diff --git a/.gitignore b/.gitignore
index ae56176..266ad9a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,6 @@ target/classes
 target/generated-sources
 target/maven-archiver
 target/maven-status
+.gitignore
+.git
+.idea
diff --git a/.idea/encodings.xml b/.idea/encodings.xml
deleted file mode 100644
index f13fa33..0000000
--- a/.idea/encodings.xml
+++ /dev/null
@@ -1,4 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="Encoding" addBOMForNewFiles="with NO BOM" />
-</project>
\ No newline at end of file
diff --git a/.idea/gradle.xml b/.idea/gradle.xml
deleted file mode 100644
index 83fd8f4..0000000
--- a/.idea/gradle.xml
+++ /dev/null
@@ -1,18 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="GradleSettings">
-    <option name="linkedExternalProjectsSettings">
-      <GradleProjectSettings>
-        <option name="distributionType" value="LOCAL" />
-        <option name="externalProjectPath" value="$PROJECT_DIR$" />
-        <option name="gradleHome" value="c:/opt/gradle-5.4.1" />
-        <option name="modules">
-          <set>
-            <option value="$PROJECT_DIR$" />
-          </set>
-        </option>
-        <option name="useQualifiedModuleNames" value="true" />
-      </GradleProjectSettings>
-    </option>
-  </component>
-</project>
\ No newline at end of file
diff --git a/.idea/misc.xml b/.idea/misc.xml
deleted file mode 100644
index af6cc19..0000000
--- a/.idea/misc.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="ExternalStorageConfigurationManager" enabled="true" />
-  <component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" project-jdk-name="1.8" project-jdk-type="JavaSDK">
-    <output url="file://$PROJECT_DIR$/out" />
-  </component>
-</project>
\ No newline at end of file
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
deleted file mode 100644
index c8397c9..0000000
--- a/.idea/vcs.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="VcsDirectoryMappings">
-    <mapping directory="" vcs="Git" />
-  </component>
-</project>
\ No newline at end of file
diff --git a/.idea/workspace.xml b/.idea/workspace.xml
deleted file mode 100644
index 2ffbfcf..0000000
--- a/.idea/workspace.xml
+++ /dev/null
@@ -1,243 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="ChangeListManager">
-    <list default="true" id="cce66508-0fbf-48fc-8d2d-4ada633f7b14" name="Default Changelist" comment="">
-      <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/pom.xml" beforeDir="false" afterPath="$PROJECT_DIR$/pom.xml" afterDir="false" />
-    </list>
-    <ignored path="$PROJECT_DIR$/.gradle/" />
-    <ignored path="$PROJECT_DIR$/build/" />
-    <ignored path="$PROJECT_DIR$/out/" />
-    <option name="EXCLUDED_CONVERTED_TO_IGNORED" value="true" />
-    <option name="SHOW_DIALOG" value="false" />
-    <option name="HIGHLIGHT_CONFLICTS" value="true" />
-    <option name="HIGHLIGHT_NON_ACTIVE_CHANGELIST" value="false" />
-    <option name="LAST_RESOLUTION" value="IGNORE" />
-  </component>
-  <component name="ExternalProjectsData">
-    <projectState path="$PROJECT_DIR$">
-      <ProjectState />
-    </projectState>
-  </component>
-  <component name="FileEditorManager">
-    <leaf SIDE_TABS_SIZE_LIMIT_KEY="375">
-      <file pinned="false" current-in-tab="true">
-        <entry file="file://$PROJECT_DIR$/pom.xml">
-          <provider selected="true" editor-type-id="text-editor">
-            <state relative-caret-position="775">
-              <caret line="31" column="39" lean-forward="true" selection-start-line="31" selection-start-column="39" selection-end-line="31" selection-end-column="39" />
-            </state>
-          </provider>
-        </entry>
-      </file>
-      <file pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/README.md">
-          <provider selected="true" editor-type-id="split-provider[text-editor;markdown-preview-editor]">
-            <state split_layout="SPLIT">
-              <first_editor relative-caret-position="100">
-                <caret line="4" column="66" lean-forward="true" selection-start-line="4" selection-start-column="5" selection-end-line="4" selection-end-column="66" />
-              </first_editor>
-              <second_editor />
-            </state>
-          </provider>
-        </entry>
-      </file>
-      <file pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/.gitignore">
-          <provider selected="true" editor-type-id="text-editor">
-            <state relative-caret-position="25">
-              <caret line="4" selection-start-line="4" selection-end-line="4" />
-            </state>
-          </provider>
-        </entry>
-      </file>
-    </leaf>
-  </component>
-  <component name="FindInProjectRecents">
-    <findStrings>
-      <find>petstore</find>
-    </findStrings>
-    <replaceStrings>
-      <replace>iriusrisk</replace>
-    </replaceStrings>
-  </component>
-  <component name="Git.Settings">
-    <option name="RECENT_GIT_ROOT_PATH" value="$PROJECT_DIR$" />
-  </component>
-  <component name="IdeDocumentHistory">
-    <option name="CHANGED_PATHS">
-      <list>
-        <option value="$PROJECT_DIR$/build.gradle" />
-        <option value="$PROJECT_DIR$/iriusrisk-config.json" />
-        <option value="$PROJECT_DIR$/build.xml" />
-        <option value="$PROJECT_DIR$/.gitignore" />
-        <option value="$PROJECT_DIR$/pom.xml" />
-      </list>
-    </option>
-  </component>
-  <component name="ProjectFrameBounds" extendedState="6">
-    <option name="x" value="-10" />
-    <option name="y" value="-10" />
-    <option name="width" value="2420" />
-    <option name="height" value="1320" />
-  </component>
-  <component name="ProjectView">
-    <navigator proportions="" version="1">
-      <foldersAlwaysOnTop value="true" />
-    </navigator>
-    <panes>
-      <pane id="PackagesPane" />
-      <pane id="Scope" />
-      <pane id="ProjectPane">
-        <subPane>
-          <expand>
-            <path>
-              <item name="iriusrisk-client-lib" type="b2602c69:ProjectViewProjectNode" />
-              <item name="iriusrisk-client-lib" type="8a07ba80:GradleTreeStructureProvider$GradleModuleDirectoryNode" />
-            </path>
-            <path>
-              <item name="iriusrisk-client-lib" type="b2602c69:ProjectViewProjectNode" />
-              <item name="iriusrisk-client-lib" type="8a07ba80:GradleTreeStructureProvider$GradleModuleDirectoryNode" />
-              <item name="target" type="462c0819:PsiDirectoryNode" />
-            </path>
-            <path>
-              <item name="iriusrisk-client-lib" type="b2602c69:ProjectViewProjectNode" />
-              <item name="iriusrisk-client-lib" type="8a07ba80:GradleTreeStructureProvider$GradleModuleDirectoryNode" />
-              <item name="target" type="462c0819:PsiDirectoryNode" />
-              <item name="classes" type="462c0819:PsiDirectoryNode" />
-            </path>
-            <path>
-              <item name="iriusrisk-client-lib" type="b2602c69:ProjectViewProjectNode" />
-              <item name="iriusrisk-client-lib" type="8a07ba80:GradleTreeStructureProvider$GradleModuleDirectoryNode" />
-              <item name="target" type="462c0819:PsiDirectoryNode" />
-              <item name="classes" type="462c0819:PsiDirectoryNode" />
-              <item name="com" type="462c0819:PsiDirectoryNode" />
-            </path>
-            <path>
-              <item name="iriusrisk-client-lib" type="b2602c69:ProjectViewProjectNode" />
-              <item name="iriusrisk-client-lib" type="8a07ba80:GradleTreeStructureProvider$GradleModuleDirectoryNode" />
-              <item name="target" type="462c0819:PsiDirectoryNode" />
-              <item name="classes" type="462c0819:PsiDirectoryNode" />
-              <item name="com" type="462c0819:PsiDirectoryNode" />
-              <item name="iriusrisk" type="462c0819:PsiDirectoryNode" />
-            </path>
-          </expand>
-          <select />
-        </subPane>
-      </pane>
-    </panes>
-  </component>
-  <component name="PropertiesComponent">
-    <property name="com.android.tools.idea.instantapp.provision.ProvisionBeforeRunTaskProvider.myTimeStamp" value="1585418836301" />
-    <property name="settings.editor.selected.configurable" value="reference.settingsdialog.IDE.editor.colors.General" />
-  </component>
-  <component name="RunAnythingCache">
-    <option name="myCommands">
-      <command value="gradle" />
-    </option>
-  </component>
-  <component name="RunDashboard">
-    <option name="ruleStates">
-      <list>
-        <RuleState>
-          <option name="name" value="ConfigurationTypeDashboardGroupingRule" />
-        </RuleState>
-        <RuleState>
-          <option name="name" value="StatusDashboardGroupingRule" />
-        </RuleState>
-      </list>
-    </option>
-  </component>
-  <component name="SvnConfiguration">
-    <configuration />
-  </component>
-  <component name="TaskManager">
-    <task active="true" id="Default" summary="Default task">
-      <changelist id="cce66508-0fbf-48fc-8d2d-4ada633f7b14" name="Default Changelist" comment="" />
-      <created>1585412802675</created>
-      <option name="number" value="Default" />
-      <option name="presentableId" value="Default" />
-      <updated>1585412802675</updated>
-    </task>
-    <servers />
-  </component>
-  <component name="ToolWindowManager">
-    <frame x="-7" y="-7" width="2062" height="1126" extended-state="6" />
-    <editor active="true" />
-    <layout>
-      <window_info active="true" content_ui="combo" id="Project" order="0" visible="true" weight="0.18022089" />
-      <window_info id="Structure" order="1" side_tool="true" weight="0.25" />
-      <window_info id="Image Layers" order="2" />
-      <window_info id="Designer" order="3" />
-      <window_info id="Capture Tool" order="4" />
-      <window_info id="UI Designer" order="5" />
-      <window_info id="Favorites" order="6" side_tool="true" />
-      <window_info anchor="bottom" id="Message" order="0" />
-      <window_info anchor="bottom" id="Find" order="1" visible="true" weight="0.3298969" />
-      <window_info anchor="bottom" id="Run" order="2" />
-      <window_info anchor="bottom" id="Debug" order="3" weight="0.4" />
-      <window_info anchor="bottom" id="Cvs" order="4" weight="0.25" />
-      <window_info anchor="bottom" id="Inspection" order="5" weight="0.4" />
-      <window_info anchor="bottom" id="TODO" order="6" />
-      <window_info anchor="bottom" id="Version Control" order="7" />
-      <window_info anchor="bottom" id="Terminal" order="8" />
-      <window_info anchor="bottom" id="Event Log" order="9" side_tool="true" />
-      <window_info anchor="bottom" id="Build" order="10" weight="0.2257732" />
-      <window_info anchor="bottom" id="Messages" order="11" weight="0.3298969" />
-      <window_info anchor="right" id="Commander" internal_type="SLIDING" order="0" type="SLIDING" weight="0.4" />
-      <window_info anchor="right" id="Ant Build" order="1" weight="0.25" />
-      <window_info anchor="right" content_ui="combo" id="Hierarchy" order="2" weight="0.25" />
-      <window_info anchor="right" id="Palette" order="3" />
-      <window_info anchor="right" id="Maven" order="4" />
-      <window_info anchor="right" id="Gradle" order="5" />
-      <window_info anchor="right" id="Theme Preview" order="6" />
-      <window_info anchor="right" id="Capture Analysis" order="7" />
-      <window_info anchor="right" id="Palette&#9;" order="8" />
-    </layout>
-  </component>
-  <component name="editorHistoryManager">
-    <entry file="file://$PROJECT_DIR$/build.gradle" />
-    <entry file="file://$PROJECT_DIR$/build.xml" />
-    <entry file="file://$PROJECT_DIR$/iriusrisk-config.json" />
-    <entry file="file://$PROJECT_DIR$/.gitignore">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="25">
-          <caret line="4" selection-start-line="4" selection-end-line="4" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/README.md">
-      <provider selected="true" editor-type-id="split-provider[text-editor;markdown-preview-editor]">
-        <state split_layout="SPLIT">
-          <first_editor relative-caret-position="100">
-            <caret line="4" column="66" lean-forward="true" selection-start-line="4" selection-start-column="5" selection-end-line="4" selection-end-column="66" />
-          </first_editor>
-          <second_editor />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/pom.xml">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="775">
-          <caret line="31" column="39" lean-forward="true" selection-start-line="31" selection-start-column="39" selection-end-line="31" selection-end-column="39" />
-        </state>
-      </provider>
-    </entry>
-  </component>
-  <component name="masterDetails">
-    <states>
-      <state key="ProjectJDKs.UI">
-        <settings>
-          <last-edited>1.8</last-edited>
-          <splitter-proportions>
-            <option name="proportions">
-              <list>
-                <option value="0.2" />
-              </list>
-            </option>
-          </splitter-proportions>
-        </settings>
-      </state>
-    </states>
-  </component>
-</project>
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 20a4390..7617c6a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,4 +1,5 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.iriusrisk</groupId>
     <artifactId>iriusrisk-client-lib</artifactId>
@@ -21,7 +22,7 @@
             <plugin>
                 <groupId>io.swagger</groupId>
                 <artifactId>swagger-codegen-maven-plugin</artifactId>
-                <version>2.3.1</version>
+                <version>2.4.13</version>
                 <executions>
                     <execution>
                         <goals>
@@ -29,7 +30,7 @@
                         </goals>
                         <configuration>
                             <!-- specify the swagger yaml -->
-                            <inputSpec>iriusrisk.yaml</inputSpec>
+                            <inputSpec>swagger.yaml</inputSpec>
 
                             <!-- target to generate java client code -->
                             <language>java</language>
@@ -48,7 +49,6 @@
                             </configOptions>
 
                             <!-- override the default library to jersey2 -->
-                            <library>jersey2</library>
                         </configuration>
                     </execution>
                 </executions>
@@ -67,51 +67,52 @@
         <!-- You can find the dependencies for the library configuation you chose by looking in JavaClientCodegen.
              Then find the corresponding dependency on Maven Central, and set the versions in the property section below -->
 
-        <!-- HTTP client: jersey-client -->
+        <!--
+        Swagger Codegen supports the following Client implementations:
+
+        jersey1 + Jackson
+        Jersey2 + Jackson
+        Feign + Jackson
+        *** OkHttp + Gson ***
+        Retrofit2/OkHttp + Gson
+        Spring RestTemplate + Jackson
+        Resteasy + Jackson
+
+        Ref: https://stackoverflow.com/questions/57545884/how-to-develop-a-simple-rest-client-using-swagger-codegen
+        -->
+
         <dependency>
-            <groupId>org.glassfish.jersey.core</groupId>
-            <artifactId>jersey-client</artifactId>
-            <version>${jersey-version}</version>
+            <groupId>com.google.code.gson</groupId>
+            <artifactId>gson</artifactId>
+            <version>${gson-version}</version>
         </dependency>
         <dependency>
-            <groupId>org.glassfish.jersey.media</groupId>
-            <artifactId>jersey-media-json-jackson</artifactId>
-            <version>${jersey-version}</version>
+            <groupId>com.squareup.okhttp</groupId>
+            <artifactId>okhttp</artifactId>
+            <version>${okhttp-version}</version>
         </dependency>
         <dependency>
-            <groupId>org.glassfish.jersey.media</groupId>
-            <artifactId>jersey-media-multipart</artifactId>
-            <version>${jersey-version}</version>
+            <groupId>com.squareup.okhttp</groupId>
+            <artifactId>logging-interceptor</artifactId>
+            <version>${okhttp-logging-version}</version>
         </dependency>
-
-        <!-- JSON processing: jackson -->
         <dependency>
-            <groupId>com.fasterxml.jackson.jaxrs</groupId>
-            <artifactId>jackson-jaxrs-base</artifactId>
-            <version>${jackson-version}</version>
-        </dependency>
-        <dependency>
-            <groupId>com.fasterxml.jackson.core</groupId>
-            <artifactId>jackson-core</artifactId>
-            <version>${jackson-version}</version>
-        </dependency>
-        <dependency>
-            <groupId>com.fasterxml.jackson.core</groupId>
-            <artifactId>jackson-annotations</artifactId>
-            <version>${jackson-version}</version>
+            <groupId>io.gsonfire</groupId>
+            <artifactId>gson-fire</artifactId>
+            <version>${gson-fire-version}</version>
         </dependency>
+
+        <!-- Base64 encoding that works in both JVM and Android -->
         <dependency>
-            <groupId>com.fasterxml.jackson.core</groupId>
-            <artifactId>jackson-databind</artifactId>
-            <version>${jackson-version}</version>
+            <groupId>com.brsanthu</groupId>
+            <artifactId>migbase64</artifactId>
+            <version>${migbase64-version}</version>
         </dependency>
         <dependency>
-            <groupId>com.fasterxml.jackson.jaxrs</groupId>
-            <artifactId>jackson-jaxrs-json-provider</artifactId>
-            <version>${jackson-version}</version>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>${junit-version}</version>
         </dependency>
-
-        <!-- Joda time: if you use it -->
         <dependency>
             <groupId>com.fasterxml.jackson.datatype</groupId>
             <artifactId>jackson-datatype-joda</artifactId>
@@ -122,21 +123,18 @@
             <artifactId>joda-time</artifactId>
             <version>${jodatime-version}</version>
         </dependency>
-
-        <!-- Base64 encoding that works in both JVM and Android -->
-        <dependency>
-            <groupId>com.brsanthu</groupId>
-            <artifactId>migbase64</artifactId>
-            <version>2.2</version>
-        </dependency>
     </dependencies>
 
     <properties>
         <swagger-annotations-version>1.5.21</swagger-annotations-version>
-        <jersey-version>2.29.1</jersey-version>
+        <gson-version>2.8.6</gson-version>
+        <gson-fire-version>1.8.4</gson-fire-version>
+        <okhttp-version>2.7.5</okhttp-version>
+        <okhttp-logging-version>2.7.5</okhttp-logging-version>
+        <migbase64-version>2.2</migbase64-version>
+        <maven-plugin-version>1.0.0</maven-plugin-version>
         <jackson-version>2.10.1</jackson-version>
         <jodatime-version>2.7</jodatime-version>
-        <maven-plugin-version>1.0.0</maven-plugin-version>
-        <junit-version>4.8.1</junit-version>
+        <junit-version>4.13</junit-version>
     </properties>
 </project>
\ No newline at end of file
diff --git a/swagger.yaml b/swagger.yaml
new file mode 100644
index 0000000..bf21337
--- /dev/null
+++ b/swagger.yaml
@@ -0,0 +1,3581 @@
+swagger: '2.0'
+info:
+  title: IriusRisk API
+  description: Products API
+  version: "1"
+# the domain of the service
+host: demo.iriusrisk.com
+# array of all schemes that your API supports
+schemes:
+- https
+# will be prefixed to all paths
+basePath: /api/v1
+produces:
+- application/json
+paths:
+  /roles:
+    post:
+      summary: Creates a new Role
+      description: |
+        Creates a new role.
+        Conditions to be able to perform the action:
+         - To have the permission **ROLES_UPDATE** granted.
+      tags:
+        - Roles
+        - Authorization
+      consumes: ["application/json"]
+      x-permissions: [ROLES_UPDATE]
+      parameters:
+        - name: api-token
+          in: header
+          description: Authentication token
+          required: true
+          type: string
+          format: string
+        - name: createRoleRequestBody
+          in: body
+          description: JSON data that contains information of the fields
+          required: true
+          schema:
+            type: object
+            properties:
+              name:
+                description: Name of the new role
+                type: string
+              permissions:
+                description: Role's permissions list
+                type: array
+                items:
+                  type: string
+      responses:
+        201:
+          description: Created Role
+        401:
+          description: Authentication information is missing or invalid or not granted to perform this action.
+          schema:
+            $ref: '#/definitions/Error'
+        400:
+          description: Bad request
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/Error'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: Permission not found
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /roles/{role_name}:
+    delete:
+      summary: Deletes an existing role
+      description: |
+        Deletes an existing role.
+        Conditions to be able to perform the action:
+        - To have the permission **ROLES_UPDATE** granted.
+      tags:
+        - Role
+        - Authorization
+      x-permissions: [ROLES_UPDATE]
+      parameters:
+        - name: api-token
+          in: header
+          description: Authentication token
+          required: true
+          type: string
+          format: string
+        - name: role_name
+          in: path
+          description: Role name to delete
+          required: true
+          type: string
+          format: string
+      responses:
+        204:
+          description: Role has been deleted
+        400:
+          description: Bad request
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/Error'
+        401:
+          description: Authentication information is missing or invalid or not granted to perform this action.
+          schema:
+            $ref: '#/definitions/Error'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: Role not found
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /groups:
+    post:
+      summary: Creates a new user group
+      description: |
+        Creates a new user group.
+        Conditions to be able to perform the action:
+           - To have the permission **ALL_USERS_UPDATE** granted.
+      tags:
+      - Groups
+      consumes: ["application/json"]
+      x-permissions: [ALL_USERS_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: createGroupRequestBody
+        in: body
+        description: JSON data that contains information of the fields
+        required: true
+        schema:
+          type: object
+          properties:
+            ref:
+              description: Reference field value
+              type: string
+            name:
+              description: Name field value
+              type: string
+            desc:
+              description: Description field value
+              type: string
+      responses:
+        201:
+          description: Group details
+          schema:
+            $ref: '#/definitions/Group'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    get:
+      summary: Gets a list of all Groups
+      description: |
+        Gets a list of all user's groups.
+        Conditions to be able to perform the action:
+           - To have the permission **ALL_USERS_UPDATE** granted.
+      tags:
+      - Groups
+      x-permissions: [ALL_USERS_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      responses:
+        200:
+          description: An array of groups
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/Group'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /groups/{groupRef}:
+    put:
+      summary: Update a users group
+      description: |
+        Updates a users group.
+        Conditions to be able to perform the action:
+           - To have the permission **ALL_USERS_UPDATE** granted.
+      tags:
+      - Groups
+      consumes: ["application/json"]
+      x-permissions: [ALL_USERS_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: groupRef
+        in: path
+        description: unique ref of the group
+        required: true
+        type: string
+        format: string
+      - name: updateGroupRequestBody
+        in: body
+        description: JSON data that contains information of the fields
+        required: true
+        schema:
+          type: object
+          properties:
+            name:
+              description: Name field value
+              type: string
+            desc:
+              description: Description field value
+              type: string
+      responses:
+        204:
+          description: Group has been updated
+          schema:
+            $ref: '#/definitions/Group'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: Group not found
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    delete:
+      summary: Deletes a users group
+      description: |
+        Deletes a users group.
+        Conditions to be able to perform the action:
+           - To have the permission **ALL_USERS_UPDATE** granted.
+      tags:
+        - Groups
+      x-permissions: [ALL_USERS_UPDATE]
+      parameters:
+        - name: api-token
+          in: header
+          description: Authentication token
+          required: true
+          type: string
+          format: string
+        - name: groupRef
+          in: path
+          description: unique name of the group
+          required: true
+          type: string
+          format: string
+      responses:
+        204:
+          description: Group has been deleted
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: Group not found
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    get:
+      summary: Gets the group details.
+      description: |
+        Returns the group details for the requested group.
+        Conditions to be able to perform the action:
+           - If the caller has the PRODUCTS_LIST_ALL permission then all groups can be queried without restriction.
+           - Without the PRODUCTS_LIST_ALL permission, the call will only return the group if the caller belongs to that group.
+      tags:
+        - Groups
+      x-permissions: [PRODUCTS_LIST_ALL]
+      parameters:
+        - name: api-token
+          in: header
+          description: Authentication token
+          required: true
+          type: string
+          format: string
+        - name: groupRef
+          in: path
+          description: unique name of the group
+          required: true
+          type: string
+          format: string
+      responses:
+        200:
+          description: Group details
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/Group'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /groups/{group}/users:
+    get:
+      summary: List users from a group
+      description: |
+        List users who belongs to a group.
+        Conditions to be able to perform the action:
+         - To have the permission **ALL_USERS_UPDATE** granted, or
+         - To have the permission **MANAGE_USERS_BU** granted. With this permission you will be able to list users of a group, **if you belong to this group**.
+      tags:
+      - Groups
+      - Users
+      consumes: ["application/json"]
+      x-permissions: [ALL_USERS_UPDATE, MANAGE_USERS_BU]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: group
+        in: path
+        description: name of the group
+        required: true
+        type: string
+        format: string
+      responses:
+        200:
+          description: An array of users who belongs to the group
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/User'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    put:
+      summary: Assigns users to a group
+      description: |
+        Assigns users to a group.
+        Conditions to be able to perform the action:
+         - To have the permission **ALL_USERS_UPDATE** granted, or
+         - To have the permission **MANAGE_USERS_BU** granted. With this permission you will be able to assign users to a group, **if you belong to this group**.
+      tags:
+      - Groups
+      - Users
+      consumes: ["application/json"]
+      x-permissions: [ALL_USERS_UPDATE, MANAGE_USERS_BU]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: group
+        in: path
+        description: name of the group
+        required: true
+        type: string
+        format: string
+      - name: assignUserGroupRequestBody
+        description: JSON object that contains information to assign users to group
+        in: body
+        required: true
+        schema:
+          type: object
+          properties:
+            usernames:
+              description: List of users to assign to group
+              type: array
+              items:
+                type: string
+      responses:
+        201:
+          description: An array of users that have been assigned to group
+          schema:
+            type: object
+            properties:
+              group:
+                type: string
+              usernames:
+                type: array
+                items:
+                  type: string
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    delete:
+      summary: Unassign a list of users from a group
+      description: |
+        Unassign a list of users from a group.
+        Conditions to be able to perform the action:
+         - To have the permission **ALL_USERS_UPDATE** granted, or
+         - To have the permission **MANAGE_USERS_BU** granted. With this permission you will be able to unassign users from a group, **if you belong to this group**.
+      tags:
+      - Groups
+      - Users
+      consumes: ["application/json"]
+      x-permissions: [ALL_USERS_UPDATE, MANAGE_USERS_BU]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: group
+        in: path
+        description: name of the group
+        required: true
+        type: string
+        format: string
+      - name: unassingUsersGroupRequestBody
+        description: JSON object that contains information to unassign users from group
+        in: body
+        required: true
+        schema:
+          type: object
+          properties:
+            usernames:
+              description: List of usernames of users to be unassigned from a group
+              type: array
+              items:
+                type: string
+      responses:
+        204:
+          description: All users have been unassigned
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /groups/{group}/users/{user}:
+    delete:
+      summary: Removes a user from a group
+      description: |
+        Unassign a user from a group.
+        Conditions to be able to perform the action:
+         - To have the permission **ALL_USERS_UPDATE** granted, or
+         - To have the permission **MANAGE_USERS_BU** granted. With this permission you will be able to unassign user from a group, **if you belong to this group**.
+      tags:
+      - Groups
+      - Users
+      x-permissions: [ALL_USERS_UPDATE, MANAGE_USERS_BU]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: group
+        in: path
+        description: name of the group
+        required: true
+        type: string
+        format: string
+      - name: user
+        in: path
+        description: user to be removed from group
+        required: true
+        type: string
+        format: string
+      responses:
+        204:
+          description: User has been removed from group
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /libraries:
+    post:
+      summary: Creates a Library
+      description: |
+        Creates a new empty Library.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      consumes: ["application/json"]
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: createLibraryRequestBody
+        in: body
+        description: JSON data that contains information of the fields
+        required: true
+        schema:
+          type: object
+          properties:
+            ref:
+              description: Reference field value
+              type: string
+            name:
+              description: Name field value
+              type: string
+            desc:
+              description: Description field value
+              type: string
+      responses:
+        201:
+          description: Empty Library created
+          schema:
+            $ref: '#/definitions/Library'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /libraries/{libraryRef}:
+    get:
+      summary: Gets library details
+      description: |
+        Gets the library details.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      responses:
+        200:
+          description: Library details
+          schema:
+            $ref: '#/definitions/Library'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    delete:
+      summary: Deletes a Library
+      description: |
+        Deletes a library.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      responses:
+        204:
+          description: The library has been deleted
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /libraries/{libraryRef}/riskpatterns:
+    post:
+      summary: Creates new Risk Pattern
+      description: |
+        Creates new Risk Pattern.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      - Risk Patterns
+      consumes: ["application/json"]
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      - name: createRiskPatternRequestBody
+        in: body
+        description: JSON data that contains information of the fields
+        required: true
+        schema:
+          type: object
+          properties:
+            ref:
+              description: Reference field value
+              type: string
+            name:
+              description: Name field value
+              type: string
+            desc:
+              description: Description field value
+              type: string
+      responses:
+        201:
+          description: Risk Pattern details
+          schema:
+            $ref: '#/definitions/RiskPattern'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /libraries/{libraryRef}/riskpatterns/{riskPatternRef}:
+    get:
+      summary: Gets Risk Pattern details
+      description: |
+        Gets Risk Pattern details.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      - Risk Patterns
+      consumes: ["application/json"]
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      - name: riskPatternRef
+        in: path
+        description: Reference for Risk Pattern
+        required: true
+        type: string
+      responses:
+        200:
+          description: RiskPattern details
+          schema:
+            $ref: '#/definitions/RiskPattern'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    delete:
+      summary: Deletes a Risk Pattern
+      description: |
+        Deletes a Risk Pattern.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      - Risk Patterns
+      consumes: ["application/json"]
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      - name: riskPatternRef
+        in: path
+        description: Reference for Risk Pattern
+        required: true
+        type: string
+      responses:
+        204:
+          description: The risk pattern has been deleted
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /libraries/{libraryRef}/riskpatterns/{riskPatternRef}/usecases:
+    post:
+      summary: Creates new use case in a library.
+      description: |
+        Creates new use case in a library.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      - Use Cases
+      consumes: ["application/json"]
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      - name: riskPatternRef
+        in: path
+        description: Reference for Risk Pattern
+        required: true
+        type: string
+      - name: createUseCaseLibraryRequestBody
+        in: body
+        description: JSON data that contains information of the fields
+        required: true
+        schema:
+          type: object
+          properties:
+            ref:
+              description: Reference field value
+              type: string
+            name:
+              description: Name field value
+              type: string
+            desc:
+              description: Description field value
+              type: string
+      responses:
+        201:
+          description: UseCase details
+          schema:
+            $ref: '#/definitions/LibraryUseCase'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /libraries/{libraryRef}/riskpatterns/{riskPatternRef}/usecases/{useCaseRef}/threats:
+    post:
+      summary: Creates a new threat in a library.
+      description: |
+        Creates a new threat in a library.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      - Threats
+      consumes: ["application/json"]
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      - name: riskPatternRef
+        in: path
+        description: Reference for Risk Pattern
+        required: true
+        type: string
+      - name: useCaseRef
+        in: path
+        description: Reference for Use Case
+        required: true
+        type: string
+      - name: createThreatLibraryRequestBody
+        in: body
+        description: JSON data that contains information of the fields
+        required: true
+        schema:
+          type: object
+          properties:
+            ref:
+              description: Reference field value
+              type: string
+            name:
+              description: Name field value
+              type: string
+            desc:
+              description: Description field value
+              type: string
+            riskRating:
+              description: Risk Rating
+              type: object
+              properties:
+                confidentiality:
+                  description: Confidentiality
+                  type: string
+                  enum:
+                  - none
+                  - low
+                  - medium
+                  - high
+                  - very-high
+                integrity:
+                  description: Integrity
+                  type: string
+                  enum:
+                  - none
+                  - low
+                  - medium
+                  - high
+                  - very-high
+                availability:
+                  description: Availability
+                  type: string
+                  enum:
+                  - none
+                  - low
+                  - medium
+                  - high
+                  - very-high
+                easeOfExploitation:
+                  description: Ease Of Exploitation
+                  type: string
+                  enum:
+                  - none
+                  - low
+                  - medium
+                  - high
+                  - very-high
+      responses:
+        201:
+          description: Threat details
+          schema:
+            $ref: '#/definitions/LibraryThreat'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /libraries/{libraryRef}/riskpatterns/{riskPatternRef}/weaknesses:
+    post:
+      summary: Creates a new weakness in a risk pattern
+      description: |
+        Creates a new Weakness in a risk pattern.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      - Risk Patterns
+      - Weaknesses
+      consumes: ["application/json"]
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      - name: riskPatternRef
+        in: path
+        description: Reference for Risk Pattern
+        required: true
+        type: string
+      - name: createWeaknessLibraryRequestBody
+        in: body
+        description: JSON data that contains information of the fields
+        required: true
+        schema:
+          type: object
+          properties:
+            ref:
+              description: Reference field value
+              type: string
+            name:
+              description: Name field value
+              type: string
+            desc:
+              description: Description field value
+              type: string
+            impact:
+              description: Impact
+              type: string
+              enum:
+              - none
+              - low
+              - medium
+              - high
+              - very-high
+            test:
+              $ref: '#/definitions/TestCommand'
+      responses:
+        201:
+          description: Weakness details
+          schema:
+            $ref: '#/definitions/LibraryWeakness'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /libraries/{libraryRef}/riskpatterns/{riskPatternRef}/countermeasures:
+    post:
+      summary: Creates new countermeasure in a risk pattern
+      description: |
+        Creates new countermeasure in a risk pattern.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      - Risk Patterns
+      - Countermeasures
+      consumes: ["application/json"]
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      - name: riskPatternRef
+        in: path
+        description: Reference for Risk Pattern
+        required: true
+        type: string
+      - name: createCountermeasureLibraryRequestBody
+        in: body
+        description: JSON data that contains information of the fields
+        required: true
+        schema:
+          $ref: '#/definitions/ControlCommand'
+      responses:
+        201:
+          description: Countermeasure details
+          schema:
+            $ref: '#/definitions/LibraryControl'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /libraries/{libraryRef}/riskpatterns/{riskPatternRef}/usecases/{useCaseRef}/threats/{threatRef}/weaknesses:
+    put:
+      summary: Associates weakness to a threat in a risk pattern.
+      description: |
+        Associates weakness to a threat in a risk pattern.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      - Risk Patterns
+      - Use Cases
+      - Threats
+      - Weaknesses
+      consumes: ["application/json"]
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      - name: riskPatternRef
+        in: path
+        description: Reference for Risk Pattern
+        required: true
+        type: string
+      - name: useCaseRef
+        in: path
+        description: Reference for Use Case
+        required: true
+        type: string
+      - name: threatRef
+        in: path
+        description: Reference for Threat
+        required: true
+        type: string
+      - name: associateWeaknessThreatLibraryRequestBody
+        in: body
+        description: JSON data that contains information of the fields
+        required: true
+        schema:
+          type: object
+          properties:
+            ref:
+              description: Existing Weakness reference
+              type: string
+      responses:
+        201:
+          description: Weakness details
+          schema:
+            $ref: '#/definitions/LibraryWeakness'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /libraries/{libraryRef}/riskpatterns/{riskPatternRef}/usecases/{useCaseRef}/threats/{threatRef}/weaknesses/{weaknessRef}/countermeasures:
+    put:
+      summary: Associates a countermeasure to a weakness in a risk pattern.
+      description: |
+        Associates a countermeasure to a weakness in a risk pattern.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      - Risk Patterns
+      - Use Cases
+      - Threats
+      - Weaknesses
+      - Countermeasures
+      consumes: ["application/json"]
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      - name: riskPatternRef
+        in: path
+        description: Reference for Risk Pattern
+        required: true
+        type: string
+      - name: useCaseRef
+        in: path
+        description: Reference for Use Case
+        required: true
+        type: string
+      - name: threatRef
+        in: path
+        description: Reference for Threat
+        required: true
+        type: string
+      - name: weaknessRef
+        in: path
+        description: Reference for Weakness
+        required: true
+        type: string
+      - name: associateCountermeasureWeaknessLibraryRequestBody
+        in: body
+        description: JSON data that contains information of the fields
+        required: true
+        schema:
+          type: object
+          properties:
+            ref:
+              description: Existing Countermesasure reference
+              type: string
+      responses:
+        201:
+          description: Countermeasure details
+          schema:
+            $ref: '#/definitions/LibraryControl'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /libraries/{libraryRef}/riskpatterns/{riskPatternRef}/usecases/{useCaseRef}/threats/{threatRef}/countermeasures:
+    put:
+      summary: Associates a countermeasure to a threat in a risk pattern.
+      description: |
+        Associates a countermeasure to a threat in a risk pattern.
+        Conditions to be able to perform the action:
+          - To have the permission **LIBRARY_UPDATE** granted.
+      tags:
+      - Libraries
+      - Use Cases
+      - Threats
+      - Countermeasures
+      consumes: ["application/json"]
+      x-permissions: [LIBRARY_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: libraryRef
+        in: path
+        description: Reference for library
+        required: true
+        type: string
+      - name: riskPatternRef
+        in: path
+        description: Reference for Risk Pattern
+        required: true
+        type: string
+      - name: useCaseRef
+        in: path
+        description: Reference for Use Case
+        required: true
+        type: string
+      - name: threatRef
+        in: path
+        description: Reference for Threat
+        required: true
+        type: string
+      - name: associateCountermeasureThreatLibraryRequestBody
+        in: body
+        description: JSON data that contains information of the fields
+        required: true
+        schema:
+          type: object
+          properties:
+            ref:
+              description: Existing Countermeasure reference
+              type: string
+            mitigation:
+              description: Mitigation
+              type: integer
+      responses:
+        201:
+          description: Countermeasure details
+          schema:
+            $ref: '#/definitions/LibraryControl'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products:
+    get:
+      summary: Gets a list of all products.
+      description: |
+        Gets a list of all products visible by the user who perform the call.
+        Conditions to be able to perform the action:
+          - No permissions are required to perform this action.
+      tags:
+      - Products
+      x-permissions: []
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      responses:
+        200:
+          description: An array of products
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/ProductShort'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    post:
+      summary: Creates a new product
+      description: |
+        Createa a new product.
+        Conditions to be able to perform the action:
+          - To have the permission **PRODUCT_CREATE** granted.
+      tags:
+      - Products
+      consumes: ["application/json"]
+      x-permissions: [PRODUCT_CREATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: createProductRequestBody
+        in: body
+        description: JSON data that contains information to create new product
+        required: true
+        schema:
+          $ref: '#/definitions/CreateProduct'
+      responses:
+        201:
+          description: Gets product details
+          schema:
+            $ref: '#/definitions/ProductShort'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}:
+    put:
+      summary: Updates a product
+      description: |
+        Updates the details of a product.
+        Conditions to be able to perform the action:
+          - To have the permission **PRODUCT_UPDATE** granted.
+      tags:
+      - Products
+      consumes: ["application/json"]
+      x-permissions: [PRODUCT_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      - name: updateProductRequestBody
+        in: body
+        description: JSON data that contains product details to update
+        required: true
+        schema:
+          $ref: '#/definitions/UpdateProduct'
+      responses:
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: Product not found
+        200:
+          description: Product updated
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    get:
+      summary: Gets product details
+      description: |
+        Gets the details of a product.
+        Conditions to be able to perform the action:
+          - No permissions are required to perform this action.
+      tags:
+      - Products
+      x-permissions: []
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      responses:
+        200:
+          description: Product details
+          schema:
+            $ref: '#/definitions/Product'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    delete:
+      summary: Deletes a product
+      description: |
+        Deletes a product.
+        Conditions to be able to perform the action:
+          - To have the permission **PRODUCT_DELETE** granted.
+      tags:
+      - Products
+      x-permissions: [PRODUCT_DELETE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      responses:
+        204:
+          description: The product has been deleted
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/upload:
+    post:
+      summary: Creates a new product, library or template from a XML file upload.
+      description: |
+        Creates a new product, library or template from a XML file upload.
+        Conditions to be able to perform the action:
+        - To have the permission **PRODUCT_CREATE** granted allows to create a product.
+        - To have the permission **LIBRARY_UPDATE** granted allows to create a library.
+        - To have the permission **TEMPLATE_UPDATE** granted allows to create a template.
+      tags:
+      - Products
+      - Libraries
+      - Templates
+      consumes: ["multipart/form-data"]
+      x-permissions: [PRODUCT_CREATE, LIBRARY_UPDATE, TEMPLATE_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: formData
+        description: Product ref
+        required: true
+        type: string
+        format: string
+      - name: name
+        in: formData
+        description: Product name
+        required: true
+        type: string
+        format: string
+      - name: type
+        in: formData
+        description: Product type - STANDARD (By default), TEMPLATE or LIBRARY
+        required: false
+        type: string
+        format: string
+      - name: fileName
+        in: formData
+        description: File to upload in XML format
+        required: true
+        type: file
+      responses:
+        201:
+          description: Product details
+          schema:
+            $ref: '#/definitions/ProductShort'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/upload/{ref}:
+    post:
+      summary: Updates an existing product from a XML file upload.
+      description: |
+        Updates a product from a XML file upload.
+        Conditions to be able to perform the action:
+        - To have the permission **PRODUCT_UPDATE** granted allows to update a product.
+      tags:
+        - Products
+      consumes: ["multipart/form-data"]
+      x-permissions: [PRODUCT_UPDATE]
+      parameters:
+        - name: api-token
+          in: header
+          description: Authentication token
+          required: true
+          type: string
+          format: string
+        - name: ref
+          in: path
+          description: ID for product
+          required: true
+          type: string
+          format: string
+        - name: fileName
+          in: formData
+          description: File to upload in XML format
+          required: true
+          type: file
+        - name: deleteCountermeasures
+          in: formData
+          description: This flag indicates if the rules execution will delete the threat and countermeasures which don't apply to the new product threat model. If true, the threats and countermeasures will be automatically removed from the model. If false, the threats and countermeasures won't be removed from the model.
+          required: false
+          type: string
+          format: string
+      responses:
+        200:
+          description: Product details
+          schema:
+            $ref: '#/definitions/ProductShort'
+        400:
+          description: error in the call
+          schema:
+            $ref: '#/definitions/Error'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: Product not found
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/groups:
+    get:
+      summary: List all groups assigned to a product
+      description: |
+        List all groups assigned to a product.
+            Conditions to be able to perform the action:
+                - If the caller has the PRODUCTS_LIST_ALL permission then all products can be queried without restriction.
+                - Without the PRODUCTS_LIST_ALL permission, the call will only return the groups if the caller belongs to that product.
+      tags:
+        - Products
+        - Groups
+      x-permissions: [PRODUCTS_LIST_ALL]
+      parameters:
+        - name: api-token
+          in: header
+          description: Authentication token
+          required: true
+          type: string
+          format: string
+        - name: ref
+          in: path
+          description: Reference to product
+          required: true
+          type: string
+      responses:
+        200:
+          description: An array of groups assigned to the product
+          schema:
+            type: array
+            items:
+              type: string
+        401:
+          description: Authentication information is missing or invalid
+          schema:
+            $ref: '#/definitions/Error'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: Product not found
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    put:
+      summary: Assigns groups of users to a product.
+      description: |
+        Assigns groups of users to a product.
+        Conditions to be able to perform the action:
+          - To have the permission **PRODUCT_UPDATE** granted.
+      tags:
+      - Products
+      - Groups
+      consumes: ["application/json"]
+      x-permissions: [PRODUCT_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: Reference for product
+        required: true
+        type: string
+      - name: assignGroupsProductRequestBody
+        description: JSON object that contains information to assign groups to product
+        in: body
+        required: true
+        schema:
+          type: object
+          properties:
+            groups:
+              description: List of groups to assign to product
+              type: array
+              items:
+                type: string
+      responses:
+        201:
+          description: Product details including groups assigned
+          schema:
+            $ref: '#/definitions/ProductShortGroups'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    delete:
+      summary: Unassigns a list of user groups from a product.
+      description: |
+        Unassigns a list of user groups from a product.
+        Conditions to be able to perform the action:
+          - To have the permission **PRODUCT_UPDATE** granted.
+      tags:
+      - Products
+      - Groups
+      consumes: ["application/json"]
+      x-permissions: [PRODUCT_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: Reference for product
+        required: true
+        type: string
+      - name: unassignGroupsProductRequestBody
+        description: JSON object that contains information to unassign groups from a product
+        in: body
+        required: true
+        schema:
+          type: object
+          properties:
+            groups:
+              description: List of groups to unassign from product
+              type: array
+              items:
+                type: string
+      responses:
+        200:
+          description: An object with an array of user groups that have been unassigned and an array of user groups that have not been found in the project
+          schema:
+            type: object
+            properties:
+              unassigned:
+                type: array
+                items:
+                  type: string
+              notFound:
+                type: array
+                items:
+                  type: string
+        401:
+          description: Authentication information is missing or invalid
+          schema:
+            $ref: '#/definitions/Error'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: Product not found
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/users:
+    get:
+      summary: List all users assigned to a product
+      description: |
+        List all users assigned to a product.
+            Conditions to be able to perform the action:
+                - No permissions are required to perform this action.
+      tags:
+        - Products
+        - Users
+      parameters:
+        - name: api-token
+          in: header
+          description: Authentication token
+          required: true
+          type: string
+          format: string
+        - name: ref
+          in: path
+          description: Reference to product
+          required: true
+          type: string
+      responses:
+        200:
+          description: An array of users assigned to the product
+          schema:
+            type: array
+            items:
+              type: string
+        401:
+          description: Authentication information is missing or invalid
+          schema:
+            $ref: '#/definitions/Error'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: Product not found
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    delete:
+      summary: Unassigns a list of users from a product.
+      description: |
+        Unassign a list of users from a product.
+        Conditions to be able to perform the action:
+          - To have the permission **PRODUCT_UPDATE** granted.
+      tags:
+        - Products
+        - Users
+      consumes: ["application/json"]
+      x-permissions: [PRODUCT_UPDATE]
+      parameters:
+        - name: api-token
+          in: header
+          description: Authentication token
+          required: true
+          type: string
+          format: string
+        - name: ref
+          in: path
+          description: Reference for product
+          required: true
+          type: string
+        - name: unassignUsersProductRequestBody
+          in: body
+          description: JSON object that contains information to unassign users from product
+          required: true
+          schema:
+            type: object
+            properties:
+              users:
+                description: List of users to unassign from a product
+                type: array
+                items:
+                  type: string
+      responses:
+        204:
+          description: All users have been unassigned
+        401:
+          description: Authentication information is missing or invalid
+          schema:
+            $ref: '#/definitions/Error'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: Product not found
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    put:
+      summary: Assigns users to a product.
+      description: |
+        Assigns users to a product.
+        Conditions to be able to perform the action:
+          - To have the permission **PRODUCT_UPDATE** granted.
+      tags:
+      - Products
+      - Users
+      consumes: ["application/json"]
+      x-permissions: [PRODUCT_UPDATE]
+      parameters:
+        - name: api-token
+          in: header
+          description: Authentication token
+          required: true
+          type: string
+          format: string
+        - name: ref
+          in: path
+          description: Reference for product
+          required: true
+          type: string
+        - name: assignUsersProductRequestBody
+          in: body
+          description: JSON data that contains the information to assign users to product
+          required: true
+          schema:
+            type: object
+            properties:
+              users:
+                description: List of users to assign to product
+                type: array
+                items:
+                  type: string
+      responses:
+        201:
+          description: Product details including users assigned
+          schema:
+            $ref: '#/definitions/ProductShortUsers'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/users/{user}:
+    delete:
+      summary: Unassigns a user from a product
+      description: |
+        Unassigns a user from a product.
+        Conditions to be able to perform the action:
+          - To have the permission **PRODUCT_UPDATE** granted.
+      tags:
+      - Products
+      - Users
+      consumes: ["application/json"]
+      x-permissions: [PRODUCT_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: Reference for product
+        required: true
+        type: string
+      - name: user
+        in: path
+        description: Username of the user who will be unassigned from the product
+        required: true
+        type: string
+      responses:
+        204:
+          description: User has been unassigned from the product
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/risks:
+    get:
+      summary: Gets the risks summary of a product
+      description: |
+        This endpoint returns a summary of the risks of a product.
+        Conditions to be able to perform the action:
+          - No permissions are required to perform this action.
+      tags:
+      - Products
+      - Risks
+      x-permissions: []
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      responses:
+        200:
+          description: Product risks
+          schema:
+            $ref: '#/definitions/RiskSummary'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/controls:
+    get:
+      summary: Gets a list of all product countermeasures
+      description: |
+        Returns a list of all the countermeasures of a product.
+        Conditions to be able to perform the action:
+          - To have the permission **COUNTERMEASURE_VIEW** granted, or
+          - To have the permission **COUNTERMEASURE_UPDATE** granted.
+      tags:
+      - Products
+      - Controls
+      x-permissions: [COUNTERMEASURE_VIEW, COUNTERMEASURE_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      responses:
+        200:
+          description: An array of product countermeasures
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/ComponentControl'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/controls/implemented:
+    get:
+      summary: Gets a list of all implemented countermeasures of a product.
+      description: |
+        Returns a list of all the implemented countermeasures of a product.
+        Conditions to be able to perform the action:
+          - To have the permission **COUNTERMEASURE_VIEW** granted, or
+          - To have the permission **COUNTERMEASURE_UPDATE** granted.
+      tags:
+      - Products
+      - Controls
+      x-permissions: [COUNTERMEASURE_VIEW, COUNTERMEASURE_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      responses:
+        200:
+          description: An array of product countermeasures
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/ComponentControl'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/controls/required:
+    get:
+      summary: Gets a list of all required countermeasures of a product
+      description: |
+        Returns a list of all the required countermeasures of a product.
+        Conditions to be able to perform the action:
+          - To have the permission **COUNTERMEASURE_VIEW** granted, or
+          - To have the permission **COUNTERMEASURE_UPDATE** granted.
+      tags:
+      - Products
+      - Controls
+      consumes: ["application/json"]
+      x-permissions: [COUNTERMEASURE_VIEW, COUNTERMEASURE_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      responses:
+        200:
+          description: An array of product countermeasures
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/ComponentControl'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/components/{componentRef}/controls/{controlRef}/status:
+    put:
+      summary: Sets the desired status to a countermeasure
+      description: |
+        Sets the desired status to a countermeasure.
+        Possible values are:
+                    - implemented
+                    - recommended
+                    - rejected
+                    - required
+        Conditions to be able to perform the action:
+          - To have the permission **COUNTERMEASURE_UPDATE** granted to set any state.
+          - To have the permission **COUNTERMEASURE_SELECT_IMPLEMENTED** granted to set implemented state.
+          - To have the permission **COUNTERMEASURE_SELECT_RECOMMENDED** granted to set recommended state.
+          - To have the permission **COUNTERMEASURE_SELECT_REJECTED** granted to set reject state.
+          - To have the permission **COUNTERMEASURE_SELECT_REQUIRED** granted to set required state.
+      tags:
+        - Products
+        - Controls
+      consumes: ["application/json"]
+      x-permissions: [COUNTERMEASURE_UPDATE]
+      parameters:
+        - name: api-token
+          in: header
+          description: Authentication token
+          required: true
+          type: string
+          format: string
+        - name: ref
+          in: path
+          description: ID for product
+          required: true
+          type: string
+        - name: componentRef
+          in: path
+          description: ID for component
+          required: true
+          type: string
+        - name: controlRef
+          in: path
+          description: Control ref
+          required: true
+          type: string
+          format: string
+        - name: updateStatusCountermeasureRequestBody
+          in: body
+          description: JSON data that contains the information to update countermeasure
+          required: true
+          schema:
+            type: object
+            properties:
+              statusName:
+                type: string
+                description: New state of the countermeasure ( rejected | recommended | required | implemented )
+                enum:
+                  - rejected
+                  - recommended
+                  - required
+                  - implemented
+              rejectedReason:
+                type: string
+                description: Reason for rejecting the countermeasure
+      responses:
+        200:
+          description: An empty array
+        404:
+          description: Product, component or control not found
+        401:
+          description: Authentication information is missing or invalid
+          schema:
+            $ref: '#/definitions/Error'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/threats:
+    get:
+      summary: Gets a list of all threats of a product
+      description: |
+        Returns a list of all the threats of a product.
+        Conditions to be able to perform the action:
+          - To have the permission **THREAT_VIEW** granted, or
+          - To have the permission **THREAT_UPDATE** granted.
+      tags:
+      - Products
+      - Threats
+      x-permissions: [THREAT_VIEW, THREAT_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      responses:
+        200:
+          description: An array of product threats
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/ComponentUseCaseThreatShort'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/weaknesses:
+    get:
+      summary: Gets a list of all weaknesses of a product
+      description: |
+        Returns a list of all the weaknesses of a product.
+        Conditions to be able to perform the action:
+          - To have the permission **THREAT_VIEW** granted, or
+          - To have the permission **THREAT_UPDATE** granted.
+      tags:
+      - Products
+      - Weaknesses
+      x-permissions: [THREAT_VIEW, THREAT_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      responses:
+        200:
+          description: An array of product weaknesses
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/ComponentWeakness'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/weaknesses/{test_state}:
+    get:
+      summary: Gets a list of all weaknesses of a product filtered by test state
+      description: |
+        Returns a list of all the weaknesses of a product.
+        With the optional parameter `test_state` can filter the weakness by test state.
+        Conditions to be able to perform the action:
+          - To have the permission **THREAT_VIEW** granted, or
+          - To have the permission **THREAT_UPDATE** granted.
+      tags:
+      - Products
+      - Weaknesses
+      x-permissions: [THREAT_VIEW, THREAT_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      - name: test_state
+        in: path
+        description: Code for a test state
+        required: true
+        type: string
+        enum:
+        - failed
+        - error
+        - not-tested
+        - passed
+        - not-applicable
+        - partially-tested
+      responses:
+        200:
+          description: An array of product weaknesses
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/ComponentWeakness'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/components/{componentRef}/tests/{cwe}:
+    put:
+      summary: Updates a single test to a component.
+      description: |
+        Updates a single test to a component.
+        Conditions to be able to perform the action:
+          - To have the permission **TEST_UPDATE** granted.
+      tags:
+      - Products
+      - Components
+      - Tests
+      consumes: ["application/json"]
+      x-permissions: [TEST_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      - name: componentRef
+        in: path
+        description: ID for component
+        required: true
+        type: string
+      - name: cwe
+        in: path
+        description: countermeasure or weakness CWE
+        required: true
+        type: string
+      - name: updateStatusTestRequestBody
+        in: body
+        description: JSON data that contains the information to update test
+        required: true
+        schema:
+          type: object
+          properties:
+            state:
+              type: string
+              description: New state of the test ( not-tested | passed | failed | error )
+              enum:
+              - not-tested
+              - passed
+              - failed
+              - error
+            output:
+              type: string
+              description: new output of the test
+      responses:
+        200:
+          description: Tests updated
+          schema:
+            type: array
+            items:
+              type: object
+              properties:
+                id:
+                  type: number
+                source:
+                  type: object
+                  properties:
+                    result:
+                      type: string
+                    output:
+                      type: string
+                control:
+                  type: object
+                  properties:
+                    name:
+                      type: string
+                    component:
+                      type: string
+                    project:
+                      type: string
+                weakness:
+                  type: object
+                  properties:
+                    name:
+                      type: string
+                    component:
+                      type: string
+                    project:
+                      type: string
+        400:
+          description: error in the call
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/tests/{testType}/upload:
+    post:
+      summary: Imports test results from different sources to a product.
+      description: |
+        Imports test results from different sources (OWASP ZAP, Cucumber, Micro Focus Fortify) uploading files. More than one file can be attached to the call.
+        Conditions to be able to perform the action:
+          - To have the permission **TEST_UPDATE** granted.
+      tags:
+      - Products
+      - Tests
+      consumes: ["multipart/form-data"]
+      x-permissions: [TEST_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      - name: testType
+        in: path
+        description: Type of test to be imported (zap|cucumber|junit|hp-fortify)
+        required: true
+        type: string
+        enum:
+        - zap
+        - cucumber
+        - junit
+        - hp-fortify
+      - name: fileName
+        in: formData
+        description: File to upload
+        type: file
+      responses:
+        201:
+          description: Tests updated. Returns the number of changed tests
+          schema:
+            type: object
+            properties:
+              changedTest:
+                type: number
+        400:
+          description: Error in the call. Misspelled or undefined test Type
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+  /products/{ref}/components/{componentRef}/tests/{testType}/upload:
+    post:
+      summary: Imports test results from different sources to a component
+      description: |
+        Imports test results from different sources (OWASP ZAP, Cucumber, Micro Focus Fortify) into the specified component. More than one file can be attached to the call.
+        Conditions to be able to perform the action:
+          - To have the permission **TEST_UPDATE** granted.
+      tags:
+      - Products
+      - Components
+      - Tests
+      consumes: ["multipart/form-data"]
+      x-permissions: [TEST_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for product
+        required: true
+        type: string
+      - name: componentRef
+        in: path
+        description: ID for component
+        required: true
+        type: string
+      - name: testType
+        in: path
+        description: Type of test to be imported (zap|cucumber|junit|hp-fortify)
+        required: true
+        type: string
+        enum:
+        - zap
+        - cucumber
+        - junit
+        - hp-fortify
+      - name: fileName
+        in: formData
+        description: File to upload
+        type: file
+      responses:
+        201:
+          description: Tests updated. Returns the number of changed tests
+          schema:
+            type: object
+            properties:
+              changedTest:
+                type: number
+        400:
+          description: Error in the call. Misspelled or undefined test Type
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+  /users:
+    get:
+      summary: List of all Users.
+      description: |
+        Returns a list of all the users of the system.
+        Conditions to be able to perform the action:
+          - To have the permission **ALL_USERS_UPDATE** granted.
+      tags:
+      - Users
+      consumes: ["application/json"]
+      x-permissions: [ALL_USERS_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      responses:
+        200:
+          description: An array of users
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/User'
+        400:
+          description: Bad request
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/Error'
+        401:
+          description: Authentication information is missing or invalid
+          schema:
+            $ref: '#/definitions/Error'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    post:
+      summary: Creates a new user
+      description: |
+        Creates a new user.
+        Conditions to be able to perform the action:
+          - To have the permission **ALL_USERS_UPDATE** granted.
+      tags:
+      - Users
+      consumes: ["application/json"]
+      x-permissions: [ALL_USERS_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: createUserRequestBody
+        in: body
+        description: JSON data that contains information to creates new user
+        required: true
+        schema:
+          type: object
+          required:
+          - username
+          - auth
+          - email
+          - firstName
+          - lastName
+          - roleGroups
+          properties:
+            username:
+              description: Username of the user
+              type: string
+            auth:
+              description: Authentication type
+              type: string
+              enum:
+              - ldap
+              - saml
+            email:
+              description: Email of the user
+              type: string
+            firstName:
+              description: First name of the user
+              type: string
+            lastName:
+              description: Last name of the user
+              type: string
+            roleGroups:
+              description: List of roles' refs to assign to the user. Can be an empty list.
+              type: array
+              items:
+                type: string
+      responses:
+        201:
+          description: User has been created
+        400:
+          description: Bad request
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /users/{username}:
+    delete:
+      summary: Deletes a user
+      description: |
+        Deletes a user.
+        Conditions to be able to perform the action:
+          - To have the permission **ALL_USERS_UPDATE** granted, or
+          - To have the permission **MANAGE_USERS_BU** granted. Having this permission you can delete users who belongs to some of your user groups.
+      tags:
+      - Users
+      x-permissions: [ALL_USERS_UPDATE, MANAGE_USERS_BU]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: username
+        in: path
+        description: User's username
+        required: true
+        type: string
+      responses:
+        204:
+          description: User has been deleted
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: User not found
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /users/{username}/token:
+    post:
+      summary: Generates a user API token
+      description: |
+        Generates a new user API token. If the user already has a generated API token, generates a new one.
+        Conditions to be able to perform the action:
+          - To have the permission **ALL_USERS_UPDATE** granted, or
+          - To have the permission **MANAGE_USERS_BU** granted. Having this permission you can generate a user API token to users who belongs to some of your user groups.
+      tags:
+        - Users
+        - Token
+      x-permissions: [ALL_USERS_UPDATE, MANAGE_USERS_BU]
+      parameters:
+        - name: api-token
+          in: header
+          description: Authentication token
+          required: true
+          type: string
+          format: string
+        - name: username
+          in: path
+          description: User's username
+          required: true
+          type: string
+      responses:
+        201:
+          description: The user API token
+          schema:
+            type: string
+        401:
+          description: Authentication information is missing or invalid
+          schema:
+            $ref: '#/definitions/Error'
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        404:
+          description: User not found
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /rules/product/{ref}:
+    put:
+      summary: Executes rules by a product
+      description: |
+        Execute the rules engine for a product and for all components within the product.  If the deleteCountermeasures parameter is true, then threats and countermeasure that no longer apply to the model will automatically
+        be removed.  If it is false, then those threats and countermeasures will remain in the model.
+          - To have the permission **ARCHITECTURE_UPDATE** granted.
+      tags:
+      - Rules
+      - Products
+      consumes: ["application/json"]
+      x-permissions: [ARCHITECTURE_UPDATE]
+      parameters:
+      - name: api-token
+        in: header
+        description: Authentication token
+        required: true
+        type: string
+        format: string
+      - name: ref
+        in: path
+        description: ID for Product
+        required: true
+        type: string
+      - name: deleteCountermeasures
+        in: header
+        description: This flag indicates if the rules execution will delete the threat and countermeasures which don't apply to the new product threat model. If true, the threats and countermeasures will be automatically removed from the model. If false, the threats and countermeasures won't be removed from the model.
+        required: false
+        type: string
+        format: string
+      responses:
+        200:
+          description: Rules executed properly
+        403:
+          description: API is not enabled
+          schema:
+            $ref: '#/definitions/Error'
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+definitions:
+  ProductShort:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      revision:
+        type: integer
+        format: int32
+        default: 1
+      type:
+        type: string
+      status:
+        type: string
+      priority:
+        type: integer
+        format: int32
+        default: 0
+      tags:
+        type: string
+      workflowState:
+        type: string
+      udts:
+        type: array
+        items:
+          $ref: '#/definitions/Udt'
+
+  CreateProduct:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      desc:
+        type: string
+      tags:
+        type: string
+      udts:
+        type: array
+        items:
+          $ref: '#/definitions/Udt'
+
+  UpdateProduct:
+    type: object
+    properties:
+      name:
+        type: string
+      desc:
+        type: string
+      tags:
+        type: string
+      udts:
+        type: array
+        items:
+          $ref: '#/definitions/Udt'
+
+  LibraryThreat:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      desc:
+        type: string
+      mitigation:
+        type: integer
+      risk:
+        type: integer
+      inherentRisk:
+        type: integer
+      projectedRisk:
+        type: integer
+      riskRating:
+        $ref: '#/definitions/RiskRating'
+      references:
+        type: array
+        items:
+          $ref: '#/definitions/Reference'
+      weaknesses:
+        type: array
+        items:
+          $ref: '#/definitions/ThreatWeakness'
+      controls:
+        type: array
+        items:
+          $ref: '#/definitions/ThreatControl'
+  RiskPattern:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      desc:
+        type: string
+      weaknesses:
+        type: array
+        items:
+          $ref: '#/definitions/LibraryWeakness'
+      countermeasures:
+        type: array
+        items:
+          $ref: '#/definitions/LibraryControl'
+      usecases:
+        type: array
+        items:
+          $ref: '#/definitions/LibraryUseCase'
+  LibraryUseCase:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      desc:
+        type: string
+      threats:
+        type: array
+        items:
+          $ref: '#/definitions/LibraryThreat'
+  Library:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      desc:
+        type: string
+      riskPatterns:
+        type: array
+        items:
+          $ref: '#/definitions/RiskPattern'
+  LibraryWeakness:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      desc:
+        type: string
+      state:
+        type: string
+      impact:
+        type: string
+      test:
+        $ref: '#/definitions/Test'
+      controls:
+        type: array
+        items:
+          $ref: '#/definitions/ThreatControl'
+  LibraryControl:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      desc:
+        type: string
+      platform:
+        type: string
+      cost:
+        type: integer
+      risk:
+        type: integer
+      state:
+        type: string
+      mitigation:
+        type: integer
+      implementations:
+        type: array
+        items:
+          $ref: '#/definitions/Implementation'
+      references:
+        type: array
+        items:
+          $ref: '#/definitions/Reference'
+      standards:
+        type: array
+        items:
+          $ref: '#/definitions/Standard'
+      udts:
+        type: array
+        items:
+          $ref: '#/definitions/Udt'
+      test:
+        $ref: '#/definitions/Test'
+
+  ProductShortGroups:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      revision:
+        type: integer
+        format: int32
+        default: 1
+      type:
+        type: string
+      status:
+        type: string
+      priority:
+        type: integer
+        format: int32
+        default: 0
+      tags:
+        type: string
+      workflowState:
+        type: string
+      udts:
+        type: array
+        items:
+          $ref: '#/definitions/Udt'
+      groups:
+        type: array
+        items:
+          type: string
+  ProductShortUsers:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      revision:
+        type: integer
+        format: int32
+        default: 1
+      type:
+        type: string
+      status:
+        type: string
+      priority:
+        type: integer
+        format: int32
+        default: 0
+      tags:
+        type: string
+      workflowState:
+        type: string
+      udts:
+        type: array
+        items:
+          $ref: '#/definitions/Udt'
+      users:
+        type: array
+        items:
+          type: string
+  Product:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      revision:
+        type: integer
+        default: 1
+      type:
+        type: string
+      status:
+        type: string
+      priority:
+        type: integer
+        default: 0
+      tags:
+        type: string
+      desc:
+        type: string
+      workflowState:
+        type: string
+      questions:
+        type: array
+        items:
+          $ref: '#/definitions/Question'
+      assets:
+        type: array
+        items:
+          $ref: '#/definitions/ProductAsset'
+      accessTypes:
+        type: array
+        items:
+          $ref: '#/definitions/ProductAccessType'
+      trustZones:
+        type: array
+        items:
+          $ref: '#/definitions/ProductTrustZone'
+      settings:
+        type: array
+        items:
+          $ref: '#/definitions/ProductSetting'
+      udts:
+        type: array
+        items:
+          $ref: '#/definitions/Udt'
+      supportedStandards:
+        type: array
+        items:
+          $ref: '#/definitions/SupportedStandard'
+      categoryComponents:
+        type: array
+        items:
+          $ref: '#/definitions/CategoryComponent'
+      componentDefinitions:
+        type: array
+        items:
+          $ref: '#/definitions/ComponentDefinition'
+      components:
+        type: array
+        items:
+          $ref: '#/definitions/Component'
+      dataflows:
+        type: array
+        items:
+          $ref: '#/definitions/DataFlow'
+  Question:
+    type: object
+    properties:
+      ref:
+        type: string
+  ProductAsset:
+    type: object
+    properties:
+      name:
+        type: string
+      desc:
+        type: string
+      identifier:
+        type: string
+      classification:
+        type: object
+        properties:
+          name:
+            type: string
+          desc:
+            type: string
+          confidentiality:
+            type: integer
+            default: 0
+          integrity:
+            type: integer
+            default: 0
+          availability:
+            type: integer
+            default: 0
+  ProductAccessType:
+    type: object
+    properties:
+      name:
+        type: string
+      value:
+        type: integer
+        default: 0
+  ProductTrustZone:
+    type: object
+    properties:
+      name:
+        type: string
+      desc:
+        type: string
+      trustRating:
+        type: integer
+        default: 1
+  ProductSetting:
+    type: object
+    properties:
+      name:
+        type: string
+      value:
+        type: string
+  Udt:
+    type: object
+    description: Custom field with reference and value
+    properties:
+      ref:
+        type: string
+      value:
+        type: string
+  Component:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      desc:
+        type: string
+      groupName:
+        type: string
+      tags:
+        type: string
+      position:
+        type: integer
+      questions:
+        type: array
+        items:
+          $ref: '#/definitions/Question'
+      trustZones:
+        type: array
+        items:
+          $ref: '#/definitions/ComponentTrustZone'
+      assets:
+        type: array
+        items:
+          $ref: '#/definitions/ComponentAsset'
+      weaknesses:
+        type: array
+        items:
+          $ref: '#/definitions/ComponentWeakness'
+      controls:
+        type: array
+        items:
+          $ref: '#/definitions/ComponentControl'
+      usecases:
+        type: array
+        items:
+          $ref: '#/definitions/ComponentUseCase'
+  ComponentTrustZone:
+    type: object
+    properties:
+      name:
+        type: string
+  ComponentAsset:
+    type: object
+    properties:
+      name:
+        type: string
+      accessType:
+        type: string
+  ComponentWeakness:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      state:
+        type: integer
+      impact:
+        type: integer
+      desc:
+        type: string
+      test:
+        $ref: '#/definitions/Test'
+  ComponentControl:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      issueId:
+        type: string
+      platform:
+        type: string
+      cost:
+        type: integer
+      risk:
+        type: integer
+      state:
+        type: string
+      owner:
+        type: string
+      desc:
+        type: string
+      source:
+        type: string
+      mitigation:
+        type: string
+      library:
+        type: string
+        description: Reference of the Library
+      implementations:
+        type: array
+        items:
+          $ref: '#/definitions/Implementation'
+      threats:
+        type: array
+        items:
+          $ref: '#/definitions/ThreatNameAndRef'
+      weaknesses:
+        type: array
+        items:
+          $ref: '#/definitions/WeaknessNameAndRef'
+      references:
+        type: array
+        items:
+          $ref: '#/definitions/Reference'
+      standards:
+        type: array
+        items:
+          $ref: '#/definitions/Standard'
+      udts:
+        type: array
+        items:
+          $ref: '#/definitions/Udt'
+      test:
+        $ref: '#/definitions/Test'
+  Test:
+    type: object
+    properties:
+      expiryDate:
+        type: string
+      expiryPeriod:
+        type: integer
+      steps:
+        type: string
+      notes:
+        type: string
+      source:
+        $ref: '#/definitions/TestSource'
+      references:
+        type: array
+        items:
+          $ref: '#/definitions/Reference'
+      udts:
+        type: array
+        items:
+          $ref: '#/definitions/Udt'
+  TestSource:
+    type: object
+    properties:
+      filename:
+        type: string
+      args:
+        type: string
+      type:
+        type: string
+      result:
+        type: string
+      enabled:
+        type: boolean
+      timestamp:
+        type: string
+      output:
+        type: string
+  Reference:
+    type: object
+    properties:
+      name:
+        type: string
+      url:
+        type: string
+  Standard:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+  Implementation:
+    type: object
+    properties:
+      platform:
+        type: string
+      desc:
+        type: string
+  ThreatNameAndRef:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+  WeaknessNameAndRef:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+  ComponentUseCase:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      desc:
+        type: string
+      threats:
+        type: array
+        items:
+          $ref: '#/definitions/Threat'
+  ComponentUseCaseShort:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      desc:
+        type: string
+      threats:
+        type: array
+        items:
+          $ref: '#/definitions/ThreatShort'
+  ComponentUseCaseThreatShort:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      useCase:
+        $ref: '#/definitions/ComponentUseCaseShort'
+  ThreatShort:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      state:
+        type: string
+      owner:
+        type: string
+      desc:
+        type: string
+      source:
+        type: string
+      riskRating:
+        $ref: '#/definitions/RiskRating'
+      inherentRisk:
+        type: integer
+      risk:
+        type: integer
+      projectedRisk:
+        type: integer
+      mitigation:
+        type: integer
+      library:
+        type: string
+      references:
+        type: array
+        items:
+          $ref: '#/definitions/Reference'
+  Threat:
+    type: object
+    properties:
+      ref:
+        type: string
+      name:
+        type: string
+      state:
+        type: string
+      owner:
+        type: string
+      desc:
+        type: string
+      source:
+        type: string
+      riskRating:
+        $ref: '#/definitions/RiskRating'
+      inherentRisk:
+        type: integer
+      risk:
+        type: integer
+      projectedRisk:
+        type: integer
+      mitigation:
+        type: integer
+      library:
+        type: string
+      references:
+        type: array
+        items:
+          $ref: '#/definitions/Reference'
+      weaknesses:
+        type: array
+        items:
+          $ref: '#/definitions/ThreatWeakness'
+      controls:
+        type: array
+        items:
+          $ref: '#/definitions/ThreatControl'
+  ThreatWeakness:
+    type: object
+    properties:
+      ref:
+        type: string
+      controls:
+        type: array
+        items:
+          $ref: '#/definitions/ThreatControl'
+  ThreatControl:
+    type: object
+    properties:
+      ref:
+        type: string
+      mitigation:
+        type: integer
+  RiskRating:
+    type: object
+    properties:
+      confidentiality:
+        type: string
+      integrity:
+        type: string
+      availability:
+        type: string
+      easeOfExploitation:
+        type: string
+  RiskSummary:
+    type: object
+    properties:
+      riskCount:
+        $ref: '#/definitions/RiskCount'
+      inherentRisk:
+        type: integer
+        default: 0
+      projectedRisk:
+        type: integer
+        default: 0
+      residualRisk:
+        type: integer
+        default: 0
+  RiskCount:
+    type: object
+    properties:
+      'mitigated':
+        type: integer
+      'low':
+        type: integer
+      'medium':
+        type: integer
+      'high':
+        type: integer
+      'critical':
+        type: integer
+  Error:
+    type: object
+    properties:
+      status:
+        type: string
+      errors:
+        type: array
+        items:
+          $ref: '#/definitions/Message'
+  Message:
+    type: string
+  ControlCommand:
+    type: object
+    properties:
+      ref:
+        description: Reference field value
+        type: string
+      name:
+        description: Name field value
+        type: string
+      desc:
+        description: Description field value
+        type: string
+      mitigation:
+        description: Mitigation
+        type: integer
+      test:
+        $ref: '#/definitions/TestCommand'
+      state:
+        description: Countermeasure state
+        type: string
+        enum:
+        - not-applicable
+        - rejected
+        - recommended
+        - required
+        - implemented
+      costRating:
+        description: Countermeasure cost
+        type: string
+        enum:
+        - low
+        - medium
+        - high
+      standards:
+        description: List of standards
+        type: array
+        items:
+          type: object
+          properties:
+            ref:
+              type: string
+              description: Reference of the Standard
+            name:
+              type: string
+              description: Name of the Supported Standard
+            supportedStandardRef:
+              type: string
+              description: Reference of the Supported Standard
+  TestCommand:
+    description: Test
+    type: object
+    properties:
+      steps:
+        type: string
+        description: Test steps
+      notes:
+        type: string
+        description: Test notes
+  Group:
+    description: Group
+    type: object
+    properties:
+      ref:
+        type: string
+        description: Unique identifier of the group
+      name:
+        type: string
+        description: Name of the group
+      desc:
+        type: string
+        description: Description of the group
+  User:
+    description: User
+    type: object
+    properties:
+      username:
+        type: string
+        description: Username of the User
+      firstName:
+        type: string
+        description: First Name of the User
+      lastName:
+        type: string
+        description: Last Name of the User
+      email:
+        type: string
+        description: Email of the User
+      userGroups:
+        type: array
+        items:
+          type: string
+          description: Roles group
+      userRoles:
+        type: array
+        items:
+          type: string
+          description: User roles
+
+  SupportedStandard:
+    description: Supported Standard
+    type: object
+    properties:
+      ref:
+        type: string
+        description: Unique identifier of the Supported Standard
+      name:
+        type: string
+        description: Name of the Supported Standard
+
+  CategoryComponent:
+    description: Category of the Component
+    type: object
+    properties:
+      ref:
+        type: string
+        description: Unique identifier of the Category of the Component
+      name:
+        type: string
+        description: Name of the Category of the Component
+
+  ComponentDefinition:
+    description: Component Definition
+    type: object
+    properties:
+      ref:
+        type: string
+        description: Unique identifier of the Component Definition
+      name:
+        type: string
+        description: Name of the Component Definition
+      desc:
+        type: string
+        description: Description of the Component Definition
+      categoryRef:
+        type: string
+        description: Reference of the category of the component
+      riskPatterns:
+        type: array
+        items:
+          type: object
+          properties:
+            ref:
+              type: string
+              description: Reference of the Risk Pattern
+
+  DataFlow:
+    description: DataFlow
+    type: object
+    properties:
+      name:
+        type: string
+        description: Name of the DataFlow
+      source:
+        type: string
+        description: Reference of the source Component
+      target:
+        type: string
+        description: Reference of the target Component
+      assets:
+        type: array
+        items:
+          type: object
+          properties:
+            name:
+              type: string
+              description: Name of the Asset
+
diff --git a/target/iriusrisk-client-lib-0.1-SNAPSHOT.jar b/target/iriusrisk-client-lib-0.1-SNAPSHOT.jar
deleted file mode 100644
index 79c7b92..0000000
Binary files a/target/iriusrisk-client-lib-0.1-SNAPSHOT.jar and /dev/null differ
