount {
  _id: ID!
  name: String!
  description: String!
  active: Boolean!
  scopes: [ServiceAccountScope!]!
  tokenCount: Int!
  createdAt: String
  updatedAt: String
  lastUsedAt: String
}

type ServiceAccountTokenRecord {
  _id: ID!
  serviceAccountId: ID!
  label: String
  scopes: [ServiceAccountScope!]!
  tokenPreview: String!
  expiresAt: String
  revokedAt: String
  createdAt: String
  updatedAt: String
  lastUsedAt: String
}

type IssuedServiceAccountToken {
  tokenRecord: ServiceAccountTokenRecord!
  token: String!
}

type AuditEventRecord {
  _id: ID!
  actorUserId: ID
  action: String!
  targetType: String
  targetId: ID
  metadata: Object
  createdAt: String
  updatedAt: String
}

type ApiRuntimeMetrics {
  startedAt: String!
  collectedAt: String!
  uptimeSeconds: Int!
  requestCount: Int!
  errorCount: Int!
  avgLatencyMs: Float!
  p95LatencyMs: Float!
  maxLatencyMs: Float!
  authFailureCount: Int!
  datasourceMintSuccessCount: Int!
  datasourceMintFailureCount: Int!
  auditWriteFailureCount: Int!
}

type GatewayRuntimeMetrics {
  startedAt: String!
  collectedAt: String!
  uptimeSeconds: Int!
  httpRequestCount: Int!
  httpErrorCount: Int!
  httpAvgLatencyMs: Float!
  realtimeConnectionAttempts: Int!
  realtimeConnectionsAccepted: Int!
  realtimeConnectionsRejected: Int!
  realtimeActiveConnections: Int!
  realtimeMessagesIn: Int!
  realtimeMessagesOut: Int!
  realtimeErrorCount: Int!
}

type AdminRuntimeMetrics {
  collectedAt: String!
  api: ApiRuntimeMetrics!
  gateway: GatewayRuntimeMetrics
}

input ServiceAccountInput {
  name: String!
  description: String
  active: Boolean
  scopes: [ServiceAccountScope!]
}

input UpdateServiceAccountInput {
  name: String
  description: String
  active: Boolean
  scopes: [ServiceAccountScope!]
}