DOCSP-32282 API Security (#149) (#290)

kennethdyer · web-flow · commit 0c39d916137b · 2024-04-02T12:54:35.000-04:00
* DOCSP-32282 Security notice for API calls * Text adjustment * Text adjustment * Adds security notice to other endpoints * Fixes build issue * Fixes build issue * Fixes text * Fixes per Sarah
diff --git a/source/includes/fact-api-endpoint.rst b/source/includes/fact-api-endpoint.rst
@@ -0,0 +1,8 @@
+
+
+``mongosync`` does not protect the |endpoint| endpoint.  However, by default 
+the API binds to localhost only and does not accept calls from other sources.
+Additionally, the |endpoint| call does not expose connection credentials 
+or user data.
+
+
diff --git a/source/reference/api/commit.txt b/source/reference/api/commit.txt
@@ -150,7 +150,6 @@ State
 ~~~~~
 
 If the ``commit`` request is successful, ``mongosync`` enters the
-``COMMITTING`` state, then automatically transitions to the
 ``COMMITTED`` state. Once ``mongosync`` enters the ``COMMITTED`` state,
 continuous sync between the clusters stops. 
 
@@ -159,4 +158,11 @@ Data Verification
 
 .. include:: /includes/fact-verification
 
+Endpoint Protection
+~~~~~~~~~~~~~~~~~~~
+
+.. |endpoint| replace:: ``commit``
+.. include:: /includes/fact-api-endpoint
+
+
 
diff --git a/source/reference/api/pause.txt b/source/reference/api/pause.txt
@@ -77,3 +77,12 @@ Behavior
   increase the size of the replica set :term:`oplog` in the source
   cluster. To learn more, see :ref:`Frequently Asked Questions
   <c2c-faq-increase-oplog>`. 
+
+Endpoint Protection
+~~~~~~~~~~~~~~~~~~~
+
+.. |endpoint| replace:: ``pause``
+.. include:: /includes/fact-api-endpoint
+
+
+
diff --git a/source/reference/api/progress.txt b/source/reference/api/progress.txt
@@ -59,6 +59,13 @@ Behavior
 - The endpoint does not auto-refresh. To get updated status, call the
   ``progress`` endpoint again.
 
+Endpoint Protection
+~~~~~~~~~~~~~~~~~~~
+
+.. |endpoint| replace:: ``progress``
+.. include:: /includes/fact-api-endpoint
+
+
 Example
 -------
 
diff --git a/source/reference/api/resume.txt b/source/reference/api/resume.txt
@@ -73,3 +73,11 @@ Behavior
 
 If the ``resume`` request is successful, ``mongosync`` enters the
 ``RUNNING`` state.
+
+Endpoint Protection
+~~~~~~~~~~~~~~~~~~~
+
+.. |endpoint| replace:: ``resume``
+.. include:: /includes/fact-api-endpoint
+
+
diff --git a/source/reference/api/reverse.txt b/source/reference/api/reverse.txt
@@ -141,3 +141,10 @@ To view the mapping direction for the synchronization of the source and
 destination clusters, use the :ref:`progress <c2c-api-progress>`
 endpoint and check the ``directionMapping`` object.
 
+Endpoint Protection
+~~~~~~~~~~~~~~~~~~~
+
+.. |endpoint| replace:: ``reverse``
+.. include:: /includes/fact-api-endpoint
+
+
diff --git a/source/reference/api/start.txt b/source/reference/api/start.txt
@@ -468,4 +468,11 @@ Indexes that are always built include:
   sharded collection, which are removed after commit. When ``buildIndexes`` is
   set to ``never``, ``mongosync`` retains this index after commit.
 
-  
+
+Endpoint Protection
+~~~~~~~~~~~~~~~~~~~
+
+.. |endpoint| replace:: ``start``
+.. include:: /includes/fact-api-endpoint
+
+
