diff --git a/authentik/tenants/api.py b/authentik/tenants/api.py
index f77763970..1226ec3ec 100644
--- a/authentik/tenants/api.py
+++ b/authentik/tenants/api.py
@@ -3,6 +3,7 @@ from typing import Any
from django.db import models
from drf_spectacular.utils import extend_schema
+from rest_framework.authentication import SessionAuthentication
from rest_framework.decorators import action
from rest_framework.exceptions import ValidationError
from rest_framework.fields import CharField, ChoiceField, ListField
@@ -13,10 +14,12 @@ from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ModelViewSet
+from authentik.api.authentication import TokenAuthentication
from authentik.api.authorization import SecretKeyFilter
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import PassiveSerializer
from authentik.lib.config import CONFIG
+from authentik.stages.authenticator_mobile.api.auth import MobileDeviceTokenAuthentication
from authentik.tenants.models import Tenant
@@ -130,7 +133,16 @@ class TenantViewSet(UsedByMixin, ModelViewSet):
@extend_schema(
responses=CurrentTenantSerializer(many=False),
)
- @action(methods=["GET"], detail=False, permission_classes=[AllowAny])
+ @action(
+ methods=["GET"],
+ detail=False,
+ permission_classes=[AllowAny],
+ authentication_classes=[
+ MobileDeviceTokenAuthentication,
+ TokenAuthentication,
+ SessionAuthentication,
+ ],
+ )
def current(self, request: Request) -> Response:
"""Get current tenant"""
tenant: Tenant = request._request.tenant
diff --git a/blueprints/schema.json b/blueprints/schema.json
index e10eef273..762204642 100644
--- a/blueprints/schema.json
+++ b/blueprints/schema.json
@@ -5999,7 +5999,6 @@
"string",
"null"
],
- "minLength": 1,
"title": "Friendly name"
},
"client_id": {
@@ -6144,7 +6143,6 @@
"string",
"null"
],
- "minLength": 1,
"title": "Friendly name"
},
"item_matching_mode": {
@@ -6280,7 +6278,6 @@
"string",
"null"
],
- "minLength": 1,
"title": "Friendly name"
},
"provider": {
@@ -6447,7 +6444,6 @@
"string",
"null"
],
- "minLength": 1,
"title": "Friendly name"
},
"token_count": {
@@ -6581,7 +6577,6 @@
"string",
"null"
],
- "minLength": 1,
"title": "Friendly name"
},
"digits": {
@@ -6855,7 +6850,6 @@
"string",
"null"
],
- "minLength": 1,
"title": "Friendly name"
},
"user_verification": {
diff --git a/schema.yml b/schema.yml
index ce13d0c9a..1600dca26 100644
--- a/schema.yml
+++ b/schema.yml
@@ -18807,7 +18807,7 @@ paths:
* `authentik_stages_authenticator_mobile.mobiledevice` - Mobile Device
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
+ * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
* `authentik_stages_authenticator_static.staticdevice` - Static Device
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
@@ -19105,7 +19105,7 @@ paths:
* `authentik_stages_authenticator_mobile.mobiledevice` - Mobile Device
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
+ * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
* `authentik_stages_authenticator_static.staticdevice` - Static Device
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
@@ -24076,7 +24076,7 @@ paths:
schema:
type: string
format: uuid
- description: A UUID string identifying this Static Authenticator Stage.
+ description: A UUID string identifying this Static Authenticator Setup Stage.
required: true
tags:
- stages
@@ -24110,7 +24110,7 @@ paths:
schema:
type: string
format: uuid
- description: A UUID string identifying this Static Authenticator Stage.
+ description: A UUID string identifying this Static Authenticator Setup Stage.
required: true
tags:
- stages
@@ -24150,7 +24150,7 @@ paths:
schema:
type: string
format: uuid
- description: A UUID string identifying this Static Authenticator Stage.
+ description: A UUID string identifying this Static Authenticator Setup Stage.
required: true
tags:
- stages
@@ -24189,7 +24189,7 @@ paths:
schema:
type: string
format: uuid
- description: A UUID string identifying this Static Authenticator Stage.
+ description: A UUID string identifying this Static Authenticator Setup Stage.
required: true
tags:
- stages
@@ -24220,7 +24220,7 @@ paths:
schema:
type: string
format: uuid
- description: A UUID string identifying this Static Authenticator Stage.
+ description: A UUID string identifying this Static Authenticator Setup Stage.
required: true
tags:
- stages
@@ -29965,7 +29965,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
user_verification:
$ref: '#/components/schemas/UserVerificationEnum'
authenticator_attachment:
@@ -30276,7 +30275,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
client_id:
type: string
minLength: 1
@@ -30419,7 +30417,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
item_matching_mode:
$ref: '#/components/schemas/ItemMatchingModeEnum'
cgw_endpoint:
@@ -30562,7 +30559,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
provider:
$ref: '#/components/schemas/ProviderEnum'
from_number:
@@ -30707,7 +30703,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
token_count:
type: integer
maximum: 2147483647
@@ -30828,7 +30823,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
digits:
$ref: '#/components/schemas/DigitsEnum'
required:
@@ -32804,7 +32798,7 @@ components:
* `authentik_stages_authenticator_mobile.mobiledevice` - Mobile Device
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
+ * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
* `authentik_stages_authenticator_static.staticdevice` - Static Device
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
@@ -33007,7 +33001,7 @@ components:
* `authentik_stages_authenticator_mobile.mobiledevice` - Mobile Device
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
+ * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
* `authentik_stages_authenticator_static.staticdevice` - Static Device
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
@@ -35587,7 +35581,7 @@ components:
* `authentik_stages_authenticator_mobile.mobiledevice` - Mobile Device
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
+ * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
* `authentik_stages_authenticator_static.staticdevice` - Static Device
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
@@ -38166,7 +38160,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
user_verification:
$ref: '#/components/schemas/UserVerificationEnum'
authenticator_attachment:
@@ -38195,7 +38188,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
client_id:
type: string
minLength: 1
@@ -38231,7 +38223,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
item_matching_mode:
$ref: '#/components/schemas/ItemMatchingModeEnum'
cgw_endpoint:
@@ -38257,7 +38248,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
provider:
$ref: '#/components/schemas/ProviderEnum'
from_number:
@@ -38303,7 +38293,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
token_count:
type: integer
maximum: 2147483647
@@ -38332,7 +38321,6 @@ components:
friendly_name:
type: string
nullable: true
- minLength: 1
digits:
$ref: '#/components/schemas/DigitsEnum'
PatchedAuthenticatorValidateStageRequest:
@@ -38779,7 +38767,7 @@ components:
* `authentik_stages_authenticator_mobile.mobiledevice` - Mobile Device
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
+ * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
* `authentik_stages_authenticator_static.staticdevice` - Static Device
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
diff --git a/web/src/flow/stages/authenticator_mobile/AuthenticatorMobileStage.ts b/web/src/flow/stages/authenticator_mobile/AuthenticatorMobileStage.ts
index b5b7dc6f9..1d4d7e2d2 100644
--- a/web/src/flow/stages/authenticator_mobile/AuthenticatorMobileStage.ts
+++ b/web/src/flow/stages/authenticator_mobile/AuthenticatorMobileStage.ts
@@ -102,6 +102,7 @@ export class AuthenticatorMobileStage extends BaseStage<
+