{
  "openapi": "3.1.1",
  "info": {
    "title": "ICICI HomeFinance – Hummingbird SSO Gateway",
    "description": "Receives and validates SHA-1 based SSO handoffs from the ICICI HomeFinance corporate portal.",
    "version": "v1"
  },
  "servers": [
    {
      "url": "https://hbicicihfapi-uat.staysimplyfied.com/"
    }
  ],
  "paths": {
    "/api/sso/login": {
      "post": {
        "tags": [
          "Sso"
        ],
        "summary": "Validates an SSO POST from the corporate portal and, on success, establishes a Hummingbird\nsession and redirects the browser to the Hummingbird home page.",
        "description": "Accepts `application/x-www-form-urlencoded` with fields:\n    username, company, expire, hashValue.",
        "requestBody": {
          "description": "SHA-1 hash produced by the corporate portal from username + expire + secret.",
          "content": {
            "application/x-www-form-urlencoded": {
              "schema": {
                "type": "object",
                "properties": {
                  "username": {
                    "type": "string"
                  },
                  "company": {
                    "type": "string"
                  },
                  "expire": {
                    "maximum": 9223372036854776000,
                    "minimum": 1,
                    "pattern": "^-?(?:0|[1-9]\\d*)$",
                    "type": [
                      "integer",
                      "string"
                    ],
                    "format": "int64"
                  },
                  "hashValue": {
                    "type": "string"
                  }
                }
              }
            }
          },
          "required": true
        },
        "responses": {
          "302": {
            "description": "SSO succeeded; browser is redirected to the Hummingbird home page.",
            "content": {
              "application/json": { }
            }
          },
          "400": {
            "description": "Required fields missing or malformed.",
            "content": {
              "application/json": {
                "schema": {
                  "$ref": "#/components/schemas/ProblemDetails"
                }
              }
            }
          },
          "401": {
            "description": "Hash mismatch or token expired/replayed.",
            "content": {
              "application/json": {
                "schema": {
                  "$ref": "#/components/schemas/ProblemDetails"
                }
              }
            }
          },
          "403": {
            "description": "Employee not found or inactive.",
            "content": {
              "application/json": {
                "schema": {
                  "$ref": "#/components/schemas/ProblemDetails"
                }
              }
            }
          }
        }
      }
    },
    "/api/sso/test-form": {
      "get": {
        "tags": [
          "Sso"
        ],
        "summary": "Redirects to the auto-hashing SSO test console (`/api/sso-test`).",
        "responses": {
          "302": {
            "description": "Redirect to the test console.",
            "content": {
              "application/json": { }
            }
          }
        }
      }
    },
    "/api/sso-test": {
      "get": {
        "tags": [
          "SsoTest"
        ],
        "summary": "Serves the HTML test console.",
        "responses": {
          "200": {
            "description": "OK",
            "content": {
              "text/html": { }
            }
          }
        }
      }
    },
    "/api/sso-test/prepare": {
      "get": {
        "tags": [
          "SsoTest"
        ],
        "summary": "Computes `expire` and `hashValue` for the given employee/company using the configured\nsecret and hash recipe. The result is safe to POST to `/api/sso/login`.",
        "parameters": [
          {
            "name": "username",
            "in": "query",
            "schema": {
              "type": "string"
            }
          },
          {
            "name": "company",
            "in": "query",
            "schema": {
              "type": "string"
            }
          },
          {
            "name": "expirySeconds",
            "in": "query",
            "schema": {
              "pattern": "^-?(?:0|[1-9]\\d*)$",
              "type": [
                "integer",
                "string"
              ],
              "format": "int32",
              "default": 240
            }
          }
        ],
        "responses": {
          "200": {
            "description": "OK"
          }
        }
      }
    }
  },
  "components": {
    "schemas": {
      "ProblemDetails": {
        "type": "object",
        "properties": {
          "type": {
            "type": [
              "null",
              "string"
            ]
          },
          "title": {
            "type": [
              "null",
              "string"
            ]
          },
          "status": {
            "pattern": "^-?(?:0|[1-9]\\d*)$",
            "type": [
              "null",
              "integer",
              "string"
            ],
            "format": "int32"
          },
          "detail": {
            "type": [
              "null",
              "string"
            ]
          },
          "instance": {
            "type": [
              "null",
              "string"
            ]
          }
        }
      }
    }
  },
  "tags": [
    {
      "name": "Sso"
    },
    {
      "name": "SsoTest"
    }
  ]
}