diff --git a/website/docs/releases/v2022.12.md b/website/docs/releases/v2022.12.md index f353ba1e6..31a35d275 100644 --- a/website/docs/releases/v2022.12.md +++ b/website/docs/releases/v2022.12.md @@ -21,6 +21,8 @@ slug: "2022.12" When creating new stages or policies, authentik will now automatically offer an option to bind them to the object in whose context they were created in. + Select inputs were previously limited to showing a single page of items (default size of 100 items). These inputs have been replaced by dynamically loading inputs which support searching and better show the properties of the item. + - Preview for OAuth2 and SAML providers OAuth2 and SAML providers can now preview what the currently selected property/scope mappings's outcome will look like. This helps with seeing what data is sent to the client and implementing and testing custom mappings. diff --git a/website/static/docker-compose.yml b/website/static/docker-compose.yml deleted file mode 100644 index dccdea971..000000000 --- a/website/static/docker-compose.yml +++ /dev/null @@ -1,81 +0,0 @@ ---- -version: '3.4' - -services: - postgresql: - image: docker.io/library/postgres:12-alpine - restart: unless-stopped - healthcheck: - test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] - start_period: 20s - interval: 30s - retries: 5 - timeout: 5s - volumes: - - database:/var/lib/postgresql/data - environment: - - POSTGRES_PASSWORD=${PG_PASS:?database password required} - - POSTGRES_USER=${PG_USER:-authentik} - - POSTGRES_DB=${PG_DB:-authentik} - env_file: - - .env - redis: - image: docker.io/library/redis:alpine - command: --save 60 1 --loglevel warning - restart: unless-stopped - healthcheck: - test: ["CMD-SHELL", "redis-cli ping | grep PONG"] - start_period: 20s - interval: 30s - retries: 5 - timeout: 3s - volumes: - - redis:/data - server: - image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.11.4} - restart: unless-stopped - command: server - environment: - AUTHENTIK_REDIS__HOST: redis - AUTHENTIK_POSTGRESQL__HOST: postgresql - AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} - AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} - AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} - volumes: - - ./media:/media - - ./custom-templates:/templates - env_file: - - .env - ports: - - "0.0.0.0:${AUTHENTIK_PORT_HTTP:-9000}:9000" - - "0.0.0.0:${AUTHENTIK_PORT_HTTPS:-9443}:9443" - worker: - image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.11.4} - restart: unless-stopped - command: worker - environment: - AUTHENTIK_REDIS__HOST: redis - AUTHENTIK_POSTGRESQL__HOST: postgresql - AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} - AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} - AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} - # `user: root` and the docker socket volume are optional. - # See more for the docker socket integration here: - # https://goauthentik.io/docs/outposts/integrations/docker - # Removing `user: root` also prevents the worker from fixing the permissions - # on the mounted folders, so when removing this make sure the folders have the correct UID/GID - # (1000:1000 by default) - user: root - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - ./media:/media - - ./certs:/certs - - ./custom-templates:/templates - env_file: - - .env - -volumes: - database: - driver: local - redis: - driver: local diff --git a/website/static/schema.yaml b/website/static/schema.yaml deleted file mode 100644 index b95548960..000000000 --- a/website/static/schema.yaml +++ /dev/null @@ -1,38515 +0,0 @@ -openapi: 3.0.3 -info: - title: authentik - version: 2022.11.4 - description: Making authentication simple. - contact: - email: hello@goauthentik.io - license: - name: MIT - url: https://github.com/goauthentik/authentik/blob/main/LICENSE -paths: - /admin/apps/: - get: - operationId: admin_apps_list - description: Read-only view list all installed apps - tags: - - admin - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/App' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /admin/metrics/: - get: - operationId: admin_metrics_retrieve - description: Login Metrics per 1h - tags: - - admin - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/LoginMetrics' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /admin/system/: - get: - operationId: admin_system_retrieve - description: Get system information. - tags: - - admin - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/System' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /admin/system_tasks/: - get: - operationId: admin_system_tasks_list - description: List system tasks - tags: - - admin - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/Task' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /admin/system_tasks/{id}/: - get: - operationId: admin_system_tasks_retrieve - description: Get a single system task - parameters: - - in: path - name: id - schema: - type: string - required: true - tags: - - admin - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Task' - description: '' - '404': - description: Task not found - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /admin/system_tasks/{id}/retry/: - post: - operationId: admin_system_tasks_retry_create - description: Retry task - parameters: - - in: path - name: id - schema: - type: string - required: true - tags: - - admin - security: - - authentik: [] - responses: - '204': - description: Task retried successfully - '404': - description: Task not found - '500': - description: Failed to retry task - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /admin/version/: - get: - operationId: admin_version_retrieve - description: Get running and latest version. - tags: - - admin - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Version' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /admin/workers/: - get: - operationId: admin_workers_retrieve - description: Get currently connected worker count. - tags: - - admin - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Workers' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/admin/all/: - get: - operationId: authenticators_admin_all_list - description: Get all devices for current user - parameters: - - in: query - name: user - schema: - type: integer - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/Device' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/admin/duo/: - get: - operationId: authenticators_admin_duo_list - description: Viewset for Duo authenticator devices (for admins) - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedDuoDeviceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: authenticators_admin_duo_create - description: Viewset for Duo authenticator devices (for admins) - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DuoDeviceRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/DuoDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/admin/duo/{id}/: - get: - operationId: authenticators_admin_duo_retrieve - description: Viewset for Duo authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Duo Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DuoDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: authenticators_admin_duo_update - description: Viewset for Duo authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Duo Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DuoDeviceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DuoDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: authenticators_admin_duo_partial_update - description: Viewset for Duo authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Duo Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedDuoDeviceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DuoDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: authenticators_admin_duo_destroy - description: Viewset for Duo authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Duo Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/admin/sms/: - get: - operationId: authenticators_admin_sms_list - description: Viewset for sms authenticator devices (for admins) - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedSMSDeviceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: authenticators_admin_sms_create - description: Viewset for sms authenticator devices (for admins) - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SMSDeviceRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/SMSDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/admin/sms/{id}/: - get: - operationId: authenticators_admin_sms_retrieve - description: Viewset for sms authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SMS Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SMSDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: authenticators_admin_sms_update - description: Viewset for sms authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SMS Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SMSDeviceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SMSDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: authenticators_admin_sms_partial_update - description: Viewset for sms authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SMS Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedSMSDeviceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SMSDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: authenticators_admin_sms_destroy - description: Viewset for sms authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SMS Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/admin/static/: - get: - operationId: authenticators_admin_static_list - description: Viewset for static authenticator devices (for admins) - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedStaticDeviceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: authenticators_admin_static_create - description: Viewset for static authenticator devices (for admins) - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/StaticDeviceRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/StaticDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/admin/static/{id}/: - get: - operationId: authenticators_admin_static_retrieve - description: Viewset for static authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this static device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/StaticDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: authenticators_admin_static_update - description: Viewset for static authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this static device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/StaticDeviceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/StaticDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: authenticators_admin_static_partial_update - description: Viewset for static authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this static device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedStaticDeviceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/StaticDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: authenticators_admin_static_destroy - description: Viewset for static authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this static device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/admin/totp/: - get: - operationId: authenticators_admin_totp_list - description: Viewset for totp authenticator devices (for admins) - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedTOTPDeviceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: authenticators_admin_totp_create - description: Viewset for totp authenticator devices (for admins) - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TOTPDeviceRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/TOTPDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/admin/totp/{id}/: - get: - operationId: authenticators_admin_totp_retrieve - description: Viewset for totp authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this TOTP device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/TOTPDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: authenticators_admin_totp_update - description: Viewset for totp authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this TOTP device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TOTPDeviceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/TOTPDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: authenticators_admin_totp_partial_update - description: Viewset for totp authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this TOTP device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedTOTPDeviceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/TOTPDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: authenticators_admin_totp_destroy - description: Viewset for totp authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this TOTP device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/admin/webauthn/: - get: - operationId: authenticators_admin_webauthn_list - description: Viewset for WebAuthn authenticator devices (for admins) - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedWebAuthnDeviceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: authenticators_admin_webauthn_create - description: Viewset for WebAuthn authenticator devices (for admins) - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/WebAuthnDeviceRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/WebAuthnDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/admin/webauthn/{id}/: - get: - operationId: authenticators_admin_webauthn_retrieve - description: Viewset for WebAuthn authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this WebAuthn Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/WebAuthnDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: authenticators_admin_webauthn_update - description: Viewset for WebAuthn authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this WebAuthn Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/WebAuthnDeviceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/WebAuthnDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: authenticators_admin_webauthn_partial_update - description: Viewset for WebAuthn authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this WebAuthn Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/WebAuthnDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: authenticators_admin_webauthn_destroy - description: Viewset for WebAuthn authenticator devices (for admins) - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this WebAuthn Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/all/: - get: - operationId: authenticators_all_list - description: Get all devices for current user - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/Device' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/duo/: - get: - operationId: authenticators_duo_list - description: Viewset for Duo authenticator devices - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedDuoDeviceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/duo/{id}/: - get: - operationId: authenticators_duo_retrieve - description: Viewset for Duo authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Duo Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DuoDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: authenticators_duo_update - description: Viewset for Duo authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Duo Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DuoDeviceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DuoDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: authenticators_duo_partial_update - description: Viewset for Duo authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Duo Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedDuoDeviceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DuoDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: authenticators_duo_destroy - description: Viewset for Duo authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Duo Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/duo/{id}/used_by/: - get: - operationId: authenticators_duo_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Duo Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/sms/: - get: - operationId: authenticators_sms_list - description: Viewset for sms authenticator devices - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedSMSDeviceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/sms/{id}/: - get: - operationId: authenticators_sms_retrieve - description: Viewset for sms authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SMS Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SMSDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: authenticators_sms_update - description: Viewset for sms authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SMS Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SMSDeviceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SMSDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: authenticators_sms_partial_update - description: Viewset for sms authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SMS Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedSMSDeviceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SMSDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: authenticators_sms_destroy - description: Viewset for sms authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SMS Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/sms/{id}/used_by/: - get: - operationId: authenticators_sms_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SMS Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/static/: - get: - operationId: authenticators_static_list - description: Viewset for static authenticator devices - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedStaticDeviceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/static/{id}/: - get: - operationId: authenticators_static_retrieve - description: Viewset for static authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this static device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/StaticDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: authenticators_static_update - description: Viewset for static authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this static device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/StaticDeviceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/StaticDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: authenticators_static_partial_update - description: Viewset for static authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this static device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedStaticDeviceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/StaticDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: authenticators_static_destroy - description: Viewset for static authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this static device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/static/{id}/used_by/: - get: - operationId: authenticators_static_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this static device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/totp/: - get: - operationId: authenticators_totp_list - description: Viewset for totp authenticator devices - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedTOTPDeviceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/totp/{id}/: - get: - operationId: authenticators_totp_retrieve - description: Viewset for totp authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this TOTP device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/TOTPDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: authenticators_totp_update - description: Viewset for totp authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this TOTP device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TOTPDeviceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/TOTPDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: authenticators_totp_partial_update - description: Viewset for totp authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this TOTP device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedTOTPDeviceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/TOTPDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: authenticators_totp_destroy - description: Viewset for totp authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this TOTP device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/totp/{id}/used_by/: - get: - operationId: authenticators_totp_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this TOTP device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/webauthn/: - get: - operationId: authenticators_webauthn_list - description: Viewset for WebAuthn authenticator devices - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedWebAuthnDeviceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/webauthn/{id}/: - get: - operationId: authenticators_webauthn_retrieve - description: Viewset for WebAuthn authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this WebAuthn Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/WebAuthnDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: authenticators_webauthn_update - description: Viewset for WebAuthn authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this WebAuthn Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/WebAuthnDeviceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/WebAuthnDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: authenticators_webauthn_partial_update - description: Viewset for WebAuthn authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this WebAuthn Device. - required: true - tags: - - authenticators - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/WebAuthnDevice' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: authenticators_webauthn_destroy - description: Viewset for WebAuthn authenticator devices - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this WebAuthn Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /authenticators/webauthn/{id}/used_by/: - get: - operationId: authenticators_webauthn_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this WebAuthn Device. - required: true - tags: - - authenticators - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/applications/: - get: - operationId: core_applications_list - description: Custom list method that checks Policy based access instead of guardian - parameters: - - in: query - name: group - schema: - type: string - - in: query - name: meta_description - schema: - type: string - - in: query - name: meta_launch_url - schema: - type: string - - in: query - name: meta_publisher - schema: - type: string - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: slug - schema: - type: string - - in: query - name: superuser_full_list - schema: - type: boolean - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedApplicationList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: core_applications_create - description: Application Viewset - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApplicationRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/Application' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/applications/{slug}/: - get: - operationId: core_applications_retrieve - description: Application Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal application name, used in URLs. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Application' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: core_applications_update - description: Application Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal application name, used in URLs. - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ApplicationRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Application' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: core_applications_partial_update - description: Application Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal application name, used in URLs. - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedApplicationRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Application' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: core_applications_destroy - description: Application Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal application name, used in URLs. - required: true - tags: - - core - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/applications/{slug}/check_access/: - get: - operationId: core_applications_check_access_retrieve - description: Check access to a single application by slug - parameters: - - in: query - name: for_user - schema: - type: integer - - in: path - name: slug - schema: - type: string - description: Internal application name, used in URLs. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PolicyTestResult' - description: '' - '404': - description: for_user user not found - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/applications/{slug}/metrics/: - get: - operationId: core_applications_metrics_list - description: Metrics for application logins - parameters: - - in: path - name: slug - schema: - type: string - description: Internal application name, used in URLs. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/Coordinate' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/applications/{slug}/set_icon/: - post: - operationId: core_applications_set_icon_create - description: Set application icon - parameters: - - in: path - name: slug - schema: - type: string - description: Internal application name, used in URLs. - required: true - tags: - - core - requestBody: - content: - multipart/form-data: - schema: - $ref: '#/components/schemas/FileUploadRequest' - security: - - authentik: [] - responses: - '200': - description: Success - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/applications/{slug}/set_icon_url/: - post: - operationId: core_applications_set_icon_url_create - description: Set application icon (as URL) - parameters: - - in: path - name: slug - schema: - type: string - description: Internal application name, used in URLs. - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FilePathRequest' - required: true - security: - - authentik: [] - responses: - '200': - description: Success - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/applications/{slug}/used_by/: - get: - operationId: core_applications_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: slug - schema: - type: string - description: Internal application name, used in URLs. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/authenticated_sessions/: - get: - operationId: core_authenticated_sessions_list - description: AuthenticatedSession Viewset - parameters: - - in: query - name: last_ip - schema: - type: string - - in: query - name: last_user_agent - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: user__username - schema: - type: string - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedAuthenticatedSessionList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/authenticated_sessions/{uuid}/: - get: - operationId: core_authenticated_sessions_retrieve - description: AuthenticatedSession Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Authenticated Session. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatedSession' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: core_authenticated_sessions_destroy - description: AuthenticatedSession Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Authenticated Session. - required: true - tags: - - core - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/authenticated_sessions/{uuid}/used_by/: - get: - operationId: core_authenticated_sessions_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Authenticated Session. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/groups/: - get: - operationId: core_groups_list - description: Group Viewset - parameters: - - in: query - name: attributes - schema: - type: string - description: Attributes - - in: query - name: is_superuser - schema: - type: boolean - - in: query - name: members_by_pk - schema: - type: array - items: - type: integer - explode: true - style: form - - in: query - name: members_by_username - schema: - type: array - items: - type: string - description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ - only. - explode: true - style: form - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedGroupList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: core_groups_create - description: Group Viewset - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GroupRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/Group' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/groups/{group_uuid}/: - get: - operationId: core_groups_retrieve - description: Group Viewset - parameters: - - in: path - name: group_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this group. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Group' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: core_groups_update - description: Group Viewset - parameters: - - in: path - name: group_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this group. - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/GroupRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Group' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: core_groups_partial_update - description: Group Viewset - parameters: - - in: path - name: group_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this group. - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedGroupRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Group' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: core_groups_destroy - description: Group Viewset - parameters: - - in: path - name: group_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this group. - required: true - tags: - - core - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/groups/{group_uuid}/used_by/: - get: - operationId: core_groups_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: group_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this group. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/tenants/: - get: - operationId: core_tenants_list - description: Tenant Viewset - parameters: - - in: query - name: branding_favicon - schema: - type: string - - in: query - name: branding_logo - schema: - type: string - - in: query - name: branding_title - schema: - type: string - - in: query - name: default - schema: - type: boolean - - in: query - name: domain - schema: - type: string - - in: query - name: event_retention - schema: - type: string - - in: query - name: flow_authentication - schema: - type: string - format: uuid - - in: query - name: flow_device_code - schema: - type: string - format: uuid - - in: query - name: flow_invalidation - schema: - type: string - format: uuid - - in: query - name: flow_recovery - schema: - type: string - format: uuid - - in: query - name: flow_unenrollment - schema: - type: string - format: uuid - - in: query - name: flow_user_settings - schema: - type: string - format: uuid - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: tenant_uuid - schema: - type: string - format: uuid - - in: query - name: web_certificate - schema: - type: string - format: uuid - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedTenantList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: core_tenants_create - description: Tenant Viewset - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TenantRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/Tenant' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/tenants/{tenant_uuid}/: - get: - operationId: core_tenants_retrieve - description: Tenant Viewset - parameters: - - in: path - name: tenant_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Tenant. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Tenant' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: core_tenants_update - description: Tenant Viewset - parameters: - - in: path - name: tenant_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Tenant. - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TenantRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Tenant' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: core_tenants_partial_update - description: Tenant Viewset - parameters: - - in: path - name: tenant_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Tenant. - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedTenantRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Tenant' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: core_tenants_destroy - description: Tenant Viewset - parameters: - - in: path - name: tenant_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Tenant. - required: true - tags: - - core - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/tenants/{tenant_uuid}/used_by/: - get: - operationId: core_tenants_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: tenant_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Tenant. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/tenants/current/: - get: - operationId: core_tenants_current_retrieve - description: Get current tenant - tags: - - core - security: - - authentik: [] - - {} - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/CurrentTenant' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/tokens/: - get: - operationId: core_tokens_list - description: Token Viewset - parameters: - - in: query - name: description - schema: - type: string - - in: query - name: expires - schema: - type: string - format: date-time - - in: query - name: expiring - schema: - type: boolean - - in: query - name: identifier - schema: - type: string - - in: query - name: intent - schema: - type: string - enum: - - api - - app_password - - recovery - - verification - - in: query - name: managed - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: user__username - schema: - type: string - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedTokenList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: core_tokens_create - description: Token Viewset - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TokenRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/Token' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/tokens/{identifier}/: - get: - operationId: core_tokens_retrieve - description: Token Viewset - parameters: - - in: path - name: identifier - schema: - type: string - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Token' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: core_tokens_update - description: Token Viewset - parameters: - - in: path - name: identifier - schema: - type: string - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TokenRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Token' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: core_tokens_partial_update - description: Token Viewset - parameters: - - in: path - name: identifier - schema: - type: string - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedTokenRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Token' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: core_tokens_destroy - description: Token Viewset - parameters: - - in: path - name: identifier - schema: - type: string - required: true - tags: - - core - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/tokens/{identifier}/set_key/: - post: - operationId: core_tokens_set_key_create - description: Return token key and log access - parameters: - - in: path - name: identifier - schema: - type: string - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/TokenSetKeyRequest' - required: true - security: - - authentik: [] - responses: - '204': - description: Successfully changed key - '400': - description: Missing key - '404': - description: Token not found or expired - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/tokens/{identifier}/used_by/: - get: - operationId: core_tokens_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: identifier - schema: - type: string - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/tokens/{identifier}/view_key/: - get: - operationId: core_tokens_view_key_retrieve - description: Return token key and log access - parameters: - - in: path - name: identifier - schema: - type: string - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/TokenView' - description: '' - '404': - description: Token not found or expired - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/user_consent/: - get: - operationId: core_user_consent_list - description: UserConsent Viewset - parameters: - - in: query - name: application - schema: - type: string - format: uuid - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: user - schema: - type: integer - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedUserConsentList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/user_consent/{id}/: - get: - operationId: core_user_consent_retrieve - description: UserConsent Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User Consent. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserConsent' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: core_user_consent_destroy - description: UserConsent Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User Consent. - required: true - tags: - - core - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/user_consent/{id}/used_by/: - get: - operationId: core_user_consent_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User Consent. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/users/: - get: - operationId: core_users_list - description: User Viewset - parameters: - - in: query - name: attributes - schema: - type: string - description: Attributes - - in: query - name: email - schema: - type: string - - in: query - name: groups_by_name - schema: - type: array - items: - type: string - explode: true - style: form - - in: query - name: groups_by_pk - schema: - type: array - items: - type: string - format: uuid - explode: true - style: form - - in: query - name: is_active - schema: - type: boolean - - in: query - name: is_superuser - schema: - type: boolean - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: path - schema: - type: string - - in: query - name: path_startswith - schema: - type: string - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: username - schema: - type: string - - in: query - name: uuid - schema: - type: string - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedUserList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: core_users_create - description: User Viewset - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/User' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/users/{id}/: - get: - operationId: core_users_retrieve - description: User Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/User' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: core_users_update - description: User Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User. - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/User' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: core_users_partial_update - description: User Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User. - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedUserRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/User' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: core_users_destroy - description: User Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User. - required: true - tags: - - core - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/users/{id}/metrics/: - get: - operationId: core_users_metrics_retrieve - description: User metrics per 1h - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserMetrics' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/users/{id}/recovery/: - get: - operationId: core_users_recovery_retrieve - description: Create a temporary link that a user can use to recover their accounts - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Link' - description: '' - '404': - content: - application/json: - schema: - $ref: '#/components/schemas/Link' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/users/{id}/recovery_email/: - get: - operationId: core_users_recovery_email_retrieve - description: Create a temporary link that a user can use to recover their accounts - parameters: - - in: query - name: email_stage - schema: - type: string - required: true - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User. - required: true - tags: - - core - security: - - authentik: [] - responses: - '204': - description: Successfully sent recover email - '404': - description: Bad request - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/users/{id}/set_password/: - post: - operationId: core_users_set_password_create - description: Set password for user - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User. - required: true - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserPasswordSetRequest' - required: true - security: - - authentik: [] - responses: - '204': - description: Successfully changed password - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/users/{id}/used_by/: - get: - operationId: core_users_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User. - required: true - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/users/me/: - get: - operationId: core_users_me_retrieve - description: Get information about current user - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SessionUser' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/users/paths/: - get: - operationId: core_users_paths_retrieve - description: Get all user paths - parameters: - - in: query - name: search - schema: - type: string - tags: - - core - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserPath' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /core/users/service_account/: - post: - operationId: core_users_service_account_create - description: Create a new user account that is marked as a service account - tags: - - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserServiceAccountRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserServiceAccountResponse' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /crypto/certificatekeypairs/: - get: - operationId: crypto_certificatekeypairs_list - description: CertificateKeyPair Viewset - parameters: - - in: query - name: has_key - schema: - type: boolean - description: Only return certificate-key pairs with keys - - in: query - name: include_details - schema: - type: boolean - default: true - - in: query - name: managed - schema: - type: string - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - crypto - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedCertificateKeyPairList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: crypto_certificatekeypairs_create - description: CertificateKeyPair Viewset - tags: - - crypto - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CertificateKeyPairRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/CertificateKeyPair' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /crypto/certificatekeypairs/{kp_uuid}/: - get: - operationId: crypto_certificatekeypairs_retrieve - description: CertificateKeyPair Viewset - parameters: - - in: path - name: kp_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Certificate-Key Pair. - required: true - tags: - - crypto - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/CertificateKeyPair' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: crypto_certificatekeypairs_update - description: CertificateKeyPair Viewset - parameters: - - in: path - name: kp_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Certificate-Key Pair. - required: true - tags: - - crypto - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CertificateKeyPairRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/CertificateKeyPair' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: crypto_certificatekeypairs_partial_update - description: CertificateKeyPair Viewset - parameters: - - in: path - name: kp_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Certificate-Key Pair. - required: true - tags: - - crypto - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedCertificateKeyPairRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/CertificateKeyPair' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: crypto_certificatekeypairs_destroy - description: CertificateKeyPair Viewset - parameters: - - in: path - name: kp_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Certificate-Key Pair. - required: true - tags: - - crypto - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /crypto/certificatekeypairs/{kp_uuid}/used_by/: - get: - operationId: crypto_certificatekeypairs_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: kp_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Certificate-Key Pair. - required: true - tags: - - crypto - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /crypto/certificatekeypairs/{kp_uuid}/view_certificate/: - get: - operationId: crypto_certificatekeypairs_view_certificate_retrieve - description: Return certificate-key pairs certificate and log access - parameters: - - in: query - name: download - schema: - type: boolean - - in: path - name: kp_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Certificate-Key Pair. - required: true - tags: - - crypto - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/CertificateData' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /crypto/certificatekeypairs/{kp_uuid}/view_private_key/: - get: - operationId: crypto_certificatekeypairs_view_private_key_retrieve - description: Return certificate-key pairs private key and log access - parameters: - - in: query - name: download - schema: - type: boolean - - in: path - name: kp_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Certificate-Key Pair. - required: true - tags: - - crypto - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/CertificateData' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /crypto/certificatekeypairs/generate/: - post: - operationId: crypto_certificatekeypairs_generate_create - description: Generate a new, self-signed certificate-key pair - tags: - - crypto - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CertificateGenerationRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/CertificateKeyPair' - description: '' - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/events/: - get: - operationId: events_events_list - description: Event Read-Only Viewset - parameters: - - in: query - name: action - schema: - type: string - - in: query - name: client_ip - schema: - type: string - - in: query - name: context_authorized_app - schema: - type: string - description: Context Authorized application - - in: query - name: context_model_app - schema: - type: string - description: Context Model App - - in: query - name: context_model_name - schema: - type: string - description: Context Model Name - - in: query - name: context_model_pk - schema: - type: string - description: Context Model Primary Key - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: tenant_name - schema: - type: string - description: Tenant name - - in: query - name: username - schema: - type: string - description: Username - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedEventList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: events_events_create - description: Event Read-Only Viewset - tags: - - events - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EventRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/Event' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/events/{event_uuid}/: - get: - operationId: events_events_retrieve - description: Event Read-Only Viewset - parameters: - - in: path - name: event_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Event. - required: true - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Event' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: events_events_update - description: Event Read-Only Viewset - parameters: - - in: path - name: event_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Event. - required: true - tags: - - events - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EventRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Event' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: events_events_partial_update - description: Event Read-Only Viewset - parameters: - - in: path - name: event_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Event. - required: true - tags: - - events - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedEventRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Event' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: events_events_destroy - description: Event Read-Only Viewset - parameters: - - in: path - name: event_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Event. - required: true - tags: - - events - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/events/actions/: - get: - operationId: events_events_actions_list - description: Get all actions - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/TypeCreate' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/events/per_month/: - get: - operationId: events_events_per_month_list - description: Get the count of events per month - parameters: - - in: query - name: action - schema: - type: string - - in: query - name: query - schema: - type: string - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/Coordinate' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/events/top_per_user/: - get: - operationId: events_events_top_per_user_list - description: Get the top_n events grouped by user count - parameters: - - in: query - name: action - schema: - type: string - - in: query - name: top_n - schema: - type: integer - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/EventTopPerUser' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/notifications/: - get: - operationId: events_notifications_list - description: Notification Viewset - parameters: - - in: query - name: body - schema: - type: string - - in: query - name: created - schema: - type: string - format: date-time - - in: query - name: event - schema: - type: string - format: uuid - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: seen - schema: - type: boolean - - in: query - name: severity - schema: - type: string - enum: - - alert - - notice - - warning - - in: query - name: user - schema: - type: integer - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedNotificationList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/notifications/{uuid}/: - get: - operationId: events_notifications_retrieve - description: Notification Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification. - required: true - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Notification' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: events_notifications_update - description: Notification Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification. - required: true - tags: - - events - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Notification' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: events_notifications_partial_update - description: Notification Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification. - required: true - tags: - - events - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedNotificationRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Notification' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: events_notifications_destroy - description: Notification Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification. - required: true - tags: - - events - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/notifications/{uuid}/used_by/: - get: - operationId: events_notifications_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification. - required: true - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/notifications/mark_all_seen/: - post: - operationId: events_notifications_mark_all_seen_create - description: Mark all the user's notifications as seen - tags: - - events - security: - - authentik: [] - responses: - '204': - description: Marked tasks as read successfully. - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/rules/: - get: - operationId: events_rules_list - description: NotificationRule Viewset - parameters: - - in: query - name: group__name - schema: - type: string - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: severity - schema: - type: string - enum: - - alert - - notice - - warning - description: Controls which severity level the created notifications will - have. - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedNotificationRuleList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: events_rules_create - description: NotificationRule Viewset - tags: - - events - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationRuleRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationRule' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/rules/{pbm_uuid}/: - get: - operationId: events_rules_retrieve - description: NotificationRule Viewset - parameters: - - in: path - name: pbm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification Rule. - required: true - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationRule' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: events_rules_update - description: NotificationRule Viewset - parameters: - - in: path - name: pbm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification Rule. - required: true - tags: - - events - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationRuleRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationRule' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: events_rules_partial_update - description: NotificationRule Viewset - parameters: - - in: path - name: pbm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification Rule. - required: true - tags: - - events - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedNotificationRuleRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationRule' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: events_rules_destroy - description: NotificationRule Viewset - parameters: - - in: path - name: pbm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification Rule. - required: true - tags: - - events - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/rules/{pbm_uuid}/used_by/: - get: - operationId: events_rules_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: pbm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification Rule. - required: true - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/transports/: - get: - operationId: events_transports_list - description: NotificationTransport Viewset - parameters: - - in: query - name: mode - schema: - type: string - enum: - - email - - local - - webhook - - webhook_slack - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: send_once - schema: - type: boolean - - in: query - name: webhook_url - schema: - type: string - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedNotificationTransportList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: events_transports_create - description: NotificationTransport Viewset - tags: - - events - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationTransportRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationTransport' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/transports/{uuid}/: - get: - operationId: events_transports_retrieve - description: NotificationTransport Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification Transport. - required: true - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationTransport' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: events_transports_update - description: NotificationTransport Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification Transport. - required: true - tags: - - events - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationTransportRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationTransport' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: events_transports_partial_update - description: NotificationTransport Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification Transport. - required: true - tags: - - events - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedNotificationTransportRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationTransport' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: events_transports_destroy - description: NotificationTransport Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification Transport. - required: true - tags: - - events - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/transports/{uuid}/test/: - post: - operationId: events_transports_test_create - description: |- - Send example notification using selected transport. Requires - Modify permissions. - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification Transport. - required: true - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationTransportTest' - description: '' - '500': - description: Failed to test transport - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /events/transports/{uuid}/used_by/: - get: - operationId: events_transports_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Notification Transport. - required: true - tags: - - events - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/bindings/: - get: - operationId: flows_bindings_list - description: FlowStageBinding Viewset - parameters: - - in: query - name: evaluate_on_plan - schema: - type: boolean - - in: query - name: fsb_uuid - schema: - type: string - format: uuid - - in: query - name: invalid_response_action - schema: - type: string - enum: - - restart - - restart_with_context - - retry - description: Configure how the flow executor should handle an invalid response - to a challenge. RETRY returns the error message and a similar challenge - to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT - restarts the flow while keeping the current context. - - in: query - name: order - schema: - type: integer - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: pbm_uuid - schema: - type: string - format: uuid - - in: query - name: policies - schema: - type: array - items: - type: string - format: uuid - explode: true - style: form - - in: query - name: policy_engine_mode - schema: - type: string - enum: - - all - - any - - in: query - name: re_evaluate_policies - schema: - type: boolean - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage - schema: - type: string - format: uuid - - in: query - name: target - schema: - type: string - format: uuid - tags: - - flows - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedFlowStageBindingList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: flows_bindings_create - description: FlowStageBinding Viewset - tags: - - flows - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FlowStageBindingRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/FlowStageBinding' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/bindings/{fsb_uuid}/: - get: - operationId: flows_bindings_retrieve - description: FlowStageBinding Viewset - parameters: - - in: path - name: fsb_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Flow Stage Binding. - required: true - tags: - - flows - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/FlowStageBinding' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: flows_bindings_update - description: FlowStageBinding Viewset - parameters: - - in: path - name: fsb_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Flow Stage Binding. - required: true - tags: - - flows - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FlowStageBindingRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/FlowStageBinding' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: flows_bindings_partial_update - description: FlowStageBinding Viewset - parameters: - - in: path - name: fsb_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Flow Stage Binding. - required: true - tags: - - flows - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedFlowStageBindingRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/FlowStageBinding' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: flows_bindings_destroy - description: FlowStageBinding Viewset - parameters: - - in: path - name: fsb_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Flow Stage Binding. - required: true - tags: - - flows - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/bindings/{fsb_uuid}/used_by/: - get: - operationId: flows_bindings_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: fsb_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Flow Stage Binding. - required: true - tags: - - flows - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/executor/{flow_slug}/: - get: - operationId: flows_executor_get - description: Get the next pending challenge from the currently active flow. - parameters: - - in: path - name: flow_slug - schema: - type: string - required: true - - in: query - name: query - schema: - type: string - description: Querystring as received - required: true - tags: - - flows - security: - - authentik: [] - - {} - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ChallengeTypes' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: flows_executor_solve - description: Solve the previously retrieved challenge and advanced to the next - stage. - parameters: - - in: path - name: flow_slug - schema: - type: string - required: true - - in: query - name: query - schema: - type: string - description: Querystring as received - required: true - tags: - - flows - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FlowChallengeResponseRequest' - security: - - authentik: [] - - {} - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ChallengeTypes' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/inspector/{flow_slug}/: - get: - operationId: flows_inspector_get - description: Get current flow state and record it - parameters: - - in: path - name: flow_slug - schema: - type: string - required: true - tags: - - flows - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/FlowInspection' - description: '' - '400': - description: No flow plan in session. - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/instances/: - get: - operationId: flows_instances_list - description: Flow Viewset - parameters: - - in: query - name: denied_action - schema: - type: string - enum: - - continue - - message - - message_continue - description: Configure what should happen when a flow denies access to a user. - - in: query - name: designation - schema: - type: string - enum: - - authentication - - authorization - - enrollment - - invalidation - - recovery - - stage_configuration - - unenrollment - description: Decides what this Flow is used for. For example, the Authentication - flow is redirect to when an un-authenticated user visits authentik. - - in: query - name: flow_uuid - schema: - type: string - format: uuid - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: slug - schema: - type: string - tags: - - flows - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedFlowList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: flows_instances_create - description: Flow Viewset - tags: - - flows - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FlowRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/Flow' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/instances/{slug}/: - get: - operationId: flows_instances_retrieve - description: Flow Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Visible in the URL. - required: true - tags: - - flows - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Flow' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: flows_instances_update - description: Flow Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Visible in the URL. - required: true - tags: - - flows - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FlowRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Flow' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: flows_instances_partial_update - description: Flow Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Visible in the URL. - required: true - tags: - - flows - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedFlowRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Flow' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: flows_instances_destroy - description: Flow Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Visible in the URL. - required: true - tags: - - flows - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/instances/{slug}/diagram/: - get: - operationId: flows_instances_diagram_retrieve - description: Return diagram for flow with slug `slug`, in the format used by - flowchart.js - parameters: - - in: path - name: slug - schema: - type: string - description: Visible in the URL. - required: true - tags: - - flows - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/FlowDiagram' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/instances/{slug}/execute/: - get: - operationId: flows_instances_execute_retrieve - description: Execute flow for current user - parameters: - - in: path - name: slug - schema: - type: string - description: Visible in the URL. - required: true - tags: - - flows - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Link' - description: '' - '400': - description: Flow not applicable - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/instances/{slug}/export/: - get: - operationId: flows_instances_export_retrieve - description: Export flow to .yaml file - parameters: - - in: path - name: slug - schema: - type: string - description: Visible in the URL. - required: true - tags: - - flows - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: string - format: binary - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/instances/{slug}/set_background/: - post: - operationId: flows_instances_set_background_create - description: Set Flow background - parameters: - - in: path - name: slug - schema: - type: string - description: Visible in the URL. - required: true - tags: - - flows - requestBody: - content: - multipart/form-data: - schema: - $ref: '#/components/schemas/FileUploadRequest' - security: - - authentik: [] - responses: - '200': - description: Success - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/instances/{slug}/set_background_url/: - post: - operationId: flows_instances_set_background_url_create - description: Set Flow background (as URL) - parameters: - - in: path - name: slug - schema: - type: string - description: Visible in the URL. - required: true - tags: - - flows - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FilePathRequest' - required: true - security: - - authentik: [] - responses: - '200': - description: Success - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/instances/{slug}/used_by/: - get: - operationId: flows_instances_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: slug - schema: - type: string - description: Visible in the URL. - required: true - tags: - - flows - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/instances/cache_clear/: - post: - operationId: flows_instances_cache_clear_create - description: Clear flow cache - tags: - - flows - security: - - authentik: [] - responses: - '204': - description: Successfully cleared cache - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/instances/cache_info/: - get: - operationId: flows_instances_cache_info_retrieve - description: Info about cached flows - tags: - - flows - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Cache' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /flows/instances/import/: - post: - operationId: flows_instances_import_create - description: Import flow from .yaml file - tags: - - flows - requestBody: - content: - multipart/form-data: - schema: - $ref: '#/components/schemas/FileUploadRequest' - security: - - authentik: [] - responses: - '204': - content: - application/json: - schema: - $ref: '#/components/schemas/FlowImportResult' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/FlowImportResult' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /managed/blueprints/: - get: - operationId: managed_blueprints_list - description: Blueprint instances - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: path - schema: - type: string - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - managed - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedBlueprintInstanceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: managed_blueprints_create - description: Blueprint instances - tags: - - managed - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BlueprintInstanceRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/BlueprintInstance' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /managed/blueprints/{instance_uuid}/: - get: - operationId: managed_blueprints_retrieve - description: Blueprint instances - parameters: - - in: path - name: instance_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Blueprint Instance. - required: true - tags: - - managed - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/BlueprintInstance' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: managed_blueprints_update - description: Blueprint instances - parameters: - - in: path - name: instance_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Blueprint Instance. - required: true - tags: - - managed - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/BlueprintInstanceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/BlueprintInstance' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: managed_blueprints_partial_update - description: Blueprint instances - parameters: - - in: path - name: instance_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Blueprint Instance. - required: true - tags: - - managed - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedBlueprintInstanceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/BlueprintInstance' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: managed_blueprints_destroy - description: Blueprint instances - parameters: - - in: path - name: instance_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Blueprint Instance. - required: true - tags: - - managed - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /managed/blueprints/{instance_uuid}/apply/: - post: - operationId: managed_blueprints_apply_create - description: Apply a blueprint - parameters: - - in: path - name: instance_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Blueprint Instance. - required: true - tags: - - managed - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/BlueprintInstance' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /managed/blueprints/{instance_uuid}/used_by/: - get: - operationId: managed_blueprints_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: instance_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Blueprint Instance. - required: true - tags: - - managed - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /managed/blueprints/available/: - get: - operationId: managed_blueprints_available_list - description: Get blueprints - tags: - - managed - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/BlueprintFile' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /oauth2/authorization_codes/: - get: - operationId: oauth2_authorization_codes_list - description: AuthorizationCode Viewset - parameters: - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: provider - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: user - schema: - type: integer - tags: - - oauth2 - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /oauth2/authorization_codes/{id}/: - get: - operationId: oauth2_authorization_codes_retrieve - description: AuthorizationCode Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Authorization Code. - required: true - tags: - - oauth2 - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ExpiringBaseGrantModel' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: oauth2_authorization_codes_destroy - description: AuthorizationCode Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Authorization Code. - required: true - tags: - - oauth2 - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /oauth2/authorization_codes/{id}/used_by/: - get: - operationId: oauth2_authorization_codes_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Authorization Code. - required: true - tags: - - oauth2 - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /oauth2/refresh_tokens/: - get: - operationId: oauth2_refresh_tokens_list - description: RefreshToken Viewset - parameters: - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: provider - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: user - schema: - type: integer - tags: - - oauth2 - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedRefreshTokenModelList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /oauth2/refresh_tokens/{id}/: - get: - operationId: oauth2_refresh_tokens_retrieve - description: RefreshToken Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this OAuth2 Token. - required: true - tags: - - oauth2 - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/RefreshTokenModel' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: oauth2_refresh_tokens_destroy - description: RefreshToken Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this OAuth2 Token. - required: true - tags: - - oauth2 - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /oauth2/refresh_tokens/{id}/used_by/: - get: - operationId: oauth2_refresh_tokens_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this OAuth2 Token. - required: true - tags: - - oauth2 - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/instances/: - get: - operationId: outposts_instances_list - description: Outpost Viewset - parameters: - - in: query - name: managed__icontains - schema: - type: string - - in: query - name: managed__iexact - schema: - type: string - - in: query - name: name__icontains - schema: - type: string - - in: query - name: name__iexact - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: providers__isnull - schema: - type: boolean - - in: query - name: providers_by_pk - schema: - type: array - items: - type: integer - explode: true - style: form - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: service_connection__name__icontains - schema: - type: string - - in: query - name: service_connection__name__iexact - schema: - type: string - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedOutpostList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: outposts_instances_create - description: Outpost Viewset - tags: - - outposts - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/OutpostRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/Outpost' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/instances/{uuid}/: - get: - operationId: outposts_instances_retrieve - description: Outpost Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this outpost. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Outpost' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: outposts_instances_update - description: Outpost Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this outpost. - required: true - tags: - - outposts - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/OutpostRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Outpost' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: outposts_instances_partial_update - description: Outpost Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this outpost. - required: true - tags: - - outposts - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedOutpostRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Outpost' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: outposts_instances_destroy - description: Outpost Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this outpost. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/instances/{uuid}/health/: - get: - operationId: outposts_instances_health_list - description: Get outposts current health - parameters: - - in: query - name: managed__icontains - schema: - type: string - - in: query - name: managed__iexact - schema: - type: string - - in: query - name: name__icontains - schema: - type: string - - in: query - name: name__iexact - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - in: query - name: providers__isnull - schema: - type: boolean - - in: query - name: providers_by_pk - schema: - type: array - items: - type: integer - explode: true - style: form - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: service_connection__name__icontains - schema: - type: string - - in: query - name: service_connection__name__iexact - schema: - type: string - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this outpost. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/OutpostHealth' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/instances/{uuid}/used_by/: - get: - operationId: outposts_instances_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this outpost. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/instances/default_settings/: - get: - operationId: outposts_instances_default_settings_retrieve - description: Global default outpost config - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/OutpostDefaultConfig' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/ldap/: - get: - operationId: outposts_ldap_list - description: LDAPProvider Viewset - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedLDAPOutpostConfigList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/ldap/{id}/: - get: - operationId: outposts_ldap_retrieve - description: LDAPProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this LDAP Provider. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPOutpostConfig' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/proxy/: - get: - operationId: outposts_proxy_list - description: ProxyProvider Viewset - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedProxyOutpostConfigList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/proxy/{id}/: - get: - operationId: outposts_proxy_retrieve - description: ProxyProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Proxy Provider. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ProxyOutpostConfig' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/service_connections/all/: - get: - operationId: outposts_service_connections_all_list - description: ServiceConnection Viewset - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedServiceConnectionList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/service_connections/all/{uuid}/: - get: - operationId: outposts_service_connections_all_retrieve - description: ServiceConnection Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Outpost Service-Connection. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ServiceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: outposts_service_connections_all_destroy - description: ServiceConnection Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Outpost Service-Connection. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/service_connections/all/{uuid}/state/: - get: - operationId: outposts_service_connections_all_state_retrieve - description: Get the service connection's state - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Outpost Service-Connection. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ServiceConnectionState' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/service_connections/all/{uuid}/used_by/: - get: - operationId: outposts_service_connections_all_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Outpost Service-Connection. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/service_connections/all/types/: - get: - operationId: outposts_service_connections_all_types_list - description: Get all creatable service connection types - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/TypeCreate' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/service_connections/docker/: - get: - operationId: outposts_service_connections_docker_list - description: DockerServiceConnection Viewset - parameters: - - in: query - name: local - schema: - type: boolean - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: tls_authentication - schema: - type: string - format: uuid - - in: query - name: tls_verification - schema: - type: string - format: uuid - - in: query - name: url - schema: - type: string - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedDockerServiceConnectionList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: outposts_service_connections_docker_create - description: DockerServiceConnection Viewset - tags: - - outposts - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DockerServiceConnectionRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/DockerServiceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/service_connections/docker/{uuid}/: - get: - operationId: outposts_service_connections_docker_retrieve - description: DockerServiceConnection Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Docker Service-Connection. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DockerServiceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: outposts_service_connections_docker_update - description: DockerServiceConnection Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Docker Service-Connection. - required: true - tags: - - outposts - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DockerServiceConnectionRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DockerServiceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: outposts_service_connections_docker_partial_update - description: DockerServiceConnection Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Docker Service-Connection. - required: true - tags: - - outposts - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DockerServiceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: outposts_service_connections_docker_destroy - description: DockerServiceConnection Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Docker Service-Connection. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/service_connections/docker/{uuid}/used_by/: - get: - operationId: outposts_service_connections_docker_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Docker Service-Connection. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/service_connections/kubernetes/: - get: - operationId: outposts_service_connections_kubernetes_list - description: KubernetesServiceConnection Viewset - parameters: - - in: query - name: local - schema: - type: boolean - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedKubernetesServiceConnectionList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: outposts_service_connections_kubernetes_create - description: KubernetesServiceConnection Viewset - tags: - - outposts - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/KubernetesServiceConnectionRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/KubernetesServiceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/service_connections/kubernetes/{uuid}/: - get: - operationId: outposts_service_connections_kubernetes_retrieve - description: KubernetesServiceConnection Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Kubernetes Service-Connection. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/KubernetesServiceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: outposts_service_connections_kubernetes_update - description: KubernetesServiceConnection Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Kubernetes Service-Connection. - required: true - tags: - - outposts - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/KubernetesServiceConnectionRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/KubernetesServiceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: outposts_service_connections_kubernetes_partial_update - description: KubernetesServiceConnection Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Kubernetes Service-Connection. - required: true - tags: - - outposts - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/KubernetesServiceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: outposts_service_connections_kubernetes_destroy - description: KubernetesServiceConnection Viewset - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Kubernetes Service-Connection. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /outposts/service_connections/kubernetes/{uuid}/used_by/: - get: - operationId: outposts_service_connections_kubernetes_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Kubernetes Service-Connection. - required: true - tags: - - outposts - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/all/: - get: - operationId: policies_all_list - description: Policy Viewset - parameters: - - in: query - name: bindings__isnull - schema: - type: boolean - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: promptstage__isnull - schema: - type: boolean - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedPolicyList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/all/{policy_uuid}/: - get: - operationId: policies_all_retrieve - description: Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Policy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: policies_all_destroy - description: Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/all/{policy_uuid}/test/: - post: - operationId: policies_all_test_create - description: Test policy - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PolicyTestRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PolicyTestResult' - description: '' - '400': - description: Invalid parameters - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/all/{policy_uuid}/used_by/: - get: - operationId: policies_all_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/all/cache_clear/: - post: - operationId: policies_all_cache_clear_create - description: Clear policy cache - tags: - - policies - security: - - authentik: [] - responses: - '204': - description: Successfully cleared cache - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/all/cache_info/: - get: - operationId: policies_all_cache_info_retrieve - description: Info about cached policies - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Cache' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/all/types/: - get: - operationId: policies_all_types_list - description: Get all creatable policy types - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/TypeCreate' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/bindings/: - get: - operationId: policies_bindings_list - description: PolicyBinding Viewset - parameters: - - in: query - name: enabled - schema: - type: boolean - - in: query - name: order - schema: - type: integer - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: policy - schema: - type: string - format: uuid - - in: query - name: policy__isnull - schema: - type: boolean - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: target - schema: - type: string - format: uuid - - in: query - name: target_in - schema: - type: array - items: - type: string - format: uuid - explode: true - style: form - - in: query - name: timeout - schema: - type: integer - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedPolicyBindingList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: policies_bindings_create - description: PolicyBinding Viewset - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PolicyBindingRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/PolicyBinding' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/bindings/{policy_binding_uuid}/: - get: - operationId: policies_bindings_retrieve - description: PolicyBinding Viewset - parameters: - - in: path - name: policy_binding_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Policy Binding. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PolicyBinding' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: policies_bindings_update - description: PolicyBinding Viewset - parameters: - - in: path - name: policy_binding_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Policy Binding. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PolicyBindingRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PolicyBinding' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: policies_bindings_partial_update - description: PolicyBinding Viewset - parameters: - - in: path - name: policy_binding_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Policy Binding. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedPolicyBindingRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PolicyBinding' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: policies_bindings_destroy - description: PolicyBinding Viewset - parameters: - - in: path - name: policy_binding_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Policy Binding. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/bindings/{policy_binding_uuid}/used_by/: - get: - operationId: policies_bindings_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: policy_binding_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Policy Binding. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/dummy/: - get: - operationId: policies_dummy_list - description: Dummy Viewset - parameters: - - in: query - name: created - schema: - type: string - format: date-time - - in: query - name: execution_logging - schema: - type: boolean - - in: query - name: last_updated - schema: - type: string - format: date-time - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: policy_uuid - schema: - type: string - format: uuid - - in: query - name: result - schema: - type: boolean - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: wait_max - schema: - type: integer - - in: query - name: wait_min - schema: - type: integer - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedDummyPolicyList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: policies_dummy_create - description: Dummy Viewset - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DummyPolicyRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/DummyPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/dummy/{policy_uuid}/: - get: - operationId: policies_dummy_retrieve - description: Dummy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Dummy Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DummyPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: policies_dummy_update - description: Dummy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Dummy Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DummyPolicyRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DummyPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: policies_dummy_partial_update - description: Dummy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Dummy Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedDummyPolicyRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DummyPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: policies_dummy_destroy - description: Dummy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Dummy Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/dummy/{policy_uuid}/used_by/: - get: - operationId: policies_dummy_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Dummy Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/event_matcher/: - get: - operationId: policies_event_matcher_list - description: Event Matcher Policy Viewset - parameters: - - in: query - name: action - schema: - type: string - enum: - - authorize_application - - configuration_error - - custom_ - - email_sent - - flow_execution - - impersonation_ended - - impersonation_started - - invitation_used - - login - - login_failed - - logout - - model_created - - model_deleted - - model_updated - - password_set - - policy_exception - - policy_execution - - property_mapping_exception - - secret_rotate - - secret_view - - source_linked - - suspicious_request - - system_exception - - system_task_exception - - system_task_execution - - update_available - - user_write - description: Match created events with this action type. When left empty, - all action types will be matched. - - in: query - name: app - schema: - type: string - enum: - - authentik.admin - - authentik.api - - authentik.blueprints - - authentik.core - - authentik.crypto - - authentik.events - - authentik.flows - - authentik.lib - - authentik.outposts - - authentik.policies - - authentik.policies.dummy - - authentik.policies.event_matcher - - authentik.policies.expiry - - authentik.policies.expression - - authentik.policies.hibp - - authentik.policies.password - - authentik.policies.reputation - - authentik.providers.ldap - - authentik.providers.oauth2 - - authentik.providers.proxy - - authentik.providers.saml - - authentik.recovery - - authentik.sources.ldap - - authentik.sources.oauth - - authentik.sources.plex - - authentik.sources.saml - - authentik.stages.authenticator_duo - - authentik.stages.authenticator_sms - - authentik.stages.authenticator_static - - authentik.stages.authenticator_totp - - authentik.stages.authenticator_validate - - authentik.stages.authenticator_webauthn - - authentik.stages.captcha - - authentik.stages.consent - - authentik.stages.deny - - authentik.stages.dummy - - authentik.stages.email - - authentik.stages.identification - - authentik.stages.invitation - - authentik.stages.password - - authentik.stages.prompt - - authentik.stages.user_delete - - authentik.stages.user_login - - authentik.stages.user_logout - - authentik.stages.user_write - - authentik.tenants - description: Match events created by selected application. When left empty, - all applications are matched. - - in: query - name: client_ip - schema: - type: string - - in: query - name: created - schema: - type: string - format: date-time - - in: query - name: execution_logging - schema: - type: boolean - - in: query - name: last_updated - schema: - type: string - format: date-time - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: policy_uuid - schema: - type: string - format: uuid - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedEventMatcherPolicyList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: policies_event_matcher_create - description: Event Matcher Policy Viewset - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EventMatcherPolicyRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/EventMatcherPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/event_matcher/{policy_uuid}/: - get: - operationId: policies_event_matcher_retrieve - description: Event Matcher Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Event Matcher Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/EventMatcherPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: policies_event_matcher_update - description: Event Matcher Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Event Matcher Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EventMatcherPolicyRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/EventMatcherPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: policies_event_matcher_partial_update - description: Event Matcher Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Event Matcher Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/EventMatcherPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: policies_event_matcher_destroy - description: Event Matcher Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Event Matcher Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/event_matcher/{policy_uuid}/used_by/: - get: - operationId: policies_event_matcher_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Event Matcher Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/expression/: - get: - operationId: policies_expression_list - description: Source Viewset - parameters: - - in: query - name: created - schema: - type: string - format: date-time - - in: query - name: execution_logging - schema: - type: boolean - - in: query - name: expression - schema: - type: string - - in: query - name: last_updated - schema: - type: string - format: date-time - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: policy_uuid - schema: - type: string - format: uuid - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedExpressionPolicyList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: policies_expression_create - description: Source Viewset - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExpressionPolicyRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/ExpressionPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/expression/{policy_uuid}/: - get: - operationId: policies_expression_retrieve - description: Source Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Expression Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ExpressionPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: policies_expression_update - description: Source Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Expression Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ExpressionPolicyRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ExpressionPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: policies_expression_partial_update - description: Source Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Expression Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedExpressionPolicyRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ExpressionPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: policies_expression_destroy - description: Source Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Expression Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/expression/{policy_uuid}/used_by/: - get: - operationId: policies_expression_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Expression Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/haveibeenpwned/: - get: - operationId: policies_haveibeenpwned_list - description: Source Viewset - parameters: - - in: query - name: allowed_count - schema: - type: integer - - in: query - name: created - schema: - type: string - format: date-time - - in: query - name: execution_logging - schema: - type: boolean - - in: query - name: last_updated - schema: - type: string - format: date-time - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: password_field - schema: - type: string - - in: query - name: policy_uuid - schema: - type: string - format: uuid - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedHaveIBeenPwendPolicyList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: policies_haveibeenpwned_create - description: Source Viewset - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/HaveIBeenPwendPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/haveibeenpwned/{policy_uuid}/: - get: - operationId: policies_haveibeenpwned_retrieve - description: Source Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Have I Been Pwned Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/HaveIBeenPwendPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: policies_haveibeenpwned_update - description: Source Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Have I Been Pwned Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/HaveIBeenPwendPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: policies_haveibeenpwned_partial_update - description: Source Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Have I Been Pwned Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedHaveIBeenPwendPolicyRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/HaveIBeenPwendPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: policies_haveibeenpwned_destroy - description: Source Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Have I Been Pwned Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/haveibeenpwned/{policy_uuid}/used_by/: - get: - operationId: policies_haveibeenpwned_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Have I Been Pwned Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/password/: - get: - operationId: policies_password_list - description: Password Policy Viewset - parameters: - - in: query - name: amount_digits - schema: - type: integer - - in: query - name: amount_lowercase - schema: - type: integer - - in: query - name: amount_symbols - schema: - type: integer - - in: query - name: amount_uppercase - schema: - type: integer - - in: query - name: check_have_i_been_pwned - schema: - type: boolean - - in: query - name: check_static_rules - schema: - type: boolean - - in: query - name: check_zxcvbn - schema: - type: boolean - - in: query - name: created - schema: - type: string - format: date-time - - in: query - name: error_message - schema: - type: string - - in: query - name: execution_logging - schema: - type: boolean - - in: query - name: hibp_allowed_count - schema: - type: integer - - in: query - name: last_updated - schema: - type: string - format: date-time - - in: query - name: length_min - schema: - type: integer - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: password_field - schema: - type: string - - in: query - name: policy_uuid - schema: - type: string - format: uuid - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: symbol_charset - schema: - type: string - - in: query - name: zxcvbn_score_threshold - schema: - type: integer - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedPasswordPolicyList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: policies_password_create - description: Password Policy Viewset - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordPolicyRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/password/{policy_uuid}/: - get: - operationId: policies_password_retrieve - description: Password Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: policies_password_update - description: Password Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordPolicyRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: policies_password_partial_update - description: Password Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedPasswordPolicyRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: policies_password_destroy - description: Password Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/password/{policy_uuid}/used_by/: - get: - operationId: policies_password_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/password_expiry/: - get: - operationId: policies_password_expiry_list - description: Password Expiry Viewset - parameters: - - in: query - name: created - schema: - type: string - format: date-time - - in: query - name: days - schema: - type: integer - - in: query - name: deny_only - schema: - type: boolean - - in: query - name: execution_logging - schema: - type: boolean - - in: query - name: last_updated - schema: - type: string - format: date-time - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: policy_uuid - schema: - type: string - format: uuid - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedPasswordExpiryPolicyList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: policies_password_expiry_create - description: Password Expiry Viewset - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordExpiryPolicyRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordExpiryPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/password_expiry/{policy_uuid}/: - get: - operationId: policies_password_expiry_retrieve - description: Password Expiry Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Expiry Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordExpiryPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: policies_password_expiry_update - description: Password Expiry Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Expiry Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordExpiryPolicyRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordExpiryPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: policies_password_expiry_partial_update - description: Password Expiry Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Expiry Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordExpiryPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: policies_password_expiry_destroy - description: Password Expiry Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Expiry Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/password_expiry/{policy_uuid}/used_by/: - get: - operationId: policies_password_expiry_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Expiry Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/reputation/: - get: - operationId: policies_reputation_list - description: Reputation Policy Viewset - parameters: - - in: query - name: check_ip - schema: - type: boolean - - in: query - name: check_username - schema: - type: boolean - - in: query - name: created - schema: - type: string - format: date-time - - in: query - name: execution_logging - schema: - type: boolean - - in: query - name: last_updated - schema: - type: string - format: date-time - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: policy_uuid - schema: - type: string - format: uuid - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: threshold - schema: - type: integer - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedReputationPolicyList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: policies_reputation_create - description: Reputation Policy Viewset - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ReputationPolicyRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/ReputationPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/reputation/{policy_uuid}/: - get: - operationId: policies_reputation_retrieve - description: Reputation Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Reputation Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ReputationPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: policies_reputation_update - description: Reputation Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Reputation Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ReputationPolicyRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ReputationPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: policies_reputation_partial_update - description: Reputation Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Reputation Policy. - required: true - tags: - - policies - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedReputationPolicyRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ReputationPolicy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: policies_reputation_destroy - description: Reputation Policy Viewset - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Reputation Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/reputation/{policy_uuid}/used_by/: - get: - operationId: policies_reputation_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: policy_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Reputation Policy. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/reputation/scores/: - get: - operationId: policies_reputation_scores_list - description: Reputation Viewset - parameters: - - in: query - name: identifier - schema: - type: string - - in: query - name: ip - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: score - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedReputationList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/reputation/scores/{reputation_uuid}/: - get: - operationId: policies_reputation_scores_retrieve - description: Reputation Viewset - parameters: - - in: path - name: reputation_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this reputation. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Reputation' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: policies_reputation_scores_destroy - description: Reputation Viewset - parameters: - - in: path - name: reputation_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this reputation. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /policies/reputation/scores/{reputation_uuid}/used_by/: - get: - operationId: policies_reputation_scores_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: reputation_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this reputation. - required: true - tags: - - policies - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/all/: - get: - operationId: propertymappings_all_list - description: PropertyMapping Viewset - parameters: - - in: query - name: managed__isnull - schema: - type: boolean - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedPropertyMappingList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/all/{pm_uuid}/: - get: - operationId: propertymappings_all_retrieve - description: PropertyMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Property Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PropertyMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: propertymappings_all_destroy - description: PropertyMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Property Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/all/{pm_uuid}/test/: - post: - operationId: propertymappings_all_test_create - description: Test Property Mapping - parameters: - - in: query - name: format_result - schema: - type: boolean - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Property Mapping. - required: true - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PolicyTestRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PropertyMappingTestResult' - description: '' - '400': - description: Invalid parameters - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/all/{pm_uuid}/used_by/: - get: - operationId: propertymappings_all_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Property Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/all/types/: - get: - operationId: propertymappings_all_types_list - description: Get all creatable property-mapping types - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/TypeCreate' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/ldap/: - get: - operationId: propertymappings_ldap_list - description: LDAP PropertyMapping Viewset - parameters: - - in: query - name: expression - schema: - type: string - - in: query - name: managed - schema: - type: array - items: - type: string - explode: true - style: form - - in: query - name: name - schema: - type: string - - in: query - name: object_field - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: pm_uuid - schema: - type: string - format: uuid - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedLDAPPropertyMappingList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: propertymappings_ldap_create - description: LDAP PropertyMapping Viewset - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPPropertyMappingRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPPropertyMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/ldap/{pm_uuid}/: - get: - operationId: propertymappings_ldap_retrieve - description: LDAP PropertyMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this LDAP Property Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPPropertyMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: propertymappings_ldap_update - description: LDAP PropertyMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this LDAP Property Mapping. - required: true - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPPropertyMappingRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPPropertyMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: propertymappings_ldap_partial_update - description: LDAP PropertyMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this LDAP Property Mapping. - required: true - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPPropertyMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: propertymappings_ldap_destroy - description: LDAP PropertyMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this LDAP Property Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/ldap/{pm_uuid}/used_by/: - get: - operationId: propertymappings_ldap_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this LDAP Property Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/notification/: - get: - operationId: propertymappings_notification_list - description: NotificationWebhookMapping Viewset - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedNotificationWebhookMappingList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: propertymappings_notification_create - description: NotificationWebhookMapping Viewset - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationWebhookMappingRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationWebhookMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/notification/{pm_uuid}/: - get: - operationId: propertymappings_notification_retrieve - description: NotificationWebhookMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Webhook Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationWebhookMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: propertymappings_notification_update - description: NotificationWebhookMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Webhook Mapping. - required: true - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationWebhookMappingRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationWebhookMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: propertymappings_notification_partial_update - description: NotificationWebhookMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Webhook Mapping. - required: true - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedNotificationWebhookMappingRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/NotificationWebhookMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: propertymappings_notification_destroy - description: NotificationWebhookMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Webhook Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/notification/{pm_uuid}/used_by/: - get: - operationId: propertymappings_notification_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Webhook Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/saml/: - get: - operationId: propertymappings_saml_list - description: SAMLPropertyMapping Viewset - parameters: - - in: query - name: expression - schema: - type: string - - in: query - name: friendly_name - schema: - type: string - - in: query - name: managed - schema: - type: array - items: - type: string - explode: true - style: form - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: pm_uuid - schema: - type: string - format: uuid - - in: query - name: saml_name - schema: - type: string - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedSAMLPropertyMappingList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: propertymappings_saml_create - description: SAMLPropertyMapping Viewset - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLPropertyMappingRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLPropertyMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/saml/{pm_uuid}/: - get: - operationId: propertymappings_saml_retrieve - description: SAMLPropertyMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this SAML Property Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLPropertyMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: propertymappings_saml_update - description: SAMLPropertyMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this SAML Property Mapping. - required: true - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLPropertyMappingRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLPropertyMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: propertymappings_saml_partial_update - description: SAMLPropertyMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this SAML Property Mapping. - required: true - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLPropertyMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: propertymappings_saml_destroy - description: SAMLPropertyMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this SAML Property Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/saml/{pm_uuid}/used_by/: - get: - operationId: propertymappings_saml_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this SAML Property Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/scope/: - get: - operationId: propertymappings_scope_list - description: ScopeMapping Viewset - parameters: - - in: query - name: managed - schema: - type: array - items: - type: string - explode: true - style: form - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: scope_name - schema: - type: string - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedScopeMappingList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: propertymappings_scope_create - description: ScopeMapping Viewset - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ScopeMappingRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/ScopeMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/scope/{pm_uuid}/: - get: - operationId: propertymappings_scope_retrieve - description: ScopeMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Scope Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ScopeMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: propertymappings_scope_update - description: ScopeMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Scope Mapping. - required: true - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ScopeMappingRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ScopeMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: propertymappings_scope_partial_update - description: ScopeMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Scope Mapping. - required: true - tags: - - propertymappings - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedScopeMappingRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ScopeMapping' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: propertymappings_scope_destroy - description: ScopeMapping Viewset - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Scope Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /propertymappings/scope/{pm_uuid}/used_by/: - get: - operationId: propertymappings_scope_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: pm_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Scope Mapping. - required: true - tags: - - propertymappings - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/all/: - get: - operationId: providers_all_list - description: Provider Viewset - parameters: - - in: query - name: application__isnull - schema: - type: boolean - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedProviderList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/all/{id}/: - get: - operationId: providers_all_retrieve - description: Provider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Provider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: providers_all_destroy - description: Provider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/all/{id}/used_by/: - get: - operationId: providers_all_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/all/types/: - get: - operationId: providers_all_types_list - description: Get all creatable provider types - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/TypeCreate' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/ldap/: - get: - operationId: providers_ldap_list - description: LDAPProvider Viewset - parameters: - - in: query - name: application__isnull - schema: - type: boolean - - in: query - name: authorization_flow__slug__iexact - schema: - type: string - - in: query - name: base_dn__iexact - schema: - type: string - - in: query - name: certificate__kp_uuid__iexact - schema: - type: string - format: uuid - - in: query - name: certificate__name__iexact - schema: - type: string - - in: query - name: gid_start_number__iexact - schema: - type: integer - - in: query - name: name__iexact - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: search_group__group_uuid__iexact - schema: - type: string - format: uuid - - in: query - name: search_group__name__iexact - schema: - type: string - - in: query - name: tls_server_name__iexact - schema: - type: string - - in: query - name: uid_start_number__iexact - schema: - type: integer - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedLDAPProviderList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: providers_ldap_create - description: LDAPProvider Viewset - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPProviderRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/ldap/{id}/: - get: - operationId: providers_ldap_retrieve - description: LDAPProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this LDAP Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: providers_ldap_update - description: LDAPProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this LDAP Provider. - required: true - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPProviderRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: providers_ldap_partial_update - description: LDAPProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this LDAP Provider. - required: true - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedLDAPProviderRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: providers_ldap_destroy - description: LDAPProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this LDAP Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/ldap/{id}/used_by/: - get: - operationId: providers_ldap_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this LDAP Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/oauth2/: - get: - operationId: providers_oauth2_list - description: OAuth2Provider Viewset - parameters: - - in: query - name: access_code_validity - schema: - type: string - - in: query - name: application - schema: - type: string - format: uuid - - in: query - name: authorization_flow - schema: - type: string - format: uuid - - in: query - name: client_id - schema: - type: string - - in: query - name: client_type - schema: - type: string - enum: - - confidential - - public - description: Confidential clients are capable of maintaining the confidentiality - of their credentials. Public clients are incapable - - in: query - name: include_claims_in_id_token - schema: - type: boolean - - in: query - name: issuer_mode - schema: - type: string - enum: - - global - - per_provider - description: Configure how the issuer field of the ID Token should be filled. - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: property_mappings - schema: - type: array - items: - type: string - format: uuid - explode: true - style: form - - in: query - name: redirect_uris - schema: - type: string - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: signing_key - schema: - type: string - format: uuid - - in: query - name: sub_mode - schema: - type: string - enum: - - hashed_user_id - - user_email - - user_upn - - user_username - description: Configure what data should be used as unique User Identifier. - For most cases, the default should be fine. - - in: query - name: token_validity - schema: - type: string - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedOAuth2ProviderList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: providers_oauth2_create - description: OAuth2Provider Viewset - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/OAuth2ProviderRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/OAuth2Provider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/oauth2/{id}/: - get: - operationId: providers_oauth2_retrieve - description: OAuth2Provider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this OAuth2/OpenID Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/OAuth2Provider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: providers_oauth2_update - description: OAuth2Provider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this OAuth2/OpenID Provider. - required: true - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/OAuth2ProviderRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/OAuth2Provider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: providers_oauth2_partial_update - description: OAuth2Provider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this OAuth2/OpenID Provider. - required: true - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedOAuth2ProviderRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/OAuth2Provider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: providers_oauth2_destroy - description: OAuth2Provider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this OAuth2/OpenID Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/oauth2/{id}/preview_user/: - get: - operationId: providers_oauth2_preview_user_retrieve - description: Preview user data for provider - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this OAuth2/OpenID Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PropertyMappingPreview' - description: '' - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/oauth2/{id}/setup_urls/: - get: - operationId: providers_oauth2_setup_urls_retrieve - description: Get Providers setup URLs - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this OAuth2/OpenID Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/OAuth2ProviderSetupURLs' - description: '' - '404': - description: Provider has no application assigned - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/oauth2/{id}/used_by/: - get: - operationId: providers_oauth2_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this OAuth2/OpenID Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/proxy/: - get: - operationId: providers_proxy_list - description: ProxyProvider Viewset - parameters: - - in: query - name: application__isnull - schema: - type: boolean - - in: query - name: authorization_flow__slug__iexact - schema: - type: string - - in: query - name: basic_auth_enabled__iexact - schema: - type: boolean - - in: query - name: basic_auth_password_attribute__iexact - schema: - type: string - - in: query - name: basic_auth_user_attribute__iexact - schema: - type: string - - in: query - name: certificate__kp_uuid__iexact - schema: - type: string - format: uuid - - in: query - name: certificate__name__iexact - schema: - type: string - - in: query - name: cookie_domain__iexact - schema: - type: string - - in: query - name: external_host__iexact - schema: - type: string - - in: query - name: internal_host__iexact - schema: - type: string - - in: query - name: internal_host_ssl_validation__iexact - schema: - type: boolean - - in: query - name: mode__iexact - schema: - type: string - - in: query - name: name__iexact - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: property_mappings__iexact - schema: - type: array - items: - type: string - format: uuid - explode: true - style: form - - in: query - name: redirect_uris__iexact - schema: - type: string - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: skip_path_regex__iexact - schema: - type: string - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedProxyProviderList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: providers_proxy_create - description: ProxyProvider Viewset - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ProxyProviderRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/ProxyProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/proxy/{id}/: - get: - operationId: providers_proxy_retrieve - description: ProxyProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Proxy Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ProxyProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: providers_proxy_update - description: ProxyProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Proxy Provider. - required: true - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ProxyProviderRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ProxyProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: providers_proxy_partial_update - description: ProxyProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Proxy Provider. - required: true - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedProxyProviderRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ProxyProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: providers_proxy_destroy - description: ProxyProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Proxy Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/proxy/{id}/used_by/: - get: - operationId: providers_proxy_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this Proxy Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/saml/: - get: - operationId: providers_saml_list - description: SAMLProvider Viewset - parameters: - - in: query - name: acs_url - schema: - type: string - - in: query - name: assertion_valid_not_before - schema: - type: string - - in: query - name: assertion_valid_not_on_or_after - schema: - type: string - - in: query - name: audience - schema: - type: string - - in: query - name: authorization_flow - schema: - type: string - format: uuid - - in: query - name: digest_algorithm - schema: - type: string - enum: - - http://www.w3.org/2000/09/xmldsig#sha1 - - http://www.w3.org/2001/04/xmldsig-more#sha384 - - http://www.w3.org/2001/04/xmlenc#sha256 - - http://www.w3.org/2001/04/xmlenc#sha512 - - in: query - name: issuer - schema: - type: string - - in: query - name: name - schema: - type: string - - in: query - name: name_id_mapping - schema: - type: string - format: uuid - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: property_mappings - schema: - type: array - items: - type: string - format: uuid - explode: true - style: form - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: session_valid_not_on_or_after - schema: - type: string - - in: query - name: signature_algorithm - schema: - type: string - enum: - - http://www.w3.org/2000/09/xmldsig#dsa-sha1 - - http://www.w3.org/2000/09/xmldsig#rsa-sha1 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 - - in: query - name: signing_kp - schema: - type: string - format: uuid - - in: query - name: sp_binding - schema: - type: string - title: Service Provider Binding - enum: - - post - - redirect - description: This determines how authentik sends the response back to the - Service Provider. - - in: query - name: verification_kp - schema: - type: string - format: uuid - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedSAMLProviderList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: providers_saml_create - description: SAMLProvider Viewset - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLProviderRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/saml/{id}/: - get: - operationId: providers_saml_retrieve - description: SAMLProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SAML Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: providers_saml_update - description: SAMLProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SAML Provider. - required: true - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLProviderRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: providers_saml_partial_update - description: SAMLProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SAML Provider. - required: true - tags: - - providers - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedSAMLProviderRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLProvider' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: providers_saml_destroy - description: SAMLProvider Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SAML Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/saml/{id}/metadata/: - get: - operationId: providers_saml_metadata_retrieve - description: Return metadata as XML string - parameters: - - in: query - name: download - schema: - type: boolean - - in: query - name: force_binding - schema: - type: string - enum: - - urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST - - urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect - description: Optionally force the metadata to only include one binding. - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SAML Provider. - required: true - tags: - - providers - security: - - authentik: [] - - {} - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLMetadata' - description: '' - '404': - description: Provider has no application assigned - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/saml/{id}/preview_user/: - get: - operationId: providers_saml_preview_user_retrieve - description: Preview user data for provider - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SAML Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PropertyMappingPreview' - description: '' - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/saml/{id}/used_by/: - get: - operationId: providers_saml_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this SAML Provider. - required: true - tags: - - providers - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /providers/saml/import_metadata/: - post: - operationId: providers_saml_import_metadata_create - description: Create provider from SAML Metadata - tags: - - providers - requestBody: - content: - multipart/form-data: - schema: - $ref: '#/components/schemas/SAMLProviderImportRequest' - required: true - security: - - authentik: [] - responses: - '204': - description: Successfully imported provider - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /root/config/: - get: - operationId: root_config_retrieve - description: Retrieve public configuration options - tags: - - root - security: - - authentik: [] - - {} - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Config' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /schema/: - get: - operationId: schema_retrieve - description: |- - OpenApi3 schema for this API. Format can be selected via content negotiation. - - - YAML: application/vnd.oai.openapi - - JSON: application/vnd.oai.openapi+json - parameters: - - in: query - name: format - schema: - type: string - enum: - - json - - yaml - - in: query - name: lang - schema: - type: string - enum: - - af - - ar - - ar-dz - - ast - - az - - be - - bg - - bn - - br - - bs - - ca - - cs - - cy - - da - - de - - dsb - - el - - en - - en-au - - en-gb - - eo - - es - - es-ar - - es-co - - es-mx - - es-ni - - es-ve - - et - - eu - - fa - - fi - - fr - - fy - - ga - - gd - - gl - - he - - hi - - hr - - hsb - - hu - - hy - - ia - - id - - ig - - io - - is - - it - - ja - - ka - - kab - - kk - - km - - kn - - ko - - ky - - lb - - lt - - lv - - mk - - ml - - mn - - mr - - ms - - my - - nb - - ne - - nl - - nn - - os - - pa - - pl - - pt - - pt-br - - ro - - ru - - sk - - sl - - sq - - sr - - sr-latn - - sv - - sw - - ta - - te - - tg - - th - - tk - - tr - - tt - - udm - - uk - - ur - - uz - - vi - - zh-hans - - zh-hant - tags: - - schema - security: - - authentik: [] - - {} - responses: - '200': - content: - application/vnd.oai.openapi: - schema: - type: object - additionalProperties: {} - application/yaml: - schema: - type: object - additionalProperties: {} - application/vnd.oai.openapi+json: - schema: - type: object - additionalProperties: {} - application/json: - schema: - type: object - additionalProperties: {} - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/all/: - get: - operationId: sources_all_list - description: Source Viewset - parameters: - - in: query - name: managed - schema: - type: string - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: slug - schema: - type: string - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedSourceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/all/{slug}/: - get: - operationId: sources_all_retrieve - description: Source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Source' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: sources_all_destroy - description: Source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/all/{slug}/set_icon/: - post: - operationId: sources_all_set_icon_create - description: Set source icon - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - requestBody: - content: - multipart/form-data: - schema: - $ref: '#/components/schemas/FileUploadRequest' - security: - - authentik: [] - responses: - '200': - description: Success - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/all/{slug}/set_icon_url/: - post: - operationId: sources_all_set_icon_url_create - description: Set source icon (as URL) - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/FilePathRequest' - required: true - security: - - authentik: [] - responses: - '200': - description: Success - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/all/{slug}/used_by/: - get: - operationId: sources_all_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/all/types/: - get: - operationId: sources_all_types_list - description: Get all creatable source types - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/TypeCreate' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/all/user_settings/: - get: - operationId: sources_all_user_settings_list - description: Get all sources the user can configure - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UserSetting' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/ldap/: - get: - operationId: sources_ldap_list - description: LDAP Source Viewset - parameters: - - in: query - name: additional_group_dn - schema: - type: string - - in: query - name: additional_user_dn - schema: - type: string - - in: query - name: base_dn - schema: - type: string - - in: query - name: bind_cn - schema: - type: string - - in: query - name: enabled - schema: - type: boolean - - in: query - name: group_membership_field - schema: - type: string - - in: query - name: group_object_filter - schema: - type: string - - in: query - name: name - schema: - type: string - - in: query - name: object_uniqueness_field - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: peer_certificate - schema: - type: string - format: uuid - - in: query - name: property_mappings - schema: - type: array - items: - type: string - format: uuid - explode: true - style: form - - in: query - name: property_mappings_group - schema: - type: array - items: - type: string - format: uuid - explode: true - style: form - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: server_uri - schema: - type: string - - in: query - name: slug - schema: - type: string - - in: query - name: start_tls - schema: - type: boolean - - in: query - name: sync_groups - schema: - type: boolean - - in: query - name: sync_parent_group - schema: - type: string - format: uuid - - in: query - name: sync_users - schema: - type: boolean - - in: query - name: sync_users_password - schema: - type: boolean - - in: query - name: user_object_filter - schema: - type: string - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedLDAPSourceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: sources_ldap_create - description: LDAP Source Viewset - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPSourceRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/ldap/{slug}/: - get: - operationId: sources_ldap_retrieve - description: LDAP Source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: sources_ldap_update - description: LDAP Source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPSourceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: sources_ldap_partial_update - description: LDAP Source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedLDAPSourceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/LDAPSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: sources_ldap_destroy - description: LDAP Source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/ldap/{slug}/sync_status/: - get: - operationId: sources_ldap_sync_status_list - description: Get source's sync status - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/Task' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/ldap/{slug}/used_by/: - get: - operationId: sources_ldap_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/oauth/: - get: - operationId: sources_oauth_list - description: Source Viewset - parameters: - - in: query - name: access_token_url - schema: - type: string - - in: query - name: additional_scopes - schema: - type: string - - in: query - name: authentication_flow - schema: - type: string - format: uuid - - in: query - name: authorization_url - schema: - type: string - - in: query - name: consumer_key - schema: - type: string - - in: query - name: enabled - schema: - type: boolean - - in: query - name: enrollment_flow - schema: - type: string - format: uuid - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: policy_engine_mode - schema: - type: string - enum: - - all - - any - - in: query - name: profile_url - schema: - type: string - - in: query - name: provider_type - schema: - type: string - - in: query - name: request_token_url - schema: - type: string - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: slug - schema: - type: string - - in: query - name: user_matching_mode - schema: - type: string - enum: - - email_deny - - email_link - - identifier - - username_deny - - username_link - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedOAuthSourceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: sources_oauth_create - description: Source Viewset - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/OAuthSourceRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/OAuthSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/oauth/{slug}/: - get: - operationId: sources_oauth_retrieve - description: Source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/OAuthSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: sources_oauth_update - description: Source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/OAuthSourceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/OAuthSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: sources_oauth_partial_update - description: Source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedOAuthSourceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/OAuthSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: sources_oauth_destroy - description: Source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/oauth/{slug}/used_by/: - get: - operationId: sources_oauth_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/oauth/source_types/: - get: - operationId: sources_oauth_source_types_list - description: |- - Get all creatable source types. If ?name is set, only returns the type for . - If isn't found, returns the default type. - parameters: - - in: query - name: name - schema: - type: string - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/SourceType' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/plex/: - get: - operationId: sources_plex_list - description: Plex source Viewset - parameters: - - in: query - name: allow_friends - schema: - type: boolean - - in: query - name: authentication_flow - schema: - type: string - format: uuid - - in: query - name: client_id - schema: - type: string - - in: query - name: enabled - schema: - type: boolean - - in: query - name: enrollment_flow - schema: - type: string - format: uuid - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: policy_engine_mode - schema: - type: string - enum: - - all - - any - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: slug - schema: - type: string - - in: query - name: user_matching_mode - schema: - type: string - enum: - - email_deny - - email_link - - identifier - - username_deny - - username_link - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedPlexSourceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: sources_plex_create - description: Plex source Viewset - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSourceRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/plex/{slug}/: - get: - operationId: sources_plex_retrieve - description: Plex source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: sources_plex_update - description: Plex source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSourceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: sources_plex_partial_update - description: Plex source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedPlexSourceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: sources_plex_destroy - description: Plex source Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/plex/{slug}/used_by/: - get: - operationId: sources_plex_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/plex/redeem_token/: - post: - operationId: sources_plex_redeem_token_create - description: |- - Redeem a plex token, check it's access to resources against what's allowed - for the source, and redirect to an authentication/enrollment flow. - parameters: - - in: query - name: slug - schema: - type: string - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PlexTokenRedeemRequest' - required: true - security: - - authentik: [] - - {} - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/RedirectChallenge' - description: '' - '400': - description: Token not found - '403': - description: Access denied - /sources/plex/redeem_token_authenticated/: - post: - operationId: sources_plex_redeem_token_authenticated_create - description: Redeem a plex token for an authenticated user, creating a connection - parameters: - - in: query - name: slug - schema: - type: string - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PlexTokenRedeemRequest' - required: true - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - description: Token not found - '403': - description: Access denied - /sources/saml/: - get: - operationId: sources_saml_list - description: SAMLSource Viewset - parameters: - - in: query - name: allow_idp_initiated - schema: - type: boolean - - in: query - name: authentication_flow - schema: - type: string - format: uuid - - in: query - name: binding_type - schema: - type: string - enum: - - POST - - POST_AUTO - - REDIRECT - - in: query - name: digest_algorithm - schema: - type: string - enum: - - http://www.w3.org/2000/09/xmldsig#sha1 - - http://www.w3.org/2001/04/xmldsig-more#sha384 - - http://www.w3.org/2001/04/xmlenc#sha256 - - http://www.w3.org/2001/04/xmlenc#sha512 - - in: query - name: enabled - schema: - type: boolean - - in: query - name: enrollment_flow - schema: - type: string - format: uuid - - in: query - name: issuer - schema: - type: string - - in: query - name: managed - schema: - type: string - - in: query - name: name - schema: - type: string - - in: query - name: name_id_policy - schema: - type: string - enum: - - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress - - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName - - urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName - - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent - - urn:oasis:names:tc:SAML:2.0:nameid-format:transient - description: NameID Policy sent to the IdP. Can be unset, in which case no - Policy is sent. - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: policy_engine_mode - schema: - type: string - enum: - - all - - any - - in: query - name: pre_authentication_flow - schema: - type: string - format: uuid - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: signature_algorithm - schema: - type: string - enum: - - http://www.w3.org/2000/09/xmldsig#dsa-sha1 - - http://www.w3.org/2000/09/xmldsig#rsa-sha1 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 - - in: query - name: signing_kp - schema: - type: string - format: uuid - - in: query - name: slo_url - schema: - type: string - - in: query - name: slug - schema: - type: string - - in: query - name: sso_url - schema: - type: string - - in: query - name: temporary_user_delete_after - schema: - type: string - - in: query - name: user_matching_mode - schema: - type: string - enum: - - email_deny - - email_link - - identifier - - username_deny - - username_link - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedSAMLSourceList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: sources_saml_create - description: SAMLSource Viewset - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLSourceRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/saml/{slug}/: - get: - operationId: sources_saml_retrieve - description: SAMLSource Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: sources_saml_update - description: SAMLSource Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLSourceRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: sources_saml_partial_update - description: SAMLSource Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedSAMLSourceRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLSource' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: sources_saml_destroy - description: SAMLSource Viewset - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/saml/{slug}/metadata/: - get: - operationId: sources_saml_metadata_retrieve - description: Return metadata as XML string - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/SAMLMetadata' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/saml/{slug}/used_by/: - get: - operationId: sources_saml_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: slug - schema: - type: string - description: Internal source name, used in URLs. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/all/: - get: - operationId: sources_user_connections_all_list - description: User-source connection Viewset - parameters: - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedUserSourceConnectionList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/all/{id}/: - get: - operationId: sources_user_connections_all_retrieve - description: User-source connection Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this user source connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: sources_user_connections_all_update - description: User-source connection Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this user source connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: sources_user_connections_all_partial_update - description: User-source connection Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this user source connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: sources_user_connections_all_destroy - description: User-source connection Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this user source connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/all/{id}/used_by/: - get: - operationId: sources_user_connections_all_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this user source connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/oauth/: - get: - operationId: sources_user_connections_oauth_list - description: Source Viewset - parameters: - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: source__slug - schema: - type: string - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedUserOAuthSourceConnectionList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: sources_user_connections_oauth_create - description: Source Viewset - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/UserOAuthSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/oauth/{id}/: - get: - operationId: sources_user_connections_oauth_retrieve - description: Source Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User OAuth Source Connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserOAuthSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: sources_user_connections_oauth_update - description: Source Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User OAuth Source Connection. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserOAuthSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: sources_user_connections_oauth_partial_update - description: Source Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User OAuth Source Connection. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserOAuthSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: sources_user_connections_oauth_destroy - description: Source Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User OAuth Source Connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/oauth/{id}/used_by/: - get: - operationId: sources_user_connections_oauth_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User OAuth Source Connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/plex/: - get: - operationId: sources_user_connections_plex_list - description: Plex Source connection Serializer - parameters: - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: source__slug - schema: - type: string - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedPlexSourceConnectionList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: sources_user_connections_plex_create - description: Plex Source connection Serializer - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSourceConnectionRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/plex/{id}/: - get: - operationId: sources_user_connections_plex_retrieve - description: Plex Source connection Serializer - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User Plex Source Connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: sources_user_connections_plex_update - description: Plex Source connection Serializer - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User Plex Source Connection. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSourceConnectionRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: sources_user_connections_plex_partial_update - description: Plex Source connection Serializer - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User Plex Source Connection. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedPlexSourceConnectionRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PlexSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: sources_user_connections_plex_destroy - description: Plex Source connection Serializer - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User Plex Source Connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/plex/{id}/used_by/: - get: - operationId: sources_user_connections_plex_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User Plex Source Connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/saml/: - get: - operationId: sources_user_connections_saml_list - description: Source Viewset - parameters: - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: source__slug - schema: - type: string - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedUserSAMLSourceConnectionList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: sources_user_connections_saml_create - description: Source Viewset - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserSAMLSourceConnectionRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/UserSAMLSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/saml/{id}/: - get: - operationId: sources_user_connections_saml_retrieve - description: Source Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User SAML Source Connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserSAMLSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: sources_user_connections_saml_update - description: Source Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User SAML Source Connection. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserSAMLSourceConnectionRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserSAMLSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: sources_user_connections_saml_partial_update - description: Source Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User SAML Source Connection. - required: true - tags: - - sources - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedUserSAMLSourceConnectionRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserSAMLSourceConnection' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: sources_user_connections_saml_destroy - description: Source Viewset - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User SAML Source Connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /sources/user_connections/saml/{id}/used_by/: - get: - operationId: sources_user_connections_saml_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: id - schema: - type: integer - description: A unique integer value identifying this User SAML Source Connection. - required: true - tags: - - sources - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/all/: - get: - operationId: stages_all_list - description: Stage Viewset - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/all/{stage_uuid}/: - get: - operationId: stages_all_retrieve - description: Stage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Stage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_all_destroy - description: Stage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/all/{stage_uuid}/used_by/: - get: - operationId: stages_all_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/all/types/: - get: - operationId: stages_all_types_list - description: Get all creatable stage types - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/TypeCreate' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/all/user_settings/: - get: - operationId: stages_all_user_settings_list - description: Get all stages the user can configure - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UserSetting' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/duo/: - get: - operationId: stages_authenticator_duo_list - description: AuthenticatorDuoStage Viewset - parameters: - - in: query - name: api_hostname - schema: - type: string - - in: query - name: client_id - schema: - type: string - - in: query - name: configure_flow - schema: - type: string - format: uuid - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedAuthenticatorDuoStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_authenticator_duo_create - description: AuthenticatorDuoStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorDuoStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorDuoStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/duo/{stage_uuid}/: - get: - operationId: stages_authenticator_duo_retrieve - description: AuthenticatorDuoStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Duo Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorDuoStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_authenticator_duo_update - description: AuthenticatorDuoStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Duo Authenticator Setup Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorDuoStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorDuoStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_authenticator_duo_partial_update - description: AuthenticatorDuoStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Duo Authenticator Setup Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedAuthenticatorDuoStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorDuoStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_authenticator_duo_destroy - description: AuthenticatorDuoStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Duo Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/duo/{stage_uuid}/enrollment_status/: - post: - operationId: stages_authenticator_duo_enrollment_status_create - description: Check enrollment status of user details in current session - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Duo Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DuoDeviceEnrollmentStatus' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/duo/{stage_uuid}/import_device_manual/: - post: - operationId: stages_authenticator_duo_import_device_manual_create - description: Import duo devices into authentik - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Duo Authenticator Setup Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorDuoStageManualDeviceImportRequest' - required: true - security: - - authentik: [] - responses: - '204': - description: Enrollment successful - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/duo/{stage_uuid}/import_devices_automatic/: - post: - operationId: stages_authenticator_duo_import_devices_automatic_create - description: Import duo devices into authentik - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Duo Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorDuoStageDeviceImportResponse' - description: '' - '400': - description: Bad request - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/duo/{stage_uuid}/used_by/: - get: - operationId: stages_authenticator_duo_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Duo Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/sms/: - get: - operationId: stages_authenticator_sms_list - description: AuthenticatorSMSStage Viewset - parameters: - - in: query - name: account_sid - schema: - type: string - - in: query - name: auth - schema: - type: string - - in: query - name: auth_password - schema: - type: string - - in: query - name: auth_type - schema: - type: string - enum: - - basic - - bearer - - in: query - name: configure_flow - schema: - type: string - format: uuid - - in: query - name: from_number - schema: - type: string - - in: query - name: mapping - schema: - type: string - format: uuid - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: provider - schema: - type: string - enum: - - generic - - twilio - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - - in: query - name: verify_only - schema: - type: boolean - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedAuthenticatorSMSStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_authenticator_sms_create - description: AuthenticatorSMSStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorSMSStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorSMSStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/sms/{stage_uuid}/: - get: - operationId: stages_authenticator_sms_retrieve - description: AuthenticatorSMSStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this SMS Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorSMSStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_authenticator_sms_update - description: AuthenticatorSMSStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this SMS Authenticator Setup Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorSMSStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorSMSStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_authenticator_sms_partial_update - description: AuthenticatorSMSStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this SMS Authenticator Setup Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedAuthenticatorSMSStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorSMSStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_authenticator_sms_destroy - description: AuthenticatorSMSStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this SMS Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/sms/{stage_uuid}/used_by/: - get: - operationId: stages_authenticator_sms_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this SMS Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/static/: - get: - operationId: stages_authenticator_static_list - description: AuthenticatorStaticStage Viewset - parameters: - - in: query - name: configure_flow - schema: - type: string - format: uuid - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - - in: query - name: token_count - schema: - type: integer - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedAuthenticatorStaticStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_authenticator_static_create - description: AuthenticatorStaticStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorStaticStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorStaticStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/static/{stage_uuid}/: - get: - operationId: stages_authenticator_static_retrieve - description: AuthenticatorStaticStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Static Authenticator Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorStaticStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_authenticator_static_update - description: AuthenticatorStaticStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Static Authenticator Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorStaticStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorStaticStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_authenticator_static_partial_update - description: AuthenticatorStaticStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Static Authenticator Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorStaticStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_authenticator_static_destroy - description: AuthenticatorStaticStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Static Authenticator Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/static/{stage_uuid}/used_by/: - get: - operationId: stages_authenticator_static_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Static Authenticator Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/totp/: - get: - operationId: stages_authenticator_totp_list - description: AuthenticatorTOTPStage Viewset - parameters: - - in: query - name: configure_flow - schema: - type: string - format: uuid - - in: query - name: digits - schema: - type: integer - enum: - - 6 - - 8 - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_authenticator_totp_create - description: AuthenticatorTOTPStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorTOTPStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/totp/{stage_uuid}/: - get: - operationId: stages_authenticator_totp_retrieve - description: AuthenticatorTOTPStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this TOTP Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorTOTPStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_authenticator_totp_update - description: AuthenticatorTOTPStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this TOTP Authenticator Setup Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorTOTPStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_authenticator_totp_partial_update - description: AuthenticatorTOTPStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this TOTP Authenticator Setup Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorTOTPStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_authenticator_totp_destroy - description: AuthenticatorTOTPStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this TOTP Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/totp/{stage_uuid}/used_by/: - get: - operationId: stages_authenticator_totp_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this TOTP Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/validate/: - get: - operationId: stages_authenticator_validate_list - description: AuthenticatorValidateStage Viewset - parameters: - - in: query - name: configuration_stages - schema: - type: array - items: - type: string - format: uuid - explode: true - style: form - - in: query - name: name - schema: - type: string - - in: query - name: not_configured_action - schema: - type: string - enum: - - configure - - deny - - skip - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_authenticator_validate_create - description: AuthenticatorValidateStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorValidateStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorValidateStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/validate/{stage_uuid}/: - get: - operationId: stages_authenticator_validate_retrieve - description: AuthenticatorValidateStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Authenticator Validation Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorValidateStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_authenticator_validate_update - description: AuthenticatorValidateStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Authenticator Validation Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorValidateStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorValidateStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_authenticator_validate_partial_update - description: AuthenticatorValidateStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Authenticator Validation Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticatorValidateStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_authenticator_validate_destroy - description: AuthenticatorValidateStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Authenticator Validation Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/validate/{stage_uuid}/used_by/: - get: - operationId: stages_authenticator_validate_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Authenticator Validation Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/webauthn/: - get: - operationId: stages_authenticator_webauthn_list - description: AuthenticateWebAuthnStage Viewset - parameters: - - in: query - name: authenticator_attachment - schema: - type: string - nullable: true - enum: - - cross-platform - - platform - - in: query - name: configure_flow - schema: - type: string - format: uuid - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: resident_key_requirement - schema: - type: string - enum: - - discouraged - - preferred - - required - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - - in: query - name: user_verification - schema: - type: string - enum: - - discouraged - - preferred - - required - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedAuthenticateWebAuthnStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_authenticator_webauthn_create - description: AuthenticateWebAuthnStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticateWebAuthnStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/webauthn/{stage_uuid}/: - get: - operationId: stages_authenticator_webauthn_retrieve - description: AuthenticateWebAuthnStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this WebAuthn Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticateWebAuthnStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_authenticator_webauthn_update - description: AuthenticateWebAuthnStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this WebAuthn Authenticator Setup Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticateWebAuthnStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_authenticator_webauthn_partial_update - description: AuthenticateWebAuthnStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this WebAuthn Authenticator Setup Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/AuthenticateWebAuthnStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_authenticator_webauthn_destroy - description: AuthenticateWebAuthnStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this WebAuthn Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/authenticator/webauthn/{stage_uuid}/used_by/: - get: - operationId: stages_authenticator_webauthn_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this WebAuthn Authenticator Setup Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/captcha/: - get: - operationId: stages_captcha_list - description: CaptchaStage Viewset - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: public_key - schema: - type: string - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedCaptchaStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_captcha_create - description: CaptchaStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CaptchaStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/CaptchaStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/captcha/{stage_uuid}/: - get: - operationId: stages_captcha_retrieve - description: CaptchaStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Captcha Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/CaptchaStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_captcha_update - description: CaptchaStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Captcha Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CaptchaStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/CaptchaStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_captcha_partial_update - description: CaptchaStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Captcha Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedCaptchaStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/CaptchaStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_captcha_destroy - description: CaptchaStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Captcha Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/captcha/{stage_uuid}/used_by/: - get: - operationId: stages_captcha_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Captcha Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/consent/: - get: - operationId: stages_consent_list - description: ConsentStage Viewset - parameters: - - in: query - name: consent_expire_in - schema: - type: string - - in: query - name: mode - schema: - type: string - enum: - - always_require - - expiring - - permanent - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedConsentStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_consent_create - description: ConsentStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ConsentStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/ConsentStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/consent/{stage_uuid}/: - get: - operationId: stages_consent_retrieve - description: ConsentStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Consent Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ConsentStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_consent_update - description: ConsentStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Consent Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ConsentStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ConsentStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_consent_partial_update - description: ConsentStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Consent Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedConsentStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/ConsentStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_consent_destroy - description: ConsentStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Consent Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/consent/{stage_uuid}/used_by/: - get: - operationId: stages_consent_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Consent Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/deny/: - get: - operationId: stages_deny_list - description: DenyStage Viewset - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedDenyStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_deny_create - description: DenyStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DenyStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/DenyStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/deny/{stage_uuid}/: - get: - operationId: stages_deny_retrieve - description: DenyStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Deny Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DenyStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_deny_update - description: DenyStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Deny Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DenyStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DenyStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_deny_partial_update - description: DenyStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Deny Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedDenyStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DenyStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_deny_destroy - description: DenyStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Deny Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/deny/{stage_uuid}/used_by/: - get: - operationId: stages_deny_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Deny Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/dummy/: - get: - operationId: stages_dummy_list - description: DummyStage Viewset - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedDummyStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_dummy_create - description: DummyStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DummyStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/DummyStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/dummy/{stage_uuid}/: - get: - operationId: stages_dummy_retrieve - description: DummyStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Dummy Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DummyStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_dummy_update - description: DummyStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Dummy Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/DummyStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DummyStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_dummy_partial_update - description: DummyStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Dummy Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedDummyStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/DummyStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_dummy_destroy - description: DummyStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Dummy Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/dummy/{stage_uuid}/used_by/: - get: - operationId: stages_dummy_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Dummy Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/email/: - get: - operationId: stages_email_list - description: EmailStage Viewset - parameters: - - in: query - name: activate_user_on_success - schema: - type: boolean - - in: query - name: from_address - schema: - type: string - - in: query - name: host - schema: - type: string - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: port - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: subject - schema: - type: string - - in: query - name: template - schema: - type: string - - in: query - name: timeout - schema: - type: integer - - in: query - name: token_expiry - schema: - type: integer - - in: query - name: use_global_settings - schema: - type: boolean - - in: query - name: use_ssl - schema: - type: boolean - - in: query - name: use_tls - schema: - type: boolean - - in: query - name: username - schema: - type: string - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedEmailStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_email_create - description: EmailStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EmailStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/EmailStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/email/{stage_uuid}/: - get: - operationId: stages_email_retrieve - description: EmailStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Email Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/EmailStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_email_update - description: EmailStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Email Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/EmailStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/EmailStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_email_partial_update - description: EmailStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Email Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedEmailStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/EmailStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_email_destroy - description: EmailStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Email Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/email/{stage_uuid}/used_by/: - get: - operationId: stages_email_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Email Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/email/templates/: - get: - operationId: stages_email_templates_list - description: Get all available templates, including custom templates - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/TypeCreate' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/identification/: - get: - operationId: stages_identification_list - description: IdentificationStage Viewset - parameters: - - in: query - name: case_insensitive_matching - schema: - type: boolean - - in: query - name: enrollment_flow - schema: - type: string - format: uuid - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: password_stage - schema: - type: string - format: uuid - - in: query - name: passwordless_flow - schema: - type: string - format: uuid - - in: query - name: recovery_flow - schema: - type: string - format: uuid - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: show_matched_user - schema: - type: boolean - - in: query - name: show_source_labels - schema: - type: boolean - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedIdentificationStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_identification_create - description: IdentificationStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/IdentificationStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/IdentificationStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/identification/{stage_uuid}/: - get: - operationId: stages_identification_retrieve - description: IdentificationStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Identification Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/IdentificationStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_identification_update - description: IdentificationStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Identification Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/IdentificationStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/IdentificationStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_identification_partial_update - description: IdentificationStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Identification Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedIdentificationStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/IdentificationStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_identification_destroy - description: IdentificationStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Identification Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/identification/{stage_uuid}/used_by/: - get: - operationId: stages_identification_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Identification Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/invitation/invitations/: - get: - operationId: stages_invitation_invitations_list - description: Invitation Viewset - parameters: - - in: query - name: created_by__username - schema: - type: string - - in: query - name: expires - schema: - type: string - format: date-time - - in: query - name: flow__slug - schema: - type: string - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedInvitationList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_invitation_invitations_create - description: Invitation Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InvitationRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/Invitation' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/invitation/invitations/{invite_uuid}/: - get: - operationId: stages_invitation_invitations_retrieve - description: Invitation Viewset - parameters: - - in: path - name: invite_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Invitation. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Invitation' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_invitation_invitations_update - description: Invitation Viewset - parameters: - - in: path - name: invite_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Invitation. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InvitationRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Invitation' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_invitation_invitations_partial_update - description: Invitation Viewset - parameters: - - in: path - name: invite_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Invitation. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedInvitationRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Invitation' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_invitation_invitations_destroy - description: Invitation Viewset - parameters: - - in: path - name: invite_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Invitation. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/invitation/invitations/{invite_uuid}/used_by/: - get: - operationId: stages_invitation_invitations_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: invite_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Invitation. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/invitation/stages/: - get: - operationId: stages_invitation_stages_list - description: InvitationStage Viewset - parameters: - - in: query - name: continue_flow_without_invitation - schema: - type: boolean - - in: query - name: name - schema: - type: string - - in: query - name: no_flows - schema: - type: boolean - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedInvitationStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_invitation_stages_create - description: InvitationStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InvitationStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/InvitationStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/invitation/stages/{stage_uuid}/: - get: - operationId: stages_invitation_stages_retrieve - description: InvitationStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Invitation Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/InvitationStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_invitation_stages_update - description: InvitationStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Invitation Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/InvitationStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/InvitationStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_invitation_stages_partial_update - description: InvitationStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Invitation Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedInvitationStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/InvitationStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_invitation_stages_destroy - description: InvitationStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Invitation Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/invitation/stages/{stage_uuid}/used_by/: - get: - operationId: stages_invitation_stages_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Invitation Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/password/: - get: - operationId: stages_password_list - description: PasswordStage Viewset - parameters: - - in: query - name: configure_flow - schema: - type: string - format: uuid - - in: query - name: failed_attempts_before_cancel - schema: - type: integer - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedPasswordStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_password_create - description: PasswordStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/password/{stage_uuid}/: - get: - operationId: stages_password_retrieve - description: PasswordStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_password_update - description: PasswordStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_password_partial_update - description: PasswordStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedPasswordStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PasswordStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_password_destroy - description: PasswordStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/password/{stage_uuid}/used_by/: - get: - operationId: stages_password_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Password Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/prompt/prompts/: - get: - operationId: stages_prompt_prompts_list - description: Prompt Viewset - parameters: - - in: query - name: field_key - schema: - type: string - - in: query - name: label - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - in: query - name: placeholder - schema: - type: string - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: type - schema: - type: string - enum: - - ak-locale - - checkbox - - date - - date-time - - email - - file - - hidden - - number - - password - - separator - - static - - text - - text_read_only - - username - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedPromptList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_prompt_prompts_create - description: Prompt Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PromptRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/Prompt' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/prompt/prompts/{prompt_uuid}/: - get: - operationId: stages_prompt_prompts_retrieve - description: Prompt Viewset - parameters: - - in: path - name: prompt_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Prompt. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Prompt' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_prompt_prompts_update - description: Prompt Viewset - parameters: - - in: path - name: prompt_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Prompt. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PromptRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Prompt' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_prompt_prompts_partial_update - description: Prompt Viewset - parameters: - - in: path - name: prompt_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Prompt. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedPromptRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Prompt' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_prompt_prompts_destroy - description: Prompt Viewset - parameters: - - in: path - name: prompt_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Prompt. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/prompt/prompts/{prompt_uuid}/used_by/: - get: - operationId: stages_prompt_prompts_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: prompt_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Prompt. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/prompt/stages/: - get: - operationId: stages_prompt_stages_list - description: PromptStage Viewset - parameters: - - in: query - name: fields - schema: - type: array - items: - type: string - format: uuid - explode: true - style: form - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - - in: query - name: validation_policies - schema: - type: array - items: - type: string - format: uuid - explode: true - style: form - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedPromptStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_prompt_stages_create - description: PromptStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PromptStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/PromptStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/prompt/stages/{stage_uuid}/: - get: - operationId: stages_prompt_stages_retrieve - description: PromptStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Prompt Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PromptStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_prompt_stages_update - description: PromptStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Prompt Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PromptStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PromptStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_prompt_stages_partial_update - description: PromptStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Prompt Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedPromptStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PromptStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_prompt_stages_destroy - description: PromptStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Prompt Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/prompt/stages/{stage_uuid}/used_by/: - get: - operationId: stages_prompt_stages_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this Prompt Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_delete/: - get: - operationId: stages_user_delete_list - description: UserDeleteStage Viewset - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedUserDeleteStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_user_delete_create - description: UserDeleteStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserDeleteStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/UserDeleteStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_delete/{stage_uuid}/: - get: - operationId: stages_user_delete_retrieve - description: UserDeleteStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Delete Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserDeleteStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_user_delete_update - description: UserDeleteStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Delete Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserDeleteStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserDeleteStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_user_delete_partial_update - description: UserDeleteStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Delete Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedUserDeleteStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserDeleteStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_user_delete_destroy - description: UserDeleteStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Delete Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_delete/{stage_uuid}/used_by/: - get: - operationId: stages_user_delete_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Delete Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_login/: - get: - operationId: stages_user_login_list - description: UserLoginStage Viewset - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: session_duration - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedUserLoginStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_user_login_create - description: UserLoginStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserLoginStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/UserLoginStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_login/{stage_uuid}/: - get: - operationId: stages_user_login_retrieve - description: UserLoginStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Login Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserLoginStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_user_login_update - description: UserLoginStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Login Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserLoginStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserLoginStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_user_login_partial_update - description: UserLoginStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Login Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedUserLoginStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserLoginStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_user_login_destroy - description: UserLoginStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Login Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_login/{stage_uuid}/used_by/: - get: - operationId: stages_user_login_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Login Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_logout/: - get: - operationId: stages_user_logout_list - description: UserLogoutStage Viewset - parameters: - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedUserLogoutStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_user_logout_create - description: UserLogoutStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserLogoutStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/UserLogoutStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_logout/{stage_uuid}/: - get: - operationId: stages_user_logout_retrieve - description: UserLogoutStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Logout Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserLogoutStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_user_logout_update - description: UserLogoutStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Logout Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserLogoutStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserLogoutStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_user_logout_partial_update - description: UserLogoutStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Logout Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedUserLogoutStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserLogoutStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_user_logout_destroy - description: UserLogoutStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Logout Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_logout/{stage_uuid}/used_by/: - get: - operationId: stages_user_logout_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Logout Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_write/: - get: - operationId: stages_user_write_list - description: UserWriteStage Viewset - parameters: - - in: query - name: can_create_users - schema: - type: boolean - - in: query - name: create_users_as_inactive - schema: - type: boolean - - in: query - name: create_users_group - schema: - type: string - format: uuid - - in: query - name: name - schema: - type: string - - name: ordering - required: false - in: query - description: Which field to use when ordering the results. - schema: - type: string - - name: page - required: false - in: query - description: A page number within the paginated result set. - schema: - type: integer - - name: page_size - required: false - in: query - description: Number of results to return per page. - schema: - type: integer - - name: search - required: false - in: query - description: A search term. - schema: - type: string - - in: query - name: stage_uuid - schema: - type: string - format: uuid - - in: query - name: user_path_template - schema: - type: string - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/PaginatedUserWriteStageList' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - post: - operationId: stages_user_write_create - description: UserWriteStage Viewset - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserWriteStageRequest' - required: true - security: - - authentik: [] - responses: - '201': - content: - application/json: - schema: - $ref: '#/components/schemas/UserWriteStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_write/{stage_uuid}/: - get: - operationId: stages_user_write_retrieve - description: UserWriteStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Write Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserWriteStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - put: - operationId: stages_user_write_update - description: UserWriteStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Write Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UserWriteStageRequest' - required: true - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserWriteStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - patch: - operationId: stages_user_write_partial_update - description: UserWriteStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Write Stage. - required: true - tags: - - stages - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/PatchedUserWriteStageRequest' - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/UserWriteStage' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - delete: - operationId: stages_user_write_destroy - description: UserWriteStage Viewset - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Write Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '204': - description: No response body - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' - /stages/user_write/{stage_uuid}/used_by/: - get: - operationId: stages_user_write_used_by_list - description: Get a list of all objects that use this object - parameters: - - in: path - name: stage_uuid - schema: - type: string - format: uuid - description: A UUID string identifying this User Write Stage. - required: true - tags: - - stages - security: - - authentik: [] - responses: - '200': - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/UsedBy' - description: '' - '400': - content: - application/json: - schema: - $ref: '#/components/schemas/ValidationError' - description: '' - '403': - content: - application/json: - schema: - $ref: '#/components/schemas/GenericError' - description: '' -components: - schemas: - AccessDeniedChallenge: - type: object - description: Challenge when a flow's active stage calls `stage_invalid()`. - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-access-denied - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - pending_user: - type: string - pending_user_avatar: - type: string - error_message: - type: string - required: - - pending_user - - pending_user_avatar - - type - App: - type: object - description: Serialize Application info - properties: - name: - type: string - label: - type: string - required: - - label - - name - AppEnum: - enum: - - authentik.admin - - authentik.api - - authentik.crypto - - authentik.events - - authentik.flows - - authentik.lib - - authentik.outposts - - authentik.policies.dummy - - authentik.policies.event_matcher - - authentik.policies.expiry - - authentik.policies.expression - - authentik.policies.hibp - - authentik.policies.password - - authentik.policies.reputation - - authentik.policies - - authentik.providers.ldap - - authentik.providers.oauth2 - - authentik.providers.proxy - - authentik.providers.saml - - authentik.recovery - - authentik.sources.ldap - - authentik.sources.oauth - - authentik.sources.plex - - authentik.sources.saml - - authentik.stages.authenticator_duo - - authentik.stages.authenticator_sms - - authentik.stages.authenticator_static - - authentik.stages.authenticator_totp - - authentik.stages.authenticator_validate - - authentik.stages.authenticator_webauthn - - authentik.stages.captcha - - authentik.stages.consent - - authentik.stages.deny - - authentik.stages.dummy - - authentik.stages.email - - authentik.stages.identification - - authentik.stages.invitation - - authentik.stages.password - - authentik.stages.prompt - - authentik.stages.user_delete - - authentik.stages.user_login - - authentik.stages.user_logout - - authentik.stages.user_write - - authentik.tenants - - authentik.blueprints - - authentik.core - type: string - AppleChallengeResponseRequest: - type: object - description: Pseudo class for plex response - properties: - component: - type: string - minLength: 1 - default: ak-source-oauth-apple - AppleLoginChallenge: - type: object - description: Special challenge for apple-native authentication flow, which happens - on the client. - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-source-oauth-apple - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - client_id: - type: string - scope: - type: string - redirect_uri: - type: string - state: - type: string - required: - - client_id - - redirect_uri - - scope - - state - - type - Application: - type: object - description: Application Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pbm uuid - name: - type: string - description: Application's display Name. - slug: - type: string - description: Internal application name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - provider: - type: integer - nullable: true - provider_obj: - allOf: - - $ref: '#/components/schemas/Provider' - readOnly: true - launch_url: - type: string - nullable: true - readOnly: true - open_in_new_tab: - type: boolean - description: Open launch URL in a new browser tab or window. - meta_launch_url: - type: string - format: uri - meta_icon: - type: string - nullable: true - readOnly: true - meta_description: - type: string - meta_publisher: - type: string - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - group: - type: string - required: - - launch_url - - meta_icon - - name - - pk - - provider_obj - - slug - ApplicationRequest: - type: object - description: Application Serializer - properties: - name: - type: string - minLength: 1 - description: Application's display Name. - slug: - type: string - minLength: 1 - description: Internal application name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - provider: - type: integer - nullable: true - open_in_new_tab: - type: boolean - description: Open launch URL in a new browser tab or window. - meta_launch_url: - type: string - format: uri - meta_description: - type: string - meta_publisher: - type: string - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - group: - type: string - required: - - name - - slug - AuthTypeEnum: - enum: - - basic - - bearer - type: string - AuthenticateWebAuthnStage: - type: object - description: AuthenticateWebAuthnStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - user_verification: - $ref: '#/components/schemas/UserVerificationEnum' - authenticator_attachment: - allOf: - - $ref: '#/components/schemas/AuthenticatorAttachmentEnum' - nullable: true - resident_key_requirement: - $ref: '#/components/schemas/ResidentKeyRequirementEnum' - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - AuthenticateWebAuthnStageRequest: - type: object - description: AuthenticateWebAuthnStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - user_verification: - $ref: '#/components/schemas/UserVerificationEnum' - authenticator_attachment: - allOf: - - $ref: '#/components/schemas/AuthenticatorAttachmentEnum' - nullable: true - resident_key_requirement: - $ref: '#/components/schemas/ResidentKeyRequirementEnum' - required: - - name - AuthenticatedSession: - type: object - description: AuthenticatedSession Serializer - properties: - uuid: - type: string - format: uuid - current: - type: boolean - readOnly: true - user_agent: - type: object - description: User agent details - properties: - device: - type: object - description: User agent device - properties: - brand: - type: string - family: - type: string - model: - type: string - required: - - brand - - family - - model - os: - type: object - description: User agent os - properties: - family: - type: string - major: - type: string - minor: - type: string - patch: - type: string - patch_minor: - type: string - required: - - family - - major - - minor - - patch - - patch_minor - user_agent: - type: object - description: User agent browser - properties: - family: - type: string - major: - type: string - minor: - type: string - patch: - type: string - required: - - family - - major - - minor - - patch - string: - type: string - required: - - device - - os - - string - - user_agent - readOnly: true - geo_ip: - type: object - description: GeoIP Details - properties: - continent: - type: string - country: - type: string - lat: - type: number - format: double - long: - type: number - format: double - city: - type: string - required: - - city - - continent - - country - - lat - - long - nullable: true - readOnly: true - user: - type: integer - last_ip: - type: string - last_user_agent: - type: string - last_used: - type: string - format: date-time - readOnly: true - expires: - type: string - format: date-time - required: - - current - - geo_ip - - last_ip - - last_used - - user - - user_agent - AuthenticationEnum: - enum: - - none - - require_authenticated - - require_unauthenticated - - require_superuser - type: string - AuthenticatorAttachmentEnum: - enum: - - platform - - cross-platform - type: string - AuthenticatorDuoChallenge: - type: object - description: Duo Challenge - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-authenticator-duo - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - pending_user: - type: string - pending_user_avatar: - type: string - activation_barcode: - type: string - activation_code: - type: string - stage_uuid: - type: string - required: - - activation_barcode - - activation_code - - pending_user - - pending_user_avatar - - stage_uuid - - type - AuthenticatorDuoChallengeResponseRequest: - type: object - description: Pseudo class for duo response - properties: - component: - type: string - minLength: 1 - default: ak-stage-authenticator-duo - AuthenticatorDuoStage: - type: object - description: AuthenticatorDuoStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - client_id: - type: string - api_hostname: - type: string - admin_integration_key: - type: string - required: - - api_hostname - - client_id - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - AuthenticatorDuoStageDeviceImportResponse: - type: object - properties: - count: - type: integer - readOnly: true - error: - type: string - readOnly: true - required: - - count - - error - AuthenticatorDuoStageManualDeviceImportRequest: - type: object - properties: - duo_user_id: - type: string - minLength: 1 - username: - type: string - minLength: 1 - required: - - duo_user_id - - username - AuthenticatorDuoStageRequest: - type: object - description: AuthenticatorDuoStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - client_id: - type: string - minLength: 1 - client_secret: - type: string - writeOnly: true - minLength: 1 - api_hostname: - type: string - minLength: 1 - admin_integration_key: - type: string - admin_secret_key: - type: string - writeOnly: true - required: - - api_hostname - - client_id - - client_secret - - name - AuthenticatorSMSChallenge: - type: object - description: SMS Setup challenge - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-authenticator-sms - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - pending_user: - type: string - pending_user_avatar: - type: string - phone_number_required: - type: boolean - default: true - required: - - pending_user - - pending_user_avatar - - type - AuthenticatorSMSChallengeResponseRequest: - type: object - description: SMS Challenge response, device is set by get_response_instance - properties: - component: - type: string - minLength: 1 - default: ak-stage-authenticator-sms - code: - type: integer - phone_number: - type: string - minLength: 1 - AuthenticatorSMSStage: - type: object - description: AuthenticatorSMSStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - provider: - $ref: '#/components/schemas/ProviderEnum' - from_number: - type: string - account_sid: - type: string - auth: - type: string - auth_password: - type: string - auth_type: - $ref: '#/components/schemas/AuthTypeEnum' - verify_only: - type: boolean - description: When enabled, the Phone number is only used during enrollment - to verify the users authenticity. Only a hash of the phone number is saved - to ensure it is not re-used in the future. - mapping: - type: string - format: uuid - nullable: true - description: Optionally modify the payload being sent to custom providers. - required: - - account_sid - - auth - - component - - from_number - - meta_model_name - - name - - pk - - provider - - verbose_name - - verbose_name_plural - AuthenticatorSMSStageRequest: - type: object - description: AuthenticatorSMSStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - provider: - $ref: '#/components/schemas/ProviderEnum' - from_number: - type: string - minLength: 1 - account_sid: - type: string - minLength: 1 - auth: - type: string - minLength: 1 - auth_password: - type: string - auth_type: - $ref: '#/components/schemas/AuthTypeEnum' - verify_only: - type: boolean - description: When enabled, the Phone number is only used during enrollment - to verify the users authenticity. Only a hash of the phone number is saved - to ensure it is not re-used in the future. - mapping: - type: string - format: uuid - nullable: true - description: Optionally modify the payload being sent to custom providers. - required: - - account_sid - - auth - - from_number - - name - - provider - AuthenticatorStaticChallenge: - type: object - description: Static authenticator challenge - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-authenticator-static - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - pending_user: - type: string - pending_user_avatar: - type: string - codes: - type: array - items: - type: string - required: - - codes - - pending_user - - pending_user_avatar - - type - AuthenticatorStaticChallengeResponseRequest: - type: object - description: Pseudo class for static response - properties: - component: - type: string - minLength: 1 - default: ak-stage-authenticator-static - AuthenticatorStaticStage: - type: object - description: AuthenticatorStaticStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - token_count: - type: integer - maximum: 2147483647 - minimum: -2147483648 - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - AuthenticatorStaticStageRequest: - type: object - description: AuthenticatorStaticStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - token_count: - type: integer - maximum: 2147483647 - minimum: -2147483648 - required: - - name - AuthenticatorTOTPChallenge: - type: object - description: TOTP Setup challenge - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-authenticator-totp - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - pending_user: - type: string - pending_user_avatar: - type: string - config_url: - type: string - required: - - config_url - - pending_user - - pending_user_avatar - - type - AuthenticatorTOTPChallengeResponseRequest: - type: object - description: TOTP Challenge response, device is set by get_response_instance - properties: - component: - type: string - minLength: 1 - default: ak-stage-authenticator-totp - code: - type: integer - required: - - code - AuthenticatorTOTPStage: - type: object - description: AuthenticatorTOTPStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - digits: - allOf: - - $ref: '#/components/schemas/DigitsEnum' - minimum: -2147483648 - maximum: 2147483647 - required: - - component - - digits - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - AuthenticatorTOTPStageRequest: - type: object - description: AuthenticatorTOTPStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - digits: - allOf: - - $ref: '#/components/schemas/DigitsEnum' - minimum: -2147483648 - maximum: 2147483647 - required: - - digits - - name - AuthenticatorValidateStage: - type: object - description: AuthenticatorValidateStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - not_configured_action: - $ref: '#/components/schemas/NotConfiguredActionEnum' - device_classes: - type: array - items: - $ref: '#/components/schemas/DeviceClassesEnum' - description: Device classes which can be used to authenticate - configuration_stages: - type: array - items: - type: string - format: uuid - description: Stages used to configure Authenticator when user doesn't have - any compatible devices. After this configuration Stage passes, the user - is not prompted again. - last_auth_threshold: - type: string - description: If any of the user's device has been used within this threshold, - this stage will be skipped - webauthn_user_verification: - allOf: - - $ref: '#/components/schemas/UserVerificationEnum' - description: Enforce user verification for WebAuthn devices. - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - AuthenticatorValidateStageRequest: - type: object - description: AuthenticatorValidateStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - not_configured_action: - $ref: '#/components/schemas/NotConfiguredActionEnum' - device_classes: - type: array - items: - $ref: '#/components/schemas/DeviceClassesEnum' - description: Device classes which can be used to authenticate - configuration_stages: - type: array - items: - type: string - format: uuid - description: Stages used to configure Authenticator when user doesn't have - any compatible devices. After this configuration Stage passes, the user - is not prompted again. - last_auth_threshold: - type: string - minLength: 1 - description: If any of the user's device has been used within this threshold, - this stage will be skipped - webauthn_user_verification: - allOf: - - $ref: '#/components/schemas/UserVerificationEnum' - description: Enforce user verification for WebAuthn devices. - required: - - name - AuthenticatorValidationChallenge: - type: object - description: Authenticator challenge - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-authenticator-validate - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - pending_user: - type: string - pending_user_avatar: - type: string - device_challenges: - type: array - items: - $ref: '#/components/schemas/DeviceChallenge' - configuration_stages: - type: array - items: - $ref: '#/components/schemas/SelectableStage' - required: - - configuration_stages - - device_challenges - - pending_user - - pending_user_avatar - - type - AuthenticatorValidationChallengeResponseRequest: - type: object - description: Challenge used for Code-based and WebAuthn authenticators - properties: - component: - type: string - minLength: 1 - default: ak-stage-authenticator-validate - selected_challenge: - $ref: '#/components/schemas/DeviceChallengeRequest' - selected_stage: - type: string - minLength: 1 - code: - type: string - minLength: 1 - webauthn: - type: object - additionalProperties: {} - duo: - type: integer - AuthenticatorWebAuthnChallenge: - type: object - description: WebAuthn Challenge - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-authenticator-webauthn - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - pending_user: - type: string - pending_user_avatar: - type: string - registration: - type: object - additionalProperties: {} - required: - - pending_user - - pending_user_avatar - - registration - - type - AuthenticatorWebAuthnChallengeResponseRequest: - type: object - description: WebAuthn Challenge response - properties: - component: - type: string - minLength: 1 - default: ak-stage-authenticator-webauthn - response: - type: object - additionalProperties: {} - required: - - response - AutoSubmitChallengeResponseRequest: - type: object - description: Pseudo class for autosubmit response - properties: - component: - type: string - minLength: 1 - default: ak-stage-autosubmit - AutosubmitChallenge: - type: object - description: Autosubmit challenge used to send and navigate a POST request - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-autosubmit - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - url: - type: string - attrs: - type: object - additionalProperties: - type: string - title: - type: string - required: - - attrs - - type - - url - BackendsEnum: - enum: - - authentik.core.auth.InbuiltBackend - - authentik.core.auth.TokenBackend - - authentik.sources.ldap.auth.LDAPBackend - type: string - BindingTypeEnum: - enum: - - REDIRECT - - POST - - POST_AUTO - type: string - BlueprintFile: - type: object - properties: - path: - type: string - last_m: - type: string - format: date-time - hash: - type: string - meta: - allOf: - - $ref: '#/components/schemas/Metadata' - readOnly: true - required: - - hash - - last_m - - meta - - path - BlueprintInstance: - type: object - description: Info about a single blueprint instance file - properties: - pk: - type: string - format: uuid - readOnly: true - title: Instance uuid - name: - type: string - path: - type: string - context: - type: object - additionalProperties: {} - last_applied: - type: string - format: date-time - readOnly: true - last_applied_hash: - type: string - readOnly: true - status: - allOf: - - $ref: '#/components/schemas/BlueprintInstanceStatusEnum' - readOnly: true - enabled: - type: boolean - managed_models: - type: array - items: - type: string - readOnly: true - metadata: - type: object - additionalProperties: {} - readOnly: true - required: - - last_applied - - last_applied_hash - - managed_models - - metadata - - name - - path - - pk - - status - BlueprintInstanceRequest: - type: object - description: Info about a single blueprint instance file - properties: - name: - type: string - minLength: 1 - path: - type: string - minLength: 1 - context: - type: object - additionalProperties: {} - enabled: - type: boolean - required: - - name - - path - BlueprintInstanceStatusEnum: - enum: - - successful - - warning - - error - - orphaned - - unknown - type: string - Cache: - type: object - description: Generic cache stats for an object - properties: - count: - type: integer - readOnly: true - required: - - count - CapabilitiesEnum: - enum: - - can_save_media - - can_geo_ip - - can_impersonate - - can_debug - type: string - CaptchaChallenge: - type: object - description: Site public key - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-captcha - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - pending_user: - type: string - pending_user_avatar: - type: string - site_key: - type: string - js_url: - type: string - readOnly: true - required: - - js_url - - pending_user - - pending_user_avatar - - site_key - - type - CaptchaChallengeResponseRequest: - type: object - description: Validate captcha token - properties: - component: - type: string - minLength: 1 - default: ak-stage-captcha - token: - type: string - minLength: 1 - required: - - token - CaptchaStage: - type: object - description: CaptchaStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - public_key: - type: string - description: Public key, acquired your captcha Provider. - js_url: - type: string - api_url: - type: string - required: - - component - - meta_model_name - - name - - pk - - public_key - - verbose_name - - verbose_name_plural - CaptchaStageRequest: - type: object - description: CaptchaStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - public_key: - type: string - minLength: 1 - description: Public key, acquired your captcha Provider. - private_key: - type: string - writeOnly: true - minLength: 1 - description: Private key, acquired your captcha Provider. - js_url: - type: string - minLength: 1 - api_url: - type: string - minLength: 1 - required: - - name - - private_key - - public_key - CertificateData: - type: object - description: Get CertificateKeyPair's data - properties: - data: - type: string - readOnly: true - required: - - data - CertificateGenerationRequest: - type: object - description: Certificate generation parameters - properties: - common_name: - type: string - minLength: 1 - subject_alt_name: - type: string - validity_days: - type: integer - required: - - common_name - - validity_days - CertificateKeyPair: - type: object - description: CertificateKeyPair Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Kp uuid - name: - type: string - fingerprint_sha256: - type: string - nullable: true - readOnly: true - fingerprint_sha1: - type: string - nullable: true - readOnly: true - cert_expiry: - type: string - format: date-time - nullable: true - readOnly: true - cert_subject: - type: string - nullable: true - readOnly: true - private_key_available: - type: boolean - readOnly: true - private_key_type: - type: string - nullable: true - readOnly: true - certificate_download_url: - type: string - readOnly: true - private_key_download_url: - type: string - readOnly: true - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - required: - - cert_expiry - - cert_subject - - certificate_download_url - - fingerprint_sha1 - - fingerprint_sha256 - - name - - pk - - private_key_available - - private_key_download_url - - private_key_type - CertificateKeyPairRequest: - type: object - description: CertificateKeyPair Serializer - properties: - name: - type: string - minLength: 1 - certificate_data: - type: string - writeOnly: true - minLength: 1 - description: PEM-encoded Certificate data - key_data: - type: string - writeOnly: true - description: Optional Private Key. If this is set, you can use this keypair - for encryption. - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - required: - - certificate_data - - name - ChallengeChoices: - enum: - - native - - shell - - redirect - type: string - ChallengeTypes: - oneOf: - - $ref: '#/components/schemas/AccessDeniedChallenge' - - $ref: '#/components/schemas/AppleLoginChallenge' - - $ref: '#/components/schemas/AuthenticatorDuoChallenge' - - $ref: '#/components/schemas/AuthenticatorSMSChallenge' - - $ref: '#/components/schemas/AuthenticatorStaticChallenge' - - $ref: '#/components/schemas/AuthenticatorTOTPChallenge' - - $ref: '#/components/schemas/AuthenticatorValidationChallenge' - - $ref: '#/components/schemas/AuthenticatorWebAuthnChallenge' - - $ref: '#/components/schemas/AutosubmitChallenge' - - $ref: '#/components/schemas/CaptchaChallenge' - - $ref: '#/components/schemas/ConsentChallenge' - - $ref: '#/components/schemas/DummyChallenge' - - $ref: '#/components/schemas/EmailChallenge' - - $ref: '#/components/schemas/FlowErrorChallenge' - - $ref: '#/components/schemas/IdentificationChallenge' - - $ref: '#/components/schemas/OAuthDeviceCodeChallenge' - - $ref: '#/components/schemas/OAuthDeviceCodeFinishChallenge' - - $ref: '#/components/schemas/PasswordChallenge' - - $ref: '#/components/schemas/PlexAuthenticationChallenge' - - $ref: '#/components/schemas/PromptChallenge' - - $ref: '#/components/schemas/RedirectChallenge' - - $ref: '#/components/schemas/ShellChallenge' - discriminator: - propertyName: component - mapping: - ak-stage-access-denied: '#/components/schemas/AccessDeniedChallenge' - ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge' - ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallenge' - ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallenge' - ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallenge' - ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallenge' - ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallenge' - ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallenge' - ak-stage-autosubmit: '#/components/schemas/AutosubmitChallenge' - ak-stage-captcha: '#/components/schemas/CaptchaChallenge' - ak-stage-consent: '#/components/schemas/ConsentChallenge' - ak-stage-dummy: '#/components/schemas/DummyChallenge' - ak-stage-email: '#/components/schemas/EmailChallenge' - xak-flow-error: '#/components/schemas/FlowErrorChallenge' - ak-stage-identification: '#/components/schemas/IdentificationChallenge' - ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallenge' - ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallenge' - ak-stage-password: '#/components/schemas/PasswordChallenge' - ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge' - ak-stage-prompt: '#/components/schemas/PromptChallenge' - xak-flow-redirect: '#/components/schemas/RedirectChallenge' - xak-flow-shell: '#/components/schemas/ShellChallenge' - ClientTypeEnum: - enum: - - confidential - - public - type: string - Config: - type: object - description: Serialize authentik Config into DRF Object - properties: - error_reporting: - $ref: '#/components/schemas/ErrorReportingConfig' - capabilities: - type: array - items: - $ref: '#/components/schemas/CapabilitiesEnum' - cache_timeout: - type: integer - cache_timeout_flows: - type: integer - cache_timeout_policies: - type: integer - cache_timeout_reputation: - type: integer - required: - - cache_timeout - - cache_timeout_flows - - cache_timeout_policies - - cache_timeout_reputation - - capabilities - - error_reporting - ConsentChallenge: - type: object - description: Challenge info for consent screens - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-consent - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - pending_user: - type: string - pending_user_avatar: - type: string - header_text: - type: string - permissions: - type: array - items: - $ref: '#/components/schemas/Permission' - additional_permissions: - type: array - items: - $ref: '#/components/schemas/Permission' - token: - type: string - required: - - additional_permissions - - pending_user - - pending_user_avatar - - permissions - - token - - type - ConsentChallengeResponseRequest: - type: object - description: Consent challenge response, any valid response request is valid - properties: - component: - type: string - minLength: 1 - default: ak-stage-consent - token: - type: string - minLength: 1 - required: - - token - ConsentStage: - type: object - description: ConsentStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - mode: - $ref: '#/components/schemas/ConsentStageModeEnum' - consent_expire_in: - type: string - title: Consent expires in - description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - ConsentStageModeEnum: - enum: - - always_require - - permanent - - expiring - type: string - ConsentStageRequest: - type: object - description: ConsentStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - mode: - $ref: '#/components/schemas/ConsentStageModeEnum' - consent_expire_in: - type: string - minLength: 1 - title: Consent expires in - description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' - required: - - name - ContextualFlowInfo: - type: object - description: Contextual flow information for a challenge - properties: - title: - type: string - background: - type: string - cancel_url: - type: string - layout: - $ref: '#/components/schemas/LayoutEnum' - required: - - cancel_url - - layout - Coordinate: - type: object - description: Coordinates for diagrams - properties: - x_cord: - type: integer - readOnly: true - y_cord: - type: integer - readOnly: true - required: - - x_cord - - y_cord - CurrentTenant: - type: object - description: Partial tenant information for styling - properties: - matched_domain: - type: string - branding_title: - type: string - branding_logo: - type: string - branding_favicon: - type: string - ui_footer_links: - type: array - items: - $ref: '#/components/schemas/FooterLink' - readOnly: true - default: [] - flow_authentication: - type: string - flow_invalidation: - type: string - flow_recovery: - type: string - flow_unenrollment: - type: string - flow_user_settings: - type: string - flow_device_code: - type: string - default_locale: - type: string - readOnly: true - required: - - branding_favicon - - branding_logo - - branding_title - - default_locale - - matched_domain - - ui_footer_links - DeniedActionEnum: - enum: - - message_continue - - message - - continue - type: string - DenyStage: - type: object - description: DenyStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - DenyStageRequest: - type: object - description: DenyStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - required: - - name - Device: - type: object - description: Serializer for Duo authenticator devices - properties: - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - pk: - type: integer - name: - type: string - type: - type: string - readOnly: true - confirmed: - type: boolean - required: - - confirmed - - meta_model_name - - name - - pk - - type - - verbose_name - - verbose_name_plural - DeviceChallenge: - type: object - description: Single device challenge - properties: - device_class: - type: string - device_uid: - type: string - challenge: - type: object - additionalProperties: {} - required: - - challenge - - device_class - - device_uid - DeviceChallengeRequest: - type: object - description: Single device challenge - properties: - device_class: - type: string - minLength: 1 - device_uid: - type: string - minLength: 1 - challenge: - type: object - additionalProperties: {} - required: - - challenge - - device_class - - device_uid - DeviceClassesEnum: - enum: - - static - - totp - - webauthn - - duo - - sms - type: string - DigestAlgorithmEnum: - enum: - - http://www.w3.org/2000/09/xmldsig#sha1 - - http://www.w3.org/2001/04/xmlenc#sha256 - - http://www.w3.org/2001/04/xmldsig-more#sha384 - - http://www.w3.org/2001/04/xmlenc#sha512 - type: string - DigitsEnum: - enum: - - 6 - - 8 - type: integer - DockerServiceConnection: - type: object - description: DockerServiceConnection Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Uuid - name: - type: string - local: - type: boolean - description: If enabled, use the local connection. Required Docker socket/Kubernetes - Integration - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - url: - type: string - description: Can be in the format of 'unix://' when connecting to - a local docker daemon, or 'https://:2376' when connecting to - a remote system. - tls_verification: - type: string - format: uuid - nullable: true - description: CA which the endpoint's Certificate is verified against. Can - be left empty for no validation. - tls_authentication: - type: string - format: uuid - nullable: true - description: Certificate/Key used for authentication. Can be left empty - for no authentication. - required: - - component - - meta_model_name - - name - - pk - - url - - verbose_name - - verbose_name_plural - DockerServiceConnectionRequest: - type: object - description: DockerServiceConnection Serializer - properties: - name: - type: string - minLength: 1 - local: - type: boolean - description: If enabled, use the local connection. Required Docker socket/Kubernetes - Integration - url: - type: string - minLength: 1 - description: Can be in the format of 'unix://' when connecting to - a local docker daemon, or 'https://:2376' when connecting to - a remote system. - tls_verification: - type: string - format: uuid - nullable: true - description: CA which the endpoint's Certificate is verified against. Can - be left empty for no validation. - tls_authentication: - type: string - format: uuid - nullable: true - description: Certificate/Key used for authentication. Can be left empty - for no authentication. - required: - - name - - url - DummyChallenge: - type: object - description: Dummy challenge - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-dummy - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - required: - - type - DummyChallengeResponseRequest: - type: object - description: Dummy challenge response - properties: - component: - type: string - minLength: 1 - default: ak-stage-dummy - DummyPolicy: - type: object - description: Dummy Policy Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Policy uuid - name: - type: string - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - bound_to: - type: integer - readOnly: true - result: - type: boolean - wait_min: - type: integer - maximum: 2147483647 - minimum: -2147483648 - wait_max: - type: integer - maximum: 2147483647 - minimum: -2147483648 - required: - - bound_to - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - DummyPolicyRequest: - type: object - description: Dummy Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - result: - type: boolean - wait_min: - type: integer - maximum: 2147483647 - minimum: -2147483648 - wait_max: - type: integer - maximum: 2147483647 - minimum: -2147483648 - required: - - name - DummyStage: - type: object - description: DummyStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - DummyStageRequest: - type: object - description: DummyStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - required: - - name - DuoDevice: - type: object - description: Serializer for Duo authenticator devices - properties: - pk: - type: integer - readOnly: true - title: ID - name: - type: string - description: The human-readable name of this device. - maxLength: 64 - required: - - name - - pk - DuoDeviceEnrollmentStatus: - type: object - properties: - duo_response: - $ref: '#/components/schemas/DuoResponseEnum' - required: - - duo_response - DuoDeviceRequest: - type: object - description: Serializer for Duo authenticator devices - properties: - name: - type: string - minLength: 1 - description: The human-readable name of this device. - maxLength: 64 - required: - - name - DuoResponseEnum: - enum: - - success - - waiting - - invalid - type: string - EmailChallenge: - type: object - description: Email challenge - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-email - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - required: - - type - EmailChallengeResponseRequest: - type: object - description: |- - Email challenge resposen. No fields. This challenge is - always declared invalid to give the user a chance to retry - properties: - component: - type: string - minLength: 1 - default: ak-stage-email - EmailStage: - type: object - description: EmailStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - use_global_settings: - type: boolean - description: When enabled, global Email connection settings will be used - and connection settings below will be ignored. - host: - type: string - port: - type: integer - maximum: 2147483647 - minimum: -2147483648 - username: - type: string - use_tls: - type: boolean - use_ssl: - type: boolean - timeout: - type: integer - maximum: 2147483647 - minimum: -2147483648 - from_address: - type: string - format: email - maxLength: 254 - token_expiry: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: Time in minutes the token sent is valid. - subject: - type: string - template: - type: string - activate_user_on_success: - type: boolean - description: Activate users upon completion of stage. - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - EmailStageRequest: - type: object - description: EmailStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - use_global_settings: - type: boolean - description: When enabled, global Email connection settings will be used - and connection settings below will be ignored. - host: - type: string - minLength: 1 - port: - type: integer - maximum: 2147483647 - minimum: -2147483648 - username: - type: string - password: - type: string - writeOnly: true - use_tls: - type: boolean - use_ssl: - type: boolean - timeout: - type: integer - maximum: 2147483647 - minimum: -2147483648 - from_address: - type: string - format: email - minLength: 1 - maxLength: 254 - token_expiry: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: Time in minutes the token sent is valid. - subject: - type: string - minLength: 1 - template: - type: string - minLength: 1 - activate_user_on_success: - type: boolean - description: Activate users upon completion of stage. - required: - - name - ErrorDetail: - type: object - description: Serializer for rest_framework's error messages - properties: - string: - type: string - code: - type: string - required: - - code - - string - ErrorReportingConfig: - type: object - description: Config for error reporting - properties: - enabled: - type: boolean - readOnly: true - sentry_dsn: - type: string - readOnly: true - environment: - type: string - readOnly: true - send_pii: - type: boolean - readOnly: true - traces_sample_rate: - type: number - format: double - readOnly: true - required: - - enabled - - environment - - send_pii - - sentry_dsn - - traces_sample_rate - Event: - type: object - description: Event Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Event uuid - user: - type: object - additionalProperties: {} - action: - $ref: '#/components/schemas/EventActions' - app: - type: string - context: - type: object - additionalProperties: {} - client_ip: - type: string - nullable: true - created: - type: string - format: date-time - readOnly: true - expires: - type: string - format: date-time - tenant: - type: object - additionalProperties: {} - required: - - action - - app - - created - - pk - EventActions: - enum: - - login - - login_failed - - logout - - user_write - - suspicious_request - - password_set - - secret_view - - secret_rotate - - invitation_used - - authorize_application - - source_linked - - impersonation_started - - impersonation_ended - - flow_execution - - policy_execution - - policy_exception - - property_mapping_exception - - system_task_execution - - system_task_exception - - system_exception - - configuration_error - - model_created - - model_updated - - model_deleted - - email_sent - - update_available - - custom_ - type: string - EventMatcherPolicy: - type: object - description: Event Matcher Policy Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Policy uuid - name: - type: string - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - bound_to: - type: integer - readOnly: true - action: - allOf: - - $ref: '#/components/schemas/EventActions' - description: Match created events with this action type. When left empty, - all action types will be matched. - client_ip: - type: string - description: Matches Event's Client IP (strict matching, for network matching - use an Expression Policy) - app: - allOf: - - $ref: '#/components/schemas/AppEnum' - description: Match events created by selected application. When left empty, - all applications are matched. - required: - - bound_to - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - EventMatcherPolicyRequest: - type: object - description: Event Matcher Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - action: - allOf: - - $ref: '#/components/schemas/EventActions' - description: Match created events with this action type. When left empty, - all action types will be matched. - client_ip: - type: string - description: Matches Event's Client IP (strict matching, for network matching - use an Expression Policy) - app: - allOf: - - $ref: '#/components/schemas/AppEnum' - description: Match events created by selected application. When left empty, - all applications are matched. - required: - - name - EventRequest: - type: object - description: Event Serializer - properties: - user: - type: object - additionalProperties: {} - action: - $ref: '#/components/schemas/EventActions' - app: - type: string - minLength: 1 - context: - type: object - additionalProperties: {} - client_ip: - type: string - nullable: true - minLength: 1 - expires: - type: string - format: date-time - tenant: - type: object - additionalProperties: {} - required: - - action - - app - EventTopPerUser: - type: object - description: Response object of Event's top_per_user - properties: - application: - type: object - additionalProperties: {} - counted_events: - type: integer - unique_users: - type: integer - required: - - application - - counted_events - - unique_users - ExpiringBaseGrantModel: - type: object - description: Serializer for BaseGrantModel and ExpiringBaseGrant - properties: - pk: - type: integer - readOnly: true - title: ID - provider: - $ref: '#/components/schemas/OAuth2Provider' - user: - $ref: '#/components/schemas/User' - is_expired: - type: boolean - readOnly: true - expires: - type: string - format: date-time - scope: - type: array - items: - type: string - required: - - is_expired - - pk - - provider - - scope - - user - ExpressionPolicy: - type: object - description: Group Membership Policy Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Policy uuid - name: - type: string - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - bound_to: - type: integer - readOnly: true - expression: - type: string - required: - - bound_to - - component - - expression - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - ExpressionPolicyRequest: - type: object - description: Group Membership Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - expression: - type: string - minLength: 1 - required: - - expression - - name - FilePathRequest: - type: object - description: Serializer to upload file - properties: - url: - type: string - minLength: 1 - required: - - url - FileUploadRequest: - type: object - description: Serializer to upload file - properties: - file: - type: string - format: binary - clear: - type: boolean - default: false - Flow: - type: object - description: Flow Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Flow uuid - policybindingmodel_ptr_id: - type: string - format: uuid - readOnly: true - name: - type: string - slug: - type: string - description: Visible in the URL. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - title: - type: string - description: Shown as the Title in Flow pages. - designation: - allOf: - - $ref: '#/components/schemas/FlowDesignationEnum' - description: Decides what this Flow is used for. For example, the Authentication - flow is redirect to when an un-authenticated user visits authentik. - background: - type: string - readOnly: true - stages: - type: array - items: - type: string - format: uuid - readOnly: true - policies: - type: array - items: - type: string - format: uuid - readOnly: true - cache_count: - type: integer - readOnly: true - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - compatibility_mode: - type: boolean - description: Enable compatibility mode, increases compatibility with password - managers on mobile devices. - export_url: - type: string - readOnly: true - layout: - $ref: '#/components/schemas/LayoutEnum' - denied_action: - allOf: - - $ref: '#/components/schemas/DeniedActionEnum' - description: Configure what should happen when a flow denies access to a - user. - authentication: - allOf: - - $ref: '#/components/schemas/AuthenticationEnum' - description: Required level of authentication and authorization to access - a flow. - required: - - background - - cache_count - - designation - - export_url - - name - - pk - - policies - - policybindingmodel_ptr_id - - slug - - stages - - title - FlowChallengeResponseRequest: - oneOf: - - $ref: '#/components/schemas/AppleChallengeResponseRequest' - - $ref: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest' - - $ref: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest' - - $ref: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest' - - $ref: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest' - - $ref: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest' - - $ref: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest' - - $ref: '#/components/schemas/AutoSubmitChallengeResponseRequest' - - $ref: '#/components/schemas/CaptchaChallengeResponseRequest' - - $ref: '#/components/schemas/ConsentChallengeResponseRequest' - - $ref: '#/components/schemas/DummyChallengeResponseRequest' - - $ref: '#/components/schemas/EmailChallengeResponseRequest' - - $ref: '#/components/schemas/IdentificationChallengeResponseRequest' - - $ref: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest' - - $ref: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest' - - $ref: '#/components/schemas/PasswordChallengeResponseRequest' - - $ref: '#/components/schemas/PlexAuthenticationChallengeResponseRequest' - - $ref: '#/components/schemas/PromptChallengeResponseRequest' - discriminator: - propertyName: component - mapping: - ak-source-oauth-apple: '#/components/schemas/AppleChallengeResponseRequest' - ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest' - ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest' - ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest' - ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest' - ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest' - ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest' - ak-stage-autosubmit: '#/components/schemas/AutoSubmitChallengeResponseRequest' - ak-stage-captcha: '#/components/schemas/CaptchaChallengeResponseRequest' - ak-stage-consent: '#/components/schemas/ConsentChallengeResponseRequest' - ak-stage-dummy: '#/components/schemas/DummyChallengeResponseRequest' - ak-stage-email: '#/components/schemas/EmailChallengeResponseRequest' - ak-stage-identification: '#/components/schemas/IdentificationChallengeResponseRequest' - ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest' - ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest' - ak-stage-password: '#/components/schemas/PasswordChallengeResponseRequest' - ak-source-plex: '#/components/schemas/PlexAuthenticationChallengeResponseRequest' - ak-stage-prompt: '#/components/schemas/PromptChallengeResponseRequest' - FlowDesignationEnum: - enum: - - authentication - - authorization - - invalidation - - enrollment - - unenrollment - - recovery - - stage_configuration - type: string - FlowDiagram: - type: object - description: response of the flow's diagram action - properties: - diagram: - type: string - readOnly: true - required: - - diagram - FlowErrorChallenge: - type: object - description: |- - Challenge class when an unhandled error occurs during a stage. Normal users - are shown an error message, superusers are shown a full stacktrace. - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: xak-flow-error - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - pending_user: - type: string - pending_user_avatar: - type: string - request_id: - type: string - error: - type: string - traceback: - type: string - required: - - pending_user - - pending_user_avatar - - request_id - - type - FlowImportResult: - type: object - description: Logs of an attempted flow import - properties: - logs: - type: array - items: - type: object - additionalProperties: {} - readOnly: true - success: - type: boolean - readOnly: true - required: - - logs - - success - FlowInspection: - type: object - description: Serializer for inspect endpoint - properties: - plans: - type: array - items: - $ref: '#/components/schemas/FlowInspectorPlan' - current_plan: - $ref: '#/components/schemas/FlowInspectorPlan' - is_completed: - type: boolean - required: - - is_completed - - plans - FlowInspectorPlan: - type: object - description: Serializer for an active FlowPlan - properties: - current_stage: - allOf: - - $ref: '#/components/schemas/FlowStageBinding' - readOnly: true - next_planned_stage: - allOf: - - $ref: '#/components/schemas/FlowStageBinding' - readOnly: true - plan_context: - type: object - additionalProperties: {} - readOnly: true - session_id: - type: string - readOnly: true - required: - - current_stage - - next_planned_stage - - plan_context - - session_id - FlowRequest: - type: object - description: Flow Serializer - properties: - name: - type: string - minLength: 1 - slug: - type: string - minLength: 1 - description: Visible in the URL. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - title: - type: string - minLength: 1 - description: Shown as the Title in Flow pages. - designation: - allOf: - - $ref: '#/components/schemas/FlowDesignationEnum' - description: Decides what this Flow is used for. For example, the Authentication - flow is redirect to when an un-authenticated user visits authentik. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - compatibility_mode: - type: boolean - description: Enable compatibility mode, increases compatibility with password - managers on mobile devices. - layout: - $ref: '#/components/schemas/LayoutEnum' - denied_action: - allOf: - - $ref: '#/components/schemas/DeniedActionEnum' - description: Configure what should happen when a flow denies access to a - user. - authentication: - allOf: - - $ref: '#/components/schemas/AuthenticationEnum' - description: Required level of authentication and authorization to access - a flow. - required: - - designation - - name - - slug - - title - FlowSet: - type: object - description: Stripped down flow serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Flow uuid - policybindingmodel_ptr_id: - type: string - format: uuid - readOnly: true - name: - type: string - slug: - type: string - description: Visible in the URL. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - title: - type: string - description: Shown as the Title in Flow pages. - designation: - allOf: - - $ref: '#/components/schemas/FlowDesignationEnum' - description: Decides what this Flow is used for. For example, the Authentication - flow is redirect to when an un-authenticated user visits authentik. - background: - type: string - readOnly: true - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - compatibility_mode: - type: boolean - description: Enable compatibility mode, increases compatibility with password - managers on mobile devices. - export_url: - type: string - readOnly: true - layout: - $ref: '#/components/schemas/LayoutEnum' - denied_action: - allOf: - - $ref: '#/components/schemas/DeniedActionEnum' - description: Configure what should happen when a flow denies access to a - user. - required: - - background - - designation - - export_url - - name - - pk - - policybindingmodel_ptr_id - - slug - - title - FlowSetRequest: - type: object - description: Stripped down flow serializer - properties: - name: - type: string - minLength: 1 - slug: - type: string - minLength: 1 - description: Visible in the URL. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - title: - type: string - minLength: 1 - description: Shown as the Title in Flow pages. - designation: - allOf: - - $ref: '#/components/schemas/FlowDesignationEnum' - description: Decides what this Flow is used for. For example, the Authentication - flow is redirect to when an un-authenticated user visits authentik. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - compatibility_mode: - type: boolean - description: Enable compatibility mode, increases compatibility with password - managers on mobile devices. - layout: - $ref: '#/components/schemas/LayoutEnum' - denied_action: - allOf: - - $ref: '#/components/schemas/DeniedActionEnum' - description: Configure what should happen when a flow denies access to a - user. - required: - - designation - - name - - slug - - title - FlowStageBinding: - type: object - description: FlowStageBinding Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Fsb uuid - policybindingmodel_ptr_id: - type: string - format: uuid - readOnly: true - target: - type: string - format: uuid - stage: - type: string - format: uuid - stage_obj: - allOf: - - $ref: '#/components/schemas/Stage' - readOnly: true - evaluate_on_plan: - type: boolean - description: Evaluate policies during the Flow planning process. Disable - this for input-based policies. - re_evaluate_policies: - type: boolean - description: Evaluate policies when the Stage is present to the user. - order: - type: integer - maximum: 2147483647 - minimum: -2147483648 - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - invalid_response_action: - allOf: - - $ref: '#/components/schemas/InvalidResponseActionEnum' - description: Configure how the flow executor should handle an invalid response - to a challenge. RETRY returns the error message and a similar challenge - to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT - restarts the flow while keeping the current context. - required: - - order - - pk - - policybindingmodel_ptr_id - - stage - - stage_obj - - target - FlowStageBindingRequest: - type: object - description: FlowStageBinding Serializer - properties: - target: - type: string - format: uuid - stage: - type: string - format: uuid - evaluate_on_plan: - type: boolean - description: Evaluate policies during the Flow planning process. Disable - this for input-based policies. - re_evaluate_policies: - type: boolean - description: Evaluate policies when the Stage is present to the user. - order: - type: integer - maximum: 2147483647 - minimum: -2147483648 - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - invalid_response_action: - allOf: - - $ref: '#/components/schemas/InvalidResponseActionEnum' - description: Configure how the flow executor should handle an invalid response - to a challenge. RETRY returns the error message and a similar challenge - to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT - restarts the flow while keeping the current context. - required: - - order - - stage - - target - FooterLink: - type: object - description: Links returned in Config API - properties: - href: - type: string - readOnly: true - name: - type: string - readOnly: true - required: - - href - - name - GenericError: - type: object - description: Generic API Error - properties: - detail: - type: string - code: - type: string - required: - - detail - Group: - type: object - description: Group Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Group uuid - num_pk: - type: integer - readOnly: true - name: - type: string - maxLength: 80 - is_superuser: - type: boolean - description: Users added to this group will be superusers. - parent: - type: string - format: uuid - nullable: true - parent_name: - type: string - readOnly: true - users: - type: array - items: - type: integer - attributes: - type: object - additionalProperties: {} - users_obj: - type: array - items: - $ref: '#/components/schemas/GroupMember' - readOnly: true - required: - - name - - num_pk - - parent_name - - pk - - users_obj - GroupMember: - type: object - description: Stripped down user serializer to show relevant users for groups - properties: - pk: - type: integer - readOnly: true - title: ID - username: - type: string - description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ - only. - pattern: ^[\w.@+-]+$ - maxLength: 150 - name: - type: string - description: User's display name. - is_active: - type: boolean - title: Active - description: Designates whether this user should be treated as active. Unselect - this instead of deleting accounts. - last_login: - type: string - format: date-time - nullable: true - email: - type: string - format: email - title: Email address - maxLength: 254 - avatar: - type: string - readOnly: true - attributes: - type: object - additionalProperties: {} - uid: - type: string - readOnly: true - required: - - avatar - - name - - pk - - uid - - username - GroupMemberRequest: - type: object - description: Stripped down user serializer to show relevant users for groups - properties: - username: - type: string - minLength: 1 - description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ - only. - pattern: ^[\w.@+-]+$ - maxLength: 150 - name: - type: string - minLength: 1 - description: User's display name. - is_active: - type: boolean - title: Active - description: Designates whether this user should be treated as active. Unselect - this instead of deleting accounts. - last_login: - type: string - format: date-time - nullable: true - email: - type: string - format: email - title: Email address - maxLength: 254 - attributes: - type: object - additionalProperties: {} - required: - - name - - username - GroupRequest: - type: object - description: Group Serializer - properties: - name: - type: string - minLength: 1 - maxLength: 80 - is_superuser: - type: boolean - description: Users added to this group will be superusers. - parent: - type: string - format: uuid - nullable: true - users: - type: array - items: - type: integer - attributes: - type: object - additionalProperties: {} - required: - - name - HaveIBeenPwendPolicy: - type: object - description: Have I Been Pwned Policy Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Policy uuid - name: - type: string - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - bound_to: - type: integer - readOnly: true - password_field: - type: string - description: Field key to check, field keys defined in Prompt stages are - available. - allowed_count: - type: integer - maximum: 2147483647 - minimum: -2147483648 - required: - - bound_to - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - HaveIBeenPwendPolicyRequest: - type: object - description: Have I Been Pwned Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - password_field: - type: string - minLength: 1 - description: Field key to check, field keys defined in Prompt stages are - available. - allowed_count: - type: integer - maximum: 2147483647 - minimum: -2147483648 - required: - - name - IdentificationChallenge: - type: object - description: Identification challenges with all UI elements - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-identification - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - user_fields: - type: array - items: - type: string - nullable: true - password_fields: - type: boolean - application_pre: - type: string - enroll_url: - type: string - recovery_url: - type: string - passwordless_url: - type: string - primary_action: - type: string - sources: - type: array - items: - $ref: '#/components/schemas/LoginSource' - show_source_labels: - type: boolean - required: - - password_fields - - primary_action - - show_source_labels - - type - - user_fields - IdentificationChallengeResponseRequest: - type: object - description: Identification challenge - properties: - component: - type: string - minLength: 1 - default: ak-stage-identification - uid_field: - type: string - minLength: 1 - password: - type: string - nullable: true - required: - - uid_field - IdentificationStage: - type: object - description: IdentificationStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - user_fields: - type: array - items: - $ref: '#/components/schemas/UserFieldsEnum' - description: Fields of the user object to match against. (Hold shift to - select multiple options) - password_stage: - type: string - format: uuid - nullable: true - description: When set, shows a password field, instead of showing the password - field as seaprate step. - case_insensitive_matching: - type: boolean - description: When enabled, user fields are matched regardless of their casing. - show_matched_user: - type: boolean - description: When a valid username/email has been entered, and this option - is enabled, the user's username and avatar will be shown. Otherwise, the - text that the user entered will be shown - enrollment_flow: - type: string - format: uuid - nullable: true - description: Optional enrollment flow, which is linked at the bottom of - the page. - recovery_flow: - type: string - format: uuid - nullable: true - description: Optional recovery flow, which is linked at the bottom of the - page. - passwordless_flow: - type: string - format: uuid - nullable: true - description: Optional passwordless flow, which is linked at the bottom of - the page. - sources: - type: array - items: - type: string - format: uuid - description: Specify which sources should be shown. - show_source_labels: - type: boolean - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - IdentificationStageRequest: - type: object - description: IdentificationStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - user_fields: - type: array - items: - $ref: '#/components/schemas/UserFieldsEnum' - description: Fields of the user object to match against. (Hold shift to - select multiple options) - password_stage: - type: string - format: uuid - nullable: true - description: When set, shows a password field, instead of showing the password - field as seaprate step. - case_insensitive_matching: - type: boolean - description: When enabled, user fields are matched regardless of their casing. - show_matched_user: - type: boolean - description: When a valid username/email has been entered, and this option - is enabled, the user's username and avatar will be shown. Otherwise, the - text that the user entered will be shown - enrollment_flow: - type: string - format: uuid - nullable: true - description: Optional enrollment flow, which is linked at the bottom of - the page. - recovery_flow: - type: string - format: uuid - nullable: true - description: Optional recovery flow, which is linked at the bottom of the - page. - passwordless_flow: - type: string - format: uuid - nullable: true - description: Optional passwordless flow, which is linked at the bottom of - the page. - sources: - type: array - items: - type: string - format: uuid - description: Specify which sources should be shown. - show_source_labels: - type: boolean - required: - - name - IntentEnum: - enum: - - verification - - api - - recovery - - app_password - type: string - InvalidResponseActionEnum: - enum: - - retry - - restart - - restart_with_context - type: string - Invitation: - type: object - description: Invitation Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Invite uuid - name: - type: string - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - expires: - type: string - format: date-time - fixed_data: - type: object - additionalProperties: {} - created_by: - allOf: - - $ref: '#/components/schemas/GroupMember' - readOnly: true - single_use: - type: boolean - description: When enabled, the invitation will be deleted after usage. - flow: - type: string - format: uuid - nullable: true - description: When set, only the configured flow can use this invitation. - flow_obj: - allOf: - - $ref: '#/components/schemas/Flow' - readOnly: true - required: - - created_by - - flow_obj - - name - - pk - InvitationRequest: - type: object - description: Invitation Serializer - properties: - name: - type: string - minLength: 1 - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - expires: - type: string - format: date-time - fixed_data: - type: object - additionalProperties: {} - single_use: - type: boolean - description: When enabled, the invitation will be deleted after usage. - flow: - type: string - format: uuid - nullable: true - description: When set, only the configured flow can use this invitation. - required: - - name - InvitationStage: - type: object - description: InvitationStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - continue_flow_without_invitation: - type: boolean - description: If this flag is set, this Stage will jump to the next Stage - when no Invitation is given. By default this Stage will cancel the Flow - when no invitation is given. - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - InvitationStageRequest: - type: object - description: InvitationStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - continue_flow_without_invitation: - type: boolean - description: If this flag is set, this Stage will jump to the next Stage - when no Invitation is given. By default this Stage will cancel the Flow - when no invitation is given. - required: - - name - IssuerModeEnum: - enum: - - global - - per_provider - type: string - KubernetesServiceConnection: - type: object - description: KubernetesServiceConnection Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Uuid - name: - type: string - local: - type: boolean - description: If enabled, use the local connection. Required Docker socket/Kubernetes - Integration - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - kubeconfig: - type: object - additionalProperties: {} - description: Paste your kubeconfig here. authentik will automatically use - the currently selected context. - verify_ssl: - type: boolean - description: Verify SSL Certificates of the Kubernetes API endpoint - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - KubernetesServiceConnectionRequest: - type: object - description: KubernetesServiceConnection Serializer - properties: - name: - type: string - minLength: 1 - local: - type: boolean - description: If enabled, use the local connection. Required Docker socket/Kubernetes - Integration - kubeconfig: - type: object - additionalProperties: {} - description: Paste your kubeconfig here. authentik will automatically use - the currently selected context. - verify_ssl: - type: boolean - description: Verify SSL Certificates of the Kubernetes API endpoint - required: - - name - LDAPAPIAccessMode: - enum: - - direct - - cached - type: string - LDAPOutpostConfig: - type: object - description: LDAPProvider Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - name: - type: string - base_dn: - type: string - description: DN under which objects are accessible. - bind_flow_slug: - type: string - application_slug: - type: string - search_group: - type: string - format: uuid - nullable: true - description: Users in this group can do search queries. If not set, every - user can execute search queries. - certificate: - type: string - format: uuid - nullable: true - tls_server_name: - type: string - uid_start_number: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: The start for uidNumbers, this number is added to the user.Pk - to make sure that the numbers aren't too low for POSIX users. Default - is 2000 to ensure that we don't collide with local users uidNumber - gid_start_number: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: The start for gidNumbers, this number is added to a number - generated from the group.Pk to make sure that the numbers aren't too low - for POSIX groups. Default is 4000 to ensure that we don't collide with - local groups or users primary groups gidNumber - search_mode: - $ref: '#/components/schemas/LDAPAPIAccessMode' - bind_mode: - $ref: '#/components/schemas/LDAPAPIAccessMode' - required: - - application_slug - - bind_flow_slug - - name - - pk - LDAPPropertyMapping: - type: object - description: LDAP PropertyMapping Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pm uuid - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - name: - type: string - expression: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - object_field: - type: string - required: - - component - - expression - - meta_model_name - - name - - object_field - - pk - - verbose_name - - verbose_name_plural - LDAPPropertyMappingRequest: - type: object - description: LDAP PropertyMapping Serializer - properties: - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - name: - type: string - minLength: 1 - expression: - type: string - minLength: 1 - object_field: - type: string - minLength: 1 - required: - - expression - - name - - object_field - LDAPProvider: - type: object - description: LDAPProvider Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - name: - type: string - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - component: - type: string - readOnly: true - assigned_application_slug: - type: string - description: Internal application name, used in URLs. - readOnly: true - assigned_application_name: - type: string - description: Application's display Name. - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - base_dn: - type: string - description: DN under which objects are accessible. - search_group: - type: string - format: uuid - nullable: true - description: Users in this group can do search queries. If not set, every - user can execute search queries. - certificate: - type: string - format: uuid - nullable: true - tls_server_name: - type: string - uid_start_number: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: The start for uidNumbers, this number is added to the user.Pk - to make sure that the numbers aren't too low for POSIX users. Default - is 2000 to ensure that we don't collide with local users uidNumber - gid_start_number: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: The start for gidNumbers, this number is added to a number - generated from the group.Pk to make sure that the numbers aren't too low - for POSIX groups. Default is 4000 to ensure that we don't collide with - local groups or users primary groups gidNumber - outpost_set: - type: array - items: - type: string - readOnly: true - search_mode: - $ref: '#/components/schemas/LDAPAPIAccessMode' - bind_mode: - $ref: '#/components/schemas/LDAPAPIAccessMode' - required: - - assigned_application_name - - assigned_application_slug - - authorization_flow - - component - - meta_model_name - - name - - outpost_set - - pk - - verbose_name - - verbose_name_plural - LDAPProviderRequest: - type: object - description: LDAPProvider Serializer - properties: - name: - type: string - minLength: 1 - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - base_dn: - type: string - minLength: 1 - description: DN under which objects are accessible. - search_group: - type: string - format: uuid - nullable: true - description: Users in this group can do search queries. If not set, every - user can execute search queries. - certificate: - type: string - format: uuid - nullable: true - tls_server_name: - type: string - uid_start_number: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: The start for uidNumbers, this number is added to the user.Pk - to make sure that the numbers aren't too low for POSIX users. Default - is 2000 to ensure that we don't collide with local users uidNumber - gid_start_number: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: The start for gidNumbers, this number is added to a number - generated from the group.Pk to make sure that the numbers aren't too low - for POSIX groups. Default is 4000 to ensure that we don't collide with - local groups or users primary groups gidNumber - search_mode: - $ref: '#/components/schemas/LDAPAPIAccessMode' - bind_mode: - $ref: '#/components/schemas/LDAPAPIAccessMode' - required: - - authorization_flow - - name - LDAPSource: - type: object - description: LDAP Source Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pbm uuid - name: - type: string - description: Source's display Name. - slug: - type: string - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - readOnly: true - user_path_template: - type: string - icon: - type: string - nullable: true - readOnly: true - server_uri: - type: string - format: uri - peer_certificate: - type: string - format: uuid - nullable: true - description: Optionally verify the LDAP Server's Certificate against the - CA Chain in this keypair. - bind_cn: - type: string - start_tls: - type: boolean - title: Enable Start TLS - base_dn: - type: string - additional_user_dn: - type: string - title: Addition User DN - description: Prepended to Base DN for User-queries. - additional_group_dn: - type: string - title: Addition Group DN - description: Prepended to Base DN for Group-queries. - user_object_filter: - type: string - description: Consider Objects matching this filter to be Users. - group_object_filter: - type: string - description: Consider Objects matching this filter to be Groups. - group_membership_field: - type: string - description: Field which contains members of a group. - object_uniqueness_field: - type: string - description: Field which contains a unique Identifier. - sync_users: - type: boolean - sync_users_password: - type: boolean - description: When a user changes their password, sync it back to LDAP. This - can only be enabled on a single LDAP source. - sync_groups: - type: boolean - sync_parent_group: - type: string - format: uuid - nullable: true - property_mappings: - type: array - items: - type: string - format: uuid - property_mappings_group: - type: array - items: - type: string - format: uuid - description: Property mappings used for group creation/updating. - required: - - base_dn - - component - - icon - - managed - - meta_model_name - - name - - pk - - server_uri - - slug - - verbose_name - - verbose_name_plural - LDAPSourceRequest: - type: object - description: LDAP Source Serializer - properties: - name: - type: string - minLength: 1 - description: Source's display Name. - slug: - type: string - minLength: 1 - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - user_path_template: - type: string - minLength: 1 - server_uri: - type: string - minLength: 1 - format: uri - peer_certificate: - type: string - format: uuid - nullable: true - description: Optionally verify the LDAP Server's Certificate against the - CA Chain in this keypair. - bind_cn: - type: string - bind_password: - type: string - writeOnly: true - start_tls: - type: boolean - title: Enable Start TLS - base_dn: - type: string - minLength: 1 - additional_user_dn: - type: string - title: Addition User DN - description: Prepended to Base DN for User-queries. - additional_group_dn: - type: string - title: Addition Group DN - description: Prepended to Base DN for Group-queries. - user_object_filter: - type: string - minLength: 1 - description: Consider Objects matching this filter to be Users. - group_object_filter: - type: string - minLength: 1 - description: Consider Objects matching this filter to be Groups. - group_membership_field: - type: string - minLength: 1 - description: Field which contains members of a group. - object_uniqueness_field: - type: string - minLength: 1 - description: Field which contains a unique Identifier. - sync_users: - type: boolean - sync_users_password: - type: boolean - description: When a user changes their password, sync it back to LDAP. This - can only be enabled on a single LDAP source. - sync_groups: - type: boolean - sync_parent_group: - type: string - format: uuid - nullable: true - property_mappings: - type: array - items: - type: string - format: uuid - property_mappings_group: - type: array - items: - type: string - format: uuid - description: Property mappings used for group creation/updating. - required: - - base_dn - - name - - server_uri - - slug - LayoutEnum: - enum: - - stacked - - content_left - - content_right - - sidebar_left - - sidebar_right - type: string - Link: - type: object - description: Returns a single link - properties: - link: - type: string - required: - - link - LoginChallengeTypes: - oneOf: - - $ref: '#/components/schemas/RedirectChallenge' - - $ref: '#/components/schemas/PlexAuthenticationChallenge' - - $ref: '#/components/schemas/AppleLoginChallenge' - discriminator: - propertyName: component - mapping: - xak-flow-redirect: '#/components/schemas/RedirectChallenge' - ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge' - ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge' - LoginMetrics: - type: object - description: Login Metrics per 1h - properties: - logins_per_1h: - type: array - items: - $ref: '#/components/schemas/Coordinate' - readOnly: true - logins_failed_per_1h: - type: array - items: - $ref: '#/components/schemas/Coordinate' - readOnly: true - authorizations_per_1h: - type: array - items: - $ref: '#/components/schemas/Coordinate' - readOnly: true - required: - - authorizations_per_1h - - logins_failed_per_1h - - logins_per_1h - LoginSource: - type: object - description: Serializer for Login buttons of sources - properties: - name: - type: string - icon_url: - type: string - nullable: true - challenge: - $ref: '#/components/schemas/LoginChallengeTypes' - required: - - challenge - - name - Metadata: - type: object - description: Serializer for blueprint metadata - properties: - name: - type: string - labels: - type: object - additionalProperties: {} - required: - - labels - - name - NameIdPolicyEnum: - enum: - - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress - - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent - - urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName - - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName - - urn:oasis:names:tc:SAML:2.0:nameid-format:transient - type: string - NotConfiguredActionEnum: - enum: - - skip - - deny - - configure - type: string - Notification: - type: object - description: Notification Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Uuid - severity: - allOf: - - $ref: '#/components/schemas/SeverityEnum' - readOnly: true - body: - type: string - readOnly: true - created: - type: string - format: date-time - readOnly: true - event: - $ref: '#/components/schemas/Event' - seen: - type: boolean - required: - - body - - created - - pk - - severity - NotificationRequest: - type: object - description: Notification Serializer - properties: - event: - $ref: '#/components/schemas/EventRequest' - seen: - type: boolean - NotificationRule: - type: object - description: NotificationRule Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pbm uuid - name: - type: string - transports: - type: array - items: - type: string - format: uuid - description: Select which transports should be used to notify the user. - If none are selected, the notification will only be shown in the authentik - UI. - severity: - allOf: - - $ref: '#/components/schemas/SeverityEnum' - description: Controls which severity level the created notifications will - have. - group: - type: string - format: uuid - nullable: true - description: Define which group of users this notification should be sent - and shown to. If left empty, Notification won't ben sent. - group_obj: - allOf: - - $ref: '#/components/schemas/Group' - readOnly: true - required: - - group_obj - - name - - pk - NotificationRuleRequest: - type: object - description: NotificationRule Serializer - properties: - name: - type: string - minLength: 1 - transports: - type: array - items: - type: string - format: uuid - description: Select which transports should be used to notify the user. - If none are selected, the notification will only be shown in the authentik - UI. - severity: - allOf: - - $ref: '#/components/schemas/SeverityEnum' - description: Controls which severity level the created notifications will - have. - group: - type: string - format: uuid - nullable: true - description: Define which group of users this notification should be sent - and shown to. If left empty, Notification won't ben sent. - required: - - name - NotificationTransport: - type: object - description: NotificationTransport Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Uuid - name: - type: string - mode: - $ref: '#/components/schemas/NotificationTransportModeEnum' - mode_verbose: - type: string - readOnly: true - webhook_url: - type: string - format: uri - webhook_mapping: - type: string - format: uuid - nullable: true - send_once: - type: boolean - description: Only send notification once, for example when sending a webhook - into a chat channel. - required: - - mode_verbose - - name - - pk - NotificationTransportModeEnum: - enum: - - local - - webhook - - webhook_slack - - email - type: string - NotificationTransportRequest: - type: object - description: NotificationTransport Serializer - properties: - name: - type: string - minLength: 1 - mode: - $ref: '#/components/schemas/NotificationTransportModeEnum' - webhook_url: - type: string - format: uri - webhook_mapping: - type: string - format: uuid - nullable: true - send_once: - type: boolean - description: Only send notification once, for example when sending a webhook - into a chat channel. - required: - - name - NotificationTransportTest: - type: object - description: Notification test serializer - properties: - messages: - type: array - items: - type: string - required: - - messages - NotificationWebhookMapping: - type: object - description: NotificationWebhookMapping Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pm uuid - name: - type: string - expression: - type: string - required: - - expression - - name - - pk - NotificationWebhookMappingRequest: - type: object - description: NotificationWebhookMapping Serializer - properties: - name: - type: string - minLength: 1 - expression: - type: string - minLength: 1 - required: - - expression - - name - OAuth2Provider: - type: object - description: OAuth2Provider Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - name: - type: string - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - component: - type: string - readOnly: true - assigned_application_slug: - type: string - description: Internal application name, used in URLs. - readOnly: true - assigned_application_name: - type: string - description: Application's display Name. - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - client_type: - allOf: - - $ref: '#/components/schemas/ClientTypeEnum' - description: Confidential clients are capable of maintaining the confidentiality - of their credentials. Public clients are incapable - client_id: - type: string - maxLength: 255 - client_secret: - type: string - maxLength: 255 - access_code_validity: - type: string - description: 'Access codes not valid on or after current time + this value - (Format: hours=1;minutes=2;seconds=3).' - token_validity: - type: string - description: 'Tokens not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - include_claims_in_id_token: - type: boolean - description: Include User claims from scopes in the id_token, for applications - that don't access the userinfo endpoint. - signing_key: - type: string - format: uuid - nullable: true - description: Key used to sign the tokens. Only required when JWT Algorithm - is set to RS256. - redirect_uris: - type: string - description: Enter each URI on a new line. - sub_mode: - allOf: - - $ref: '#/components/schemas/SubModeEnum' - description: Configure what data should be used as unique User Identifier. - For most cases, the default should be fine. - issuer_mode: - allOf: - - $ref: '#/components/schemas/IssuerModeEnum' - description: Configure how the issuer field of the ID Token should be filled. - jwks_sources: - type: array - items: - type: string - format: uuid - title: Any JWT signed by the JWK of the selected source can be used to - authenticate. - title: Any JWT signed by the JWK of the selected source can be used to authenticate. - required: - - assigned_application_name - - assigned_application_slug - - authorization_flow - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - OAuth2ProviderRequest: - type: object - description: OAuth2Provider Serializer - properties: - name: - type: string - minLength: 1 - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - client_type: - allOf: - - $ref: '#/components/schemas/ClientTypeEnum' - description: Confidential clients are capable of maintaining the confidentiality - of their credentials. Public clients are incapable - client_id: - type: string - minLength: 1 - maxLength: 255 - client_secret: - type: string - maxLength: 255 - access_code_validity: - type: string - minLength: 1 - description: 'Access codes not valid on or after current time + this value - (Format: hours=1;minutes=2;seconds=3).' - token_validity: - type: string - minLength: 1 - description: 'Tokens not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - include_claims_in_id_token: - type: boolean - description: Include User claims from scopes in the id_token, for applications - that don't access the userinfo endpoint. - signing_key: - type: string - format: uuid - nullable: true - description: Key used to sign the tokens. Only required when JWT Algorithm - is set to RS256. - redirect_uris: - type: string - description: Enter each URI on a new line. - sub_mode: - allOf: - - $ref: '#/components/schemas/SubModeEnum' - description: Configure what data should be used as unique User Identifier. - For most cases, the default should be fine. - issuer_mode: - allOf: - - $ref: '#/components/schemas/IssuerModeEnum' - description: Configure how the issuer field of the ID Token should be filled. - jwks_sources: - type: array - items: - type: string - format: uuid - title: Any JWT signed by the JWK of the selected source can be used to - authenticate. - title: Any JWT signed by the JWK of the selected source can be used to authenticate. - required: - - authorization_flow - - name - OAuth2ProviderSetupURLs: - type: object - description: OAuth2 Provider Metadata serializer - properties: - issuer: - type: string - readOnly: true - authorize: - type: string - readOnly: true - token: - type: string - readOnly: true - user_info: - type: string - readOnly: true - provider_info: - type: string - readOnly: true - logout: - type: string - readOnly: true - jwks: - type: string - readOnly: true - required: - - authorize - - issuer - - jwks - - logout - - provider_info - - token - - user_info - OAuthDeviceCodeChallenge: - type: object - description: OAuth Device code challenge - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-provider-oauth2-device-code - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - required: - - type - OAuthDeviceCodeChallengeResponseRequest: - type: object - description: Response that includes the user-entered device code - properties: - component: - type: string - minLength: 1 - default: ak-provider-oauth2-device-code - code: - type: integer - required: - - code - OAuthDeviceCodeFinishChallenge: - type: object - description: Final challenge after user enters their code - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-provider-oauth2-device-code-finish - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - required: - - type - OAuthDeviceCodeFinishChallengeResponseRequest: - type: object - description: Response that device has been authenticated and tab can be closed - properties: - component: - type: string - minLength: 1 - default: ak-provider-oauth2-device-code-finish - OAuthSource: - type: object - description: OAuth Source Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pbm uuid - name: - type: string - description: Source's display Name. - slug: - type: string - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - readOnly: true - user_path_template: - type: string - icon: - type: string - nullable: true - readOnly: true - provider_type: - $ref: '#/components/schemas/ProviderTypeEnum' - request_token_url: - type: string - nullable: true - description: URL used to request the initial token. This URL is only required - for OAuth 1. - maxLength: 255 - authorization_url: - type: string - nullable: true - description: URL the user is redirect to to conest the flow. - maxLength: 255 - access_token_url: - type: string - nullable: true - description: URL used by authentik to retrieve tokens. - maxLength: 255 - profile_url: - type: string - nullable: true - description: URL used by authentik to get user information. - maxLength: 255 - consumer_key: - type: string - callback_url: - type: string - readOnly: true - additional_scopes: - type: string - type: - allOf: - - $ref: '#/components/schemas/SourceType' - readOnly: true - oidc_well_known_url: - type: string - oidc_jwks_url: - type: string - oidc_jwks: - type: object - additionalProperties: {} - required: - - callback_url - - component - - consumer_key - - icon - - managed - - meta_model_name - - name - - pk - - provider_type - - slug - - type - - verbose_name - - verbose_name_plural - OAuthSourceRequest: - type: object - description: OAuth Source Serializer - properties: - name: - type: string - minLength: 1 - description: Source's display Name. - slug: - type: string - minLength: 1 - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - user_path_template: - type: string - minLength: 1 - provider_type: - $ref: '#/components/schemas/ProviderTypeEnum' - request_token_url: - type: string - nullable: true - minLength: 1 - description: URL used to request the initial token. This URL is only required - for OAuth 1. - maxLength: 255 - authorization_url: - type: string - nullable: true - minLength: 1 - description: URL the user is redirect to to conest the flow. - maxLength: 255 - access_token_url: - type: string - nullable: true - minLength: 1 - description: URL used by authentik to retrieve tokens. - maxLength: 255 - profile_url: - type: string - nullable: true - minLength: 1 - description: URL used by authentik to get user information. - maxLength: 255 - consumer_key: - type: string - minLength: 1 - consumer_secret: - type: string - writeOnly: true - minLength: 1 - additional_scopes: - type: string - oidc_well_known_url: - type: string - oidc_jwks_url: - type: string - oidc_jwks: - type: object - additionalProperties: {} - required: - - consumer_key - - consumer_secret - - name - - provider_type - - slug - OpenIDConnectConfiguration: - type: object - description: rest_framework Serializer for OIDC Configuration - properties: - issuer: - type: string - authorization_endpoint: - type: string - token_endpoint: - type: string - userinfo_endpoint: - type: string - end_session_endpoint: - type: string - introspection_endpoint: - type: string - jwks_uri: - type: string - response_types_supported: - type: array - items: - type: string - id_token_signing_alg_values_supported: - type: array - items: - type: string - subject_types_supported: - type: array - items: - type: string - token_endpoint_auth_methods_supported: - type: array - items: - type: string - required: - - authorization_endpoint - - end_session_endpoint - - id_token_signing_alg_values_supported - - introspection_endpoint - - issuer - - jwks_uri - - response_types_supported - - subject_types_supported - - token_endpoint - - token_endpoint_auth_methods_supported - - userinfo_endpoint - Outpost: - type: object - description: Outpost Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Uuid - name: - type: string - type: - $ref: '#/components/schemas/OutpostTypeEnum' - providers: - type: array - items: - type: integer - providers_obj: - type: array - items: - $ref: '#/components/schemas/Provider' - readOnly: true - service_connection: - type: string - format: uuid - nullable: true - description: Select Service-Connection authentik should use to manage this - outpost. Leave empty if authentik should not handle the deployment. - service_connection_obj: - allOf: - - $ref: '#/components/schemas/ServiceConnection' - readOnly: true - token_identifier: - type: string - readOnly: true - config: - type: object - additionalProperties: {} - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - required: - - config - - name - - pk - - providers - - providers_obj - - service_connection_obj - - token_identifier - - type - OutpostDefaultConfig: - type: object - description: Global default outpost config - properties: - config: - type: object - additionalProperties: {} - readOnly: true - required: - - config - OutpostHealth: - type: object - description: Outpost health status - properties: - last_seen: - type: string - format: date-time - readOnly: true - version: - type: string - readOnly: true - version_should: - type: string - readOnly: true - version_outdated: - type: boolean - readOnly: true - build_hash: - type: string - readOnly: true - build_hash_should: - type: string - readOnly: true - required: - - build_hash - - build_hash_should - - last_seen - - version - - version_outdated - - version_should - OutpostRequest: - type: object - description: Outpost Serializer - properties: - name: - type: string - minLength: 1 - type: - $ref: '#/components/schemas/OutpostTypeEnum' - providers: - type: array - items: - type: integer - service_connection: - type: string - format: uuid - nullable: true - description: Select Service-Connection authentik should use to manage this - outpost. Leave empty if authentik should not handle the deployment. - config: - type: object - additionalProperties: {} - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - required: - - config - - name - - providers - - type - OutpostTypeEnum: - enum: - - proxy - - ldap - type: string - PaginatedApplicationList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Application' - required: - - pagination - - results - PaginatedAuthenticateWebAuthnStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/AuthenticateWebAuthnStage' - required: - - pagination - - results - PaginatedAuthenticatedSessionList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/AuthenticatedSession' - required: - - pagination - - results - PaginatedAuthenticatorDuoStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/AuthenticatorDuoStage' - required: - - pagination - - results - PaginatedAuthenticatorSMSStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/AuthenticatorSMSStage' - required: - - pagination - - results - PaginatedAuthenticatorStaticStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/AuthenticatorStaticStage' - required: - - pagination - - results - PaginatedAuthenticatorTOTPStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/AuthenticatorTOTPStage' - required: - - pagination - - results - PaginatedAuthenticatorValidateStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/AuthenticatorValidateStage' - required: - - pagination - - results - PaginatedBlueprintInstanceList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/BlueprintInstance' - required: - - pagination - - results - PaginatedCaptchaStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/CaptchaStage' - required: - - pagination - - results - PaginatedCertificateKeyPairList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/CertificateKeyPair' - required: - - pagination - - results - PaginatedConsentStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/ConsentStage' - required: - - pagination - - results - PaginatedDenyStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/DenyStage' - required: - - pagination - - results - PaginatedDockerServiceConnectionList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/DockerServiceConnection' - required: - - pagination - - results - PaginatedDummyPolicyList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/DummyPolicy' - required: - - pagination - - results - PaginatedDummyStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/DummyStage' - required: - - pagination - - results - PaginatedDuoDeviceList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/DuoDevice' - required: - - pagination - - results - PaginatedEmailStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/EmailStage' - required: - - pagination - - results - PaginatedEventList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Event' - required: - - pagination - - results - PaginatedEventMatcherPolicyList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/EventMatcherPolicy' - required: - - pagination - - results - PaginatedExpiringBaseGrantModelList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/ExpiringBaseGrantModel' - required: - - pagination - - results - PaginatedExpressionPolicyList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/ExpressionPolicy' - required: - - pagination - - results - PaginatedFlowList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Flow' - required: - - pagination - - results - PaginatedFlowStageBindingList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/FlowStageBinding' - required: - - pagination - - results - PaginatedGroupList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Group' - required: - - pagination - - results - PaginatedHaveIBeenPwendPolicyList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/HaveIBeenPwendPolicy' - required: - - pagination - - results - PaginatedIdentificationStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/IdentificationStage' - required: - - pagination - - results - PaginatedInvitationList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Invitation' - required: - - pagination - - results - PaginatedInvitationStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/InvitationStage' - required: - - pagination - - results - PaginatedKubernetesServiceConnectionList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/KubernetesServiceConnection' - required: - - pagination - - results - PaginatedLDAPOutpostConfigList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/LDAPOutpostConfig' - required: - - pagination - - results - PaginatedLDAPPropertyMappingList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/LDAPPropertyMapping' - required: - - pagination - - results - PaginatedLDAPProviderList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/LDAPProvider' - required: - - pagination - - results - PaginatedLDAPSourceList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/LDAPSource' - required: - - pagination - - results - PaginatedNotificationList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Notification' - required: - - pagination - - results - PaginatedNotificationRuleList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/NotificationRule' - required: - - pagination - - results - PaginatedNotificationTransportList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/NotificationTransport' - required: - - pagination - - results - PaginatedNotificationWebhookMappingList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/NotificationWebhookMapping' - required: - - pagination - - results - PaginatedOAuth2ProviderList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/OAuth2Provider' - required: - - pagination - - results - PaginatedOAuthSourceList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/OAuthSource' - required: - - pagination - - results - PaginatedOutpostList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Outpost' - required: - - pagination - - results - PaginatedPasswordExpiryPolicyList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/PasswordExpiryPolicy' - required: - - pagination - - results - PaginatedPasswordPolicyList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/PasswordPolicy' - required: - - pagination - - results - PaginatedPasswordStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/PasswordStage' - required: - - pagination - - results - PaginatedPlexSourceConnectionList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/PlexSourceConnection' - required: - - pagination - - results - PaginatedPlexSourceList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/PlexSource' - required: - - pagination - - results - PaginatedPolicyBindingList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/PolicyBinding' - required: - - pagination - - results - PaginatedPolicyList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Policy' - required: - - pagination - - results - PaginatedPromptList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Prompt' - required: - - pagination - - results - PaginatedPromptStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/PromptStage' - required: - - pagination - - results - PaginatedPropertyMappingList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/PropertyMapping' - required: - - pagination - - results - PaginatedProviderList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Provider' - required: - - pagination - - results - PaginatedProxyOutpostConfigList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/ProxyOutpostConfig' - required: - - pagination - - results - PaginatedProxyProviderList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/ProxyProvider' - required: - - pagination - - results - PaginatedRefreshTokenModelList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/RefreshTokenModel' - required: - - pagination - - results - PaginatedReputationList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Reputation' - required: - - pagination - - results - PaginatedReputationPolicyList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/ReputationPolicy' - required: - - pagination - - results - PaginatedSAMLPropertyMappingList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/SAMLPropertyMapping' - required: - - pagination - - results - PaginatedSAMLProviderList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/SAMLProvider' - required: - - pagination - - results - PaginatedSAMLSourceList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/SAMLSource' - required: - - pagination - - results - PaginatedSMSDeviceList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/SMSDevice' - required: - - pagination - - results - PaginatedScopeMappingList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/ScopeMapping' - required: - - pagination - - results - PaginatedServiceConnectionList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/ServiceConnection' - required: - - pagination - - results - PaginatedSourceList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Source' - required: - - pagination - - results - PaginatedStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Stage' - required: - - pagination - - results - PaginatedStaticDeviceList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/StaticDevice' - required: - - pagination - - results - PaginatedTOTPDeviceList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/TOTPDevice' - required: - - pagination - - results - PaginatedTenantList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Tenant' - required: - - pagination - - results - PaginatedTokenList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/Token' - required: - - pagination - - results - PaginatedUserConsentList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/UserConsent' - required: - - pagination - - results - PaginatedUserDeleteStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/UserDeleteStage' - required: - - pagination - - results - PaginatedUserList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/User' - required: - - pagination - - results - PaginatedUserLoginStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/UserLoginStage' - required: - - pagination - - results - PaginatedUserLogoutStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/UserLogoutStage' - required: - - pagination - - results - PaginatedUserOAuthSourceConnectionList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/UserOAuthSourceConnection' - required: - - pagination - - results - PaginatedUserSAMLSourceConnectionList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/UserSAMLSourceConnection' - required: - - pagination - - results - PaginatedUserSourceConnectionList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/UserSourceConnection' - required: - - pagination - - results - PaginatedUserWriteStageList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/UserWriteStage' - required: - - pagination - - results - PaginatedWebAuthnDeviceList: - type: object - properties: - pagination: - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - results: - type: array - items: - $ref: '#/components/schemas/WebAuthnDevice' - required: - - pagination - - results - PasswordChallenge: - type: object - description: Password challenge UI fields - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-password - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - pending_user: - type: string - pending_user_avatar: - type: string - recovery_url: - type: string - required: - - pending_user - - pending_user_avatar - - type - PasswordChallengeResponseRequest: - type: object - description: Password challenge response - properties: - component: - type: string - minLength: 1 - default: ak-stage-password - password: - type: string - minLength: 1 - required: - - password - PasswordExpiryPolicy: - type: object - description: Password Expiry Policy Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Policy uuid - name: - type: string - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - bound_to: - type: integer - readOnly: true - days: - type: integer - maximum: 2147483647 - minimum: -2147483648 - deny_only: - type: boolean - required: - - bound_to - - component - - days - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - PasswordExpiryPolicyRequest: - type: object - description: Password Expiry Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - days: - type: integer - maximum: 2147483647 - minimum: -2147483648 - deny_only: - type: boolean - required: - - days - - name - PasswordPolicy: - type: object - description: Password Policy Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Policy uuid - name: - type: string - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - bound_to: - type: integer - readOnly: true - password_field: - type: string - description: Field key to check, field keys defined in Prompt stages are - available. - amount_digits: - type: integer - maximum: 2147483647 - minimum: 0 - amount_uppercase: - type: integer - maximum: 2147483647 - minimum: 0 - amount_lowercase: - type: integer - maximum: 2147483647 - minimum: 0 - amount_symbols: - type: integer - maximum: 2147483647 - minimum: 0 - length_min: - type: integer - maximum: 2147483647 - minimum: 0 - symbol_charset: - type: string - error_message: - type: string - check_static_rules: - type: boolean - check_have_i_been_pwned: - type: boolean - check_zxcvbn: - type: boolean - hibp_allowed_count: - type: integer - maximum: 2147483647 - minimum: 0 - description: How many times the password hash is allowed to be on haveibeenpwned - zxcvbn_score_threshold: - type: integer - maximum: 2147483647 - minimum: 0 - description: If the zxcvbn score is equal or less than this value, the policy - will fail. - required: - - bound_to - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - PasswordPolicyRequest: - type: object - description: Password Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - password_field: - type: string - minLength: 1 - description: Field key to check, field keys defined in Prompt stages are - available. - amount_digits: - type: integer - maximum: 2147483647 - minimum: 0 - amount_uppercase: - type: integer - maximum: 2147483647 - minimum: 0 - amount_lowercase: - type: integer - maximum: 2147483647 - minimum: 0 - amount_symbols: - type: integer - maximum: 2147483647 - minimum: 0 - length_min: - type: integer - maximum: 2147483647 - minimum: 0 - symbol_charset: - type: string - minLength: 1 - error_message: - type: string - check_static_rules: - type: boolean - check_have_i_been_pwned: - type: boolean - check_zxcvbn: - type: boolean - hibp_allowed_count: - type: integer - maximum: 2147483647 - minimum: 0 - description: How many times the password hash is allowed to be on haveibeenpwned - zxcvbn_score_threshold: - type: integer - maximum: 2147483647 - minimum: 0 - description: If the zxcvbn score is equal or less than this value, the policy - will fail. - required: - - name - PasswordStage: - type: object - description: PasswordStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - backends: - type: array - items: - $ref: '#/components/schemas/BackendsEnum' - description: Selection of backends to test the password against. - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - failed_attempts_before_cancel: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: How many attempts a user has before the flow is canceled. To - lock the user out, use a reputation policy and a user_write stage. - required: - - backends - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - PasswordStageRequest: - type: object - description: PasswordStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - backends: - type: array - items: - $ref: '#/components/schemas/BackendsEnum' - description: Selection of backends to test the password against. - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - failed_attempts_before_cancel: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: How many attempts a user has before the flow is canceled. To - lock the user out, use a reputation policy and a user_write stage. - required: - - backends - - name - PatchedApplicationRequest: - type: object - description: Application Serializer - properties: - name: - type: string - minLength: 1 - description: Application's display Name. - slug: - type: string - minLength: 1 - description: Internal application name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - provider: - type: integer - nullable: true - open_in_new_tab: - type: boolean - description: Open launch URL in a new browser tab or window. - meta_launch_url: - type: string - format: uri - meta_description: - type: string - meta_publisher: - type: string - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - group: - type: string - PatchedAuthenticateWebAuthnStageRequest: - type: object - description: AuthenticateWebAuthnStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - user_verification: - $ref: '#/components/schemas/UserVerificationEnum' - authenticator_attachment: - allOf: - - $ref: '#/components/schemas/AuthenticatorAttachmentEnum' - nullable: true - resident_key_requirement: - $ref: '#/components/schemas/ResidentKeyRequirementEnum' - PatchedAuthenticatorDuoStageRequest: - type: object - description: AuthenticatorDuoStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - client_id: - type: string - minLength: 1 - client_secret: - type: string - writeOnly: true - minLength: 1 - api_hostname: - type: string - minLength: 1 - admin_integration_key: - type: string - admin_secret_key: - type: string - writeOnly: true - PatchedAuthenticatorSMSStageRequest: - type: object - description: AuthenticatorSMSStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - provider: - $ref: '#/components/schemas/ProviderEnum' - from_number: - type: string - minLength: 1 - account_sid: - type: string - minLength: 1 - auth: - type: string - minLength: 1 - auth_password: - type: string - auth_type: - $ref: '#/components/schemas/AuthTypeEnum' - verify_only: - type: boolean - description: When enabled, the Phone number is only used during enrollment - to verify the users authenticity. Only a hash of the phone number is saved - to ensure it is not re-used in the future. - mapping: - type: string - format: uuid - nullable: true - description: Optionally modify the payload being sent to custom providers. - PatchedAuthenticatorStaticStageRequest: - type: object - description: AuthenticatorStaticStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - token_count: - type: integer - maximum: 2147483647 - minimum: -2147483648 - PatchedAuthenticatorTOTPStageRequest: - type: object - description: AuthenticatorTOTPStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - digits: - allOf: - - $ref: '#/components/schemas/DigitsEnum' - minimum: -2147483648 - maximum: 2147483647 - PatchedAuthenticatorValidateStageRequest: - type: object - description: AuthenticatorValidateStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - not_configured_action: - $ref: '#/components/schemas/NotConfiguredActionEnum' - device_classes: - type: array - items: - $ref: '#/components/schemas/DeviceClassesEnum' - description: Device classes which can be used to authenticate - configuration_stages: - type: array - items: - type: string - format: uuid - description: Stages used to configure Authenticator when user doesn't have - any compatible devices. After this configuration Stage passes, the user - is not prompted again. - last_auth_threshold: - type: string - minLength: 1 - description: If any of the user's device has been used within this threshold, - this stage will be skipped - webauthn_user_verification: - allOf: - - $ref: '#/components/schemas/UserVerificationEnum' - description: Enforce user verification for WebAuthn devices. - PatchedBlueprintInstanceRequest: - type: object - description: Info about a single blueprint instance file - properties: - name: - type: string - minLength: 1 - path: - type: string - minLength: 1 - context: - type: object - additionalProperties: {} - enabled: - type: boolean - PatchedCaptchaStageRequest: - type: object - description: CaptchaStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - public_key: - type: string - minLength: 1 - description: Public key, acquired your captcha Provider. - private_key: - type: string - writeOnly: true - minLength: 1 - description: Private key, acquired your captcha Provider. - js_url: - type: string - minLength: 1 - api_url: - type: string - minLength: 1 - PatchedCertificateKeyPairRequest: - type: object - description: CertificateKeyPair Serializer - properties: - name: - type: string - minLength: 1 - certificate_data: - type: string - writeOnly: true - minLength: 1 - description: PEM-encoded Certificate data - key_data: - type: string - writeOnly: true - description: Optional Private Key. If this is set, you can use this keypair - for encryption. - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - PatchedConsentStageRequest: - type: object - description: ConsentStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - mode: - $ref: '#/components/schemas/ConsentStageModeEnum' - consent_expire_in: - type: string - minLength: 1 - title: Consent expires in - description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' - PatchedDenyStageRequest: - type: object - description: DenyStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - PatchedDockerServiceConnectionRequest: - type: object - description: DockerServiceConnection Serializer - properties: - name: - type: string - minLength: 1 - local: - type: boolean - description: If enabled, use the local connection. Required Docker socket/Kubernetes - Integration - url: - type: string - minLength: 1 - description: Can be in the format of 'unix://' when connecting to - a local docker daemon, or 'https://:2376' when connecting to - a remote system. - tls_verification: - type: string - format: uuid - nullable: true - description: CA which the endpoint's Certificate is verified against. Can - be left empty for no validation. - tls_authentication: - type: string - format: uuid - nullable: true - description: Certificate/Key used for authentication. Can be left empty - for no authentication. - PatchedDummyPolicyRequest: - type: object - description: Dummy Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - result: - type: boolean - wait_min: - type: integer - maximum: 2147483647 - minimum: -2147483648 - wait_max: - type: integer - maximum: 2147483647 - minimum: -2147483648 - PatchedDummyStageRequest: - type: object - description: DummyStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - PatchedDuoDeviceRequest: - type: object - description: Serializer for Duo authenticator devices - properties: - name: - type: string - minLength: 1 - description: The human-readable name of this device. - maxLength: 64 - PatchedEmailStageRequest: - type: object - description: EmailStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - use_global_settings: - type: boolean - description: When enabled, global Email connection settings will be used - and connection settings below will be ignored. - host: - type: string - minLength: 1 - port: - type: integer - maximum: 2147483647 - minimum: -2147483648 - username: - type: string - password: - type: string - writeOnly: true - use_tls: - type: boolean - use_ssl: - type: boolean - timeout: - type: integer - maximum: 2147483647 - minimum: -2147483648 - from_address: - type: string - format: email - minLength: 1 - maxLength: 254 - token_expiry: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: Time in minutes the token sent is valid. - subject: - type: string - minLength: 1 - template: - type: string - minLength: 1 - activate_user_on_success: - type: boolean - description: Activate users upon completion of stage. - PatchedEventMatcherPolicyRequest: - type: object - description: Event Matcher Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - action: - allOf: - - $ref: '#/components/schemas/EventActions' - description: Match created events with this action type. When left empty, - all action types will be matched. - client_ip: - type: string - description: Matches Event's Client IP (strict matching, for network matching - use an Expression Policy) - app: - allOf: - - $ref: '#/components/schemas/AppEnum' - description: Match events created by selected application. When left empty, - all applications are matched. - PatchedEventRequest: - type: object - description: Event Serializer - properties: - user: - type: object - additionalProperties: {} - action: - $ref: '#/components/schemas/EventActions' - app: - type: string - minLength: 1 - context: - type: object - additionalProperties: {} - client_ip: - type: string - nullable: true - minLength: 1 - expires: - type: string - format: date-time - tenant: - type: object - additionalProperties: {} - PatchedExpressionPolicyRequest: - type: object - description: Group Membership Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - expression: - type: string - minLength: 1 - PatchedFlowRequest: - type: object - description: Flow Serializer - properties: - name: - type: string - minLength: 1 - slug: - type: string - minLength: 1 - description: Visible in the URL. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - title: - type: string - minLength: 1 - description: Shown as the Title in Flow pages. - designation: - allOf: - - $ref: '#/components/schemas/FlowDesignationEnum' - description: Decides what this Flow is used for. For example, the Authentication - flow is redirect to when an un-authenticated user visits authentik. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - compatibility_mode: - type: boolean - description: Enable compatibility mode, increases compatibility with password - managers on mobile devices. - layout: - $ref: '#/components/schemas/LayoutEnum' - denied_action: - allOf: - - $ref: '#/components/schemas/DeniedActionEnum' - description: Configure what should happen when a flow denies access to a - user. - authentication: - allOf: - - $ref: '#/components/schemas/AuthenticationEnum' - description: Required level of authentication and authorization to access - a flow. - PatchedFlowStageBindingRequest: - type: object - description: FlowStageBinding Serializer - properties: - target: - type: string - format: uuid - stage: - type: string - format: uuid - evaluate_on_plan: - type: boolean - description: Evaluate policies during the Flow planning process. Disable - this for input-based policies. - re_evaluate_policies: - type: boolean - description: Evaluate policies when the Stage is present to the user. - order: - type: integer - maximum: 2147483647 - minimum: -2147483648 - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - invalid_response_action: - allOf: - - $ref: '#/components/schemas/InvalidResponseActionEnum' - description: Configure how the flow executor should handle an invalid response - to a challenge. RETRY returns the error message and a similar challenge - to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT - restarts the flow while keeping the current context. - PatchedGroupRequest: - type: object - description: Group Serializer - properties: - name: - type: string - minLength: 1 - maxLength: 80 - is_superuser: - type: boolean - description: Users added to this group will be superusers. - parent: - type: string - format: uuid - nullable: true - users: - type: array - items: - type: integer - attributes: - type: object - additionalProperties: {} - PatchedHaveIBeenPwendPolicyRequest: - type: object - description: Have I Been Pwned Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - password_field: - type: string - minLength: 1 - description: Field key to check, field keys defined in Prompt stages are - available. - allowed_count: - type: integer - maximum: 2147483647 - minimum: -2147483648 - PatchedIdentificationStageRequest: - type: object - description: IdentificationStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - user_fields: - type: array - items: - $ref: '#/components/schemas/UserFieldsEnum' - description: Fields of the user object to match against. (Hold shift to - select multiple options) - password_stage: - type: string - format: uuid - nullable: true - description: When set, shows a password field, instead of showing the password - field as seaprate step. - case_insensitive_matching: - type: boolean - description: When enabled, user fields are matched regardless of their casing. - show_matched_user: - type: boolean - description: When a valid username/email has been entered, and this option - is enabled, the user's username and avatar will be shown. Otherwise, the - text that the user entered will be shown - enrollment_flow: - type: string - format: uuid - nullable: true - description: Optional enrollment flow, which is linked at the bottom of - the page. - recovery_flow: - type: string - format: uuid - nullable: true - description: Optional recovery flow, which is linked at the bottom of the - page. - passwordless_flow: - type: string - format: uuid - nullable: true - description: Optional passwordless flow, which is linked at the bottom of - the page. - sources: - type: array - items: - type: string - format: uuid - description: Specify which sources should be shown. - show_source_labels: - type: boolean - PatchedInvitationRequest: - type: object - description: Invitation Serializer - properties: - name: - type: string - minLength: 1 - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - expires: - type: string - format: date-time - fixed_data: - type: object - additionalProperties: {} - single_use: - type: boolean - description: When enabled, the invitation will be deleted after usage. - flow: - type: string - format: uuid - nullable: true - description: When set, only the configured flow can use this invitation. - PatchedInvitationStageRequest: - type: object - description: InvitationStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - continue_flow_without_invitation: - type: boolean - description: If this flag is set, this Stage will jump to the next Stage - when no Invitation is given. By default this Stage will cancel the Flow - when no invitation is given. - PatchedKubernetesServiceConnectionRequest: - type: object - description: KubernetesServiceConnection Serializer - properties: - name: - type: string - minLength: 1 - local: - type: boolean - description: If enabled, use the local connection. Required Docker socket/Kubernetes - Integration - kubeconfig: - type: object - additionalProperties: {} - description: Paste your kubeconfig here. authentik will automatically use - the currently selected context. - verify_ssl: - type: boolean - description: Verify SSL Certificates of the Kubernetes API endpoint - PatchedLDAPPropertyMappingRequest: - type: object - description: LDAP PropertyMapping Serializer - properties: - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - name: - type: string - minLength: 1 - expression: - type: string - minLength: 1 - object_field: - type: string - minLength: 1 - PatchedLDAPProviderRequest: - type: object - description: LDAPProvider Serializer - properties: - name: - type: string - minLength: 1 - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - base_dn: - type: string - minLength: 1 - description: DN under which objects are accessible. - search_group: - type: string - format: uuid - nullable: true - description: Users in this group can do search queries. If not set, every - user can execute search queries. - certificate: - type: string - format: uuid - nullable: true - tls_server_name: - type: string - uid_start_number: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: The start for uidNumbers, this number is added to the user.Pk - to make sure that the numbers aren't too low for POSIX users. Default - is 2000 to ensure that we don't collide with local users uidNumber - gid_start_number: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: The start for gidNumbers, this number is added to a number - generated from the group.Pk to make sure that the numbers aren't too low - for POSIX groups. Default is 4000 to ensure that we don't collide with - local groups or users primary groups gidNumber - search_mode: - $ref: '#/components/schemas/LDAPAPIAccessMode' - bind_mode: - $ref: '#/components/schemas/LDAPAPIAccessMode' - PatchedLDAPSourceRequest: - type: object - description: LDAP Source Serializer - properties: - name: - type: string - minLength: 1 - description: Source's display Name. - slug: - type: string - minLength: 1 - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - user_path_template: - type: string - minLength: 1 - server_uri: - type: string - minLength: 1 - format: uri - peer_certificate: - type: string - format: uuid - nullable: true - description: Optionally verify the LDAP Server's Certificate against the - CA Chain in this keypair. - bind_cn: - type: string - bind_password: - type: string - writeOnly: true - start_tls: - type: boolean - title: Enable Start TLS - base_dn: - type: string - minLength: 1 - additional_user_dn: - type: string - title: Addition User DN - description: Prepended to Base DN for User-queries. - additional_group_dn: - type: string - title: Addition Group DN - description: Prepended to Base DN for Group-queries. - user_object_filter: - type: string - minLength: 1 - description: Consider Objects matching this filter to be Users. - group_object_filter: - type: string - minLength: 1 - description: Consider Objects matching this filter to be Groups. - group_membership_field: - type: string - minLength: 1 - description: Field which contains members of a group. - object_uniqueness_field: - type: string - minLength: 1 - description: Field which contains a unique Identifier. - sync_users: - type: boolean - sync_users_password: - type: boolean - description: When a user changes their password, sync it back to LDAP. This - can only be enabled on a single LDAP source. - sync_groups: - type: boolean - sync_parent_group: - type: string - format: uuid - nullable: true - property_mappings: - type: array - items: - type: string - format: uuid - property_mappings_group: - type: array - items: - type: string - format: uuid - description: Property mappings used for group creation/updating. - PatchedNotificationRequest: - type: object - description: Notification Serializer - properties: - event: - $ref: '#/components/schemas/EventRequest' - seen: - type: boolean - PatchedNotificationRuleRequest: - type: object - description: NotificationRule Serializer - properties: - name: - type: string - minLength: 1 - transports: - type: array - items: - type: string - format: uuid - description: Select which transports should be used to notify the user. - If none are selected, the notification will only be shown in the authentik - UI. - severity: - allOf: - - $ref: '#/components/schemas/SeverityEnum' - description: Controls which severity level the created notifications will - have. - group: - type: string - format: uuid - nullable: true - description: Define which group of users this notification should be sent - and shown to. If left empty, Notification won't ben sent. - PatchedNotificationTransportRequest: - type: object - description: NotificationTransport Serializer - properties: - name: - type: string - minLength: 1 - mode: - $ref: '#/components/schemas/NotificationTransportModeEnum' - webhook_url: - type: string - format: uri - webhook_mapping: - type: string - format: uuid - nullable: true - send_once: - type: boolean - description: Only send notification once, for example when sending a webhook - into a chat channel. - PatchedNotificationWebhookMappingRequest: - type: object - description: NotificationWebhookMapping Serializer - properties: - name: - type: string - minLength: 1 - expression: - type: string - minLength: 1 - PatchedOAuth2ProviderRequest: - type: object - description: OAuth2Provider Serializer - properties: - name: - type: string - minLength: 1 - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - client_type: - allOf: - - $ref: '#/components/schemas/ClientTypeEnum' - description: Confidential clients are capable of maintaining the confidentiality - of their credentials. Public clients are incapable - client_id: - type: string - minLength: 1 - maxLength: 255 - client_secret: - type: string - maxLength: 255 - access_code_validity: - type: string - minLength: 1 - description: 'Access codes not valid on or after current time + this value - (Format: hours=1;minutes=2;seconds=3).' - token_validity: - type: string - minLength: 1 - description: 'Tokens not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - include_claims_in_id_token: - type: boolean - description: Include User claims from scopes in the id_token, for applications - that don't access the userinfo endpoint. - signing_key: - type: string - format: uuid - nullable: true - description: Key used to sign the tokens. Only required when JWT Algorithm - is set to RS256. - redirect_uris: - type: string - description: Enter each URI on a new line. - sub_mode: - allOf: - - $ref: '#/components/schemas/SubModeEnum' - description: Configure what data should be used as unique User Identifier. - For most cases, the default should be fine. - issuer_mode: - allOf: - - $ref: '#/components/schemas/IssuerModeEnum' - description: Configure how the issuer field of the ID Token should be filled. - jwks_sources: - type: array - items: - type: string - format: uuid - title: Any JWT signed by the JWK of the selected source can be used to - authenticate. - title: Any JWT signed by the JWK of the selected source can be used to authenticate. - PatchedOAuthSourceRequest: - type: object - description: OAuth Source Serializer - properties: - name: - type: string - minLength: 1 - description: Source's display Name. - slug: - type: string - minLength: 1 - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - user_path_template: - type: string - minLength: 1 - provider_type: - $ref: '#/components/schemas/ProviderTypeEnum' - request_token_url: - type: string - nullable: true - minLength: 1 - description: URL used to request the initial token. This URL is only required - for OAuth 1. - maxLength: 255 - authorization_url: - type: string - nullable: true - minLength: 1 - description: URL the user is redirect to to conest the flow. - maxLength: 255 - access_token_url: - type: string - nullable: true - minLength: 1 - description: URL used by authentik to retrieve tokens. - maxLength: 255 - profile_url: - type: string - nullable: true - minLength: 1 - description: URL used by authentik to get user information. - maxLength: 255 - consumer_key: - type: string - minLength: 1 - consumer_secret: - type: string - writeOnly: true - minLength: 1 - additional_scopes: - type: string - oidc_well_known_url: - type: string - oidc_jwks_url: - type: string - oidc_jwks: - type: object - additionalProperties: {} - PatchedOutpostRequest: - type: object - description: Outpost Serializer - properties: - name: - type: string - minLength: 1 - type: - $ref: '#/components/schemas/OutpostTypeEnum' - providers: - type: array - items: - type: integer - service_connection: - type: string - format: uuid - nullable: true - description: Select Service-Connection authentik should use to manage this - outpost. Leave empty if authentik should not handle the deployment. - config: - type: object - additionalProperties: {} - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - PatchedPasswordExpiryPolicyRequest: - type: object - description: Password Expiry Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - days: - type: integer - maximum: 2147483647 - minimum: -2147483648 - deny_only: - type: boolean - PatchedPasswordPolicyRequest: - type: object - description: Password Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - password_field: - type: string - minLength: 1 - description: Field key to check, field keys defined in Prompt stages are - available. - amount_digits: - type: integer - maximum: 2147483647 - minimum: 0 - amount_uppercase: - type: integer - maximum: 2147483647 - minimum: 0 - amount_lowercase: - type: integer - maximum: 2147483647 - minimum: 0 - amount_symbols: - type: integer - maximum: 2147483647 - minimum: 0 - length_min: - type: integer - maximum: 2147483647 - minimum: 0 - symbol_charset: - type: string - minLength: 1 - error_message: - type: string - check_static_rules: - type: boolean - check_have_i_been_pwned: - type: boolean - check_zxcvbn: - type: boolean - hibp_allowed_count: - type: integer - maximum: 2147483647 - minimum: 0 - description: How many times the password hash is allowed to be on haveibeenpwned - zxcvbn_score_threshold: - type: integer - maximum: 2147483647 - minimum: 0 - description: If the zxcvbn score is equal or less than this value, the policy - will fail. - PatchedPasswordStageRequest: - type: object - description: PasswordStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - backends: - type: array - items: - $ref: '#/components/schemas/BackendsEnum' - description: Selection of backends to test the password against. - configure_flow: - type: string - format: uuid - nullable: true - description: Flow used by an authenticated user to configure this Stage. - If empty, user will not be able to configure this stage. - failed_attempts_before_cancel: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: How many attempts a user has before the flow is canceled. To - lock the user out, use a reputation policy and a user_write stage. - PatchedPlexSourceConnectionRequest: - type: object - description: Plex Source connection Serializer - properties: - identifier: - type: string - minLength: 1 - plex_token: - type: string - minLength: 1 - PatchedPlexSourceRequest: - type: object - description: Plex Source Serializer - properties: - name: - type: string - minLength: 1 - description: Source's display Name. - slug: - type: string - minLength: 1 - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - user_path_template: - type: string - minLength: 1 - client_id: - type: string - minLength: 1 - description: Client identifier used to talk to Plex. - allowed_servers: - type: array - items: - type: string - minLength: 1 - description: Which servers a user has to be a member of to be granted access. - Empty list allows every server. - allow_friends: - type: boolean - description: Allow friends to authenticate, even if you don't share a server. - plex_token: - type: string - minLength: 1 - description: Plex token used to check friends - PatchedPolicyBindingRequest: - type: object - description: PolicyBinding Serializer - properties: - policy: - type: string - format: uuid - nullable: true - group: - type: string - format: uuid - nullable: true - user: - type: integer - nullable: true - target: - type: string - format: uuid - negate: - type: boolean - description: Negates the outcome of the policy. Messages are unaffected. - enabled: - type: boolean - order: - type: integer - maximum: 2147483647 - minimum: -2147483648 - timeout: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: Timeout after which Policy execution is terminated. - PatchedPromptRequest: - type: object - description: Prompt Serializer - properties: - field_key: - type: string - minLength: 1 - description: Name of the form field, also used to store the value - label: - type: string - minLength: 1 - type: - $ref: '#/components/schemas/PromptTypeEnum' - required: - type: boolean - placeholder: - type: string - order: - type: integer - maximum: 2147483647 - minimum: -2147483648 - promptstage_set: - type: array - items: - $ref: '#/components/schemas/StageRequest' - sub_text: - type: string - placeholder_expression: - type: boolean - PatchedPromptStageRequest: - type: object - description: PromptStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - fields: - type: array - items: - type: string - format: uuid - validation_policies: - type: array - items: - type: string - format: uuid - PatchedProxyProviderRequest: - type: object - description: ProxyProvider Serializer - properties: - name: - type: string - minLength: 1 - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - internal_host: - type: string - format: uri - external_host: - type: string - minLength: 1 - format: uri - internal_host_ssl_validation: - type: boolean - description: Validate SSL Certificates of upstream servers - certificate: - type: string - format: uuid - nullable: true - skip_path_regex: - type: string - description: Regular expressions for which authentication is not required. - Each new line is interpreted as a new Regular Expression. - basic_auth_enabled: - type: boolean - title: Set HTTP-Basic Authentication - description: Set a custom HTTP-Basic Authentication header based on values - from authentik. - basic_auth_password_attribute: - type: string - title: HTTP-Basic Password Key - description: User/Group Attribute used for the password part of the HTTP-Basic - Header. - basic_auth_user_attribute: - type: string - title: HTTP-Basic Username Key - description: User/Group Attribute used for the user part of the HTTP-Basic - Header. If not set, the user's Email address is used. - mode: - allOf: - - $ref: '#/components/schemas/ProxyMode' - description: Enable support for forwardAuth in traefik and nginx auth_request. - Exclusive with internal_host. - cookie_domain: - type: string - token_validity: - type: string - minLength: 1 - description: 'Tokens not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - PatchedReputationPolicyRequest: - type: object - description: Reputation Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - check_ip: - type: boolean - check_username: - type: boolean - threshold: - type: integer - maximum: 2147483647 - minimum: -2147483648 - PatchedSAMLPropertyMappingRequest: - type: object - description: SAMLPropertyMapping Serializer - properties: - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - name: - type: string - minLength: 1 - expression: - type: string - minLength: 1 - saml_name: - type: string - minLength: 1 - friendly_name: - type: string - nullable: true - PatchedSAMLProviderRequest: - type: object - description: SAMLProvider Serializer - properties: - name: - type: string - minLength: 1 - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - acs_url: - type: string - format: uri - minLength: 1 - maxLength: 200 - audience: - type: string - description: Value of the audience restriction field of the assertion. When - left empty, no audience restriction will be added. - issuer: - type: string - minLength: 1 - description: Also known as EntityID - assertion_valid_not_before: - type: string - minLength: 1 - description: 'Assertion valid not before current time + this value (Format: - hours=-1;minutes=-2;seconds=-3).' - assertion_valid_not_on_or_after: - type: string - minLength: 1 - description: 'Assertion not valid on or after current time + this value - (Format: hours=1;minutes=2;seconds=3).' - session_valid_not_on_or_after: - type: string - minLength: 1 - description: 'Session not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - name_id_mapping: - type: string - format: uuid - nullable: true - title: NameID Property Mapping - description: Configure how the NameID value will be created. When left empty, - the NameIDPolicy of the incoming request will be considered - digest_algorithm: - $ref: '#/components/schemas/DigestAlgorithmEnum' - signature_algorithm: - $ref: '#/components/schemas/SignatureAlgorithmEnum' - signing_kp: - type: string - format: uuid - nullable: true - title: Signing Keypair - description: Keypair used to sign outgoing Responses going to the Service - Provider. - verification_kp: - type: string - format: uuid - nullable: true - title: Verification Certificate - description: When selected, incoming assertion's Signatures will be validated - against this certificate. To allow unsigned Requests, leave on default. - sp_binding: - allOf: - - $ref: '#/components/schemas/SpBindingEnum' - title: Service Provider Binding - description: This determines how authentik sends the response back to the - Service Provider. - PatchedSAMLSourceRequest: - type: object - description: SAMLSource Serializer - properties: - name: - type: string - minLength: 1 - description: Source's display Name. - slug: - type: string - minLength: 1 - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - user_path_template: - type: string - minLength: 1 - pre_authentication_flow: - type: string - format: uuid - description: Flow used before authentication. - issuer: - type: string - description: Also known as Entity ID. Defaults the Metadata URL. - sso_url: - type: string - format: uri - minLength: 1 - description: URL that the initial Login request is sent to. - maxLength: 200 - slo_url: - type: string - format: uri - nullable: true - description: Optional URL if your IDP supports Single-Logout. - maxLength: 200 - allow_idp_initiated: - type: boolean - description: Allows authentication flows initiated by the IdP. This can - be a security risk, as no validation of the request ID is done. - name_id_policy: - allOf: - - $ref: '#/components/schemas/NameIdPolicyEnum' - description: NameID Policy sent to the IdP. Can be unset, in which case - no Policy is sent. - binding_type: - $ref: '#/components/schemas/BindingTypeEnum' - signing_kp: - type: string - format: uuid - nullable: true - title: Signing Keypair - description: Keypair which is used to sign outgoing requests. Leave empty - to disable signing. - digest_algorithm: - $ref: '#/components/schemas/DigestAlgorithmEnum' - signature_algorithm: - $ref: '#/components/schemas/SignatureAlgorithmEnum' - temporary_user_delete_after: - type: string - minLength: 1 - title: Delete temporary users after - description: 'Time offset when temporary users should be deleted. This only - applies if your IDP uses the NameID Format ''transient'', and the user - doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' - PatchedSMSDeviceRequest: - type: object - description: Serializer for sms authenticator devices - properties: - name: - type: string - minLength: 1 - description: The human-readable name of this device. - maxLength: 64 - PatchedScopeMappingRequest: - type: object - description: ScopeMapping Serializer - properties: - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - name: - type: string - minLength: 1 - expression: - type: string - minLength: 1 - scope_name: - type: string - minLength: 1 - description: Scope used by the client - description: - type: string - description: Description shown to the user when consenting. If left empty, - the user won't be informed. - PatchedStaticDeviceRequest: - type: object - description: Serializer for static authenticator devices - properties: - name: - type: string - minLength: 1 - description: The human-readable name of this device. - maxLength: 64 - PatchedTOTPDeviceRequest: - type: object - description: Serializer for totp authenticator devices - properties: - name: - type: string - minLength: 1 - description: The human-readable name of this device. - maxLength: 64 - PatchedTenantRequest: - type: object - description: Tenant Serializer - properties: - domain: - type: string - minLength: 1 - description: Domain that activates this tenant. Can be a superset, i.e. - `a.b` for `aa.b` and `ba.b` - default: - type: boolean - branding_title: - type: string - minLength: 1 - branding_logo: - type: string - minLength: 1 - branding_favicon: - type: string - minLength: 1 - flow_authentication: - type: string - format: uuid - nullable: true - flow_invalidation: - type: string - format: uuid - nullable: true - flow_recovery: - type: string - format: uuid - nullable: true - flow_unenrollment: - type: string - format: uuid - nullable: true - flow_user_settings: - type: string - format: uuid - nullable: true - flow_device_code: - type: string - format: uuid - nullable: true - event_retention: - type: string - minLength: 1 - description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).' - web_certificate: - type: string - format: uuid - nullable: true - description: Web Certificate used by the authentik Core webserver. - attributes: - type: object - additionalProperties: {} - PatchedTokenRequest: - type: object - description: Token Serializer - properties: - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - identifier: - type: string - minLength: 1 - maxLength: 255 - pattern: ^[-a-zA-Z0-9_]+$ - intent: - $ref: '#/components/schemas/IntentEnum' - user: - type: integer - description: - type: string - expires: - type: string - format: date-time - expiring: - type: boolean - PatchedUserDeleteStageRequest: - type: object - description: UserDeleteStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - PatchedUserLoginStageRequest: - type: object - description: UserLoginStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - session_duration: - type: string - minLength: 1 - description: 'Determines how long a session lasts. Default of 0 means that - the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' - PatchedUserLogoutStageRequest: - type: object - description: UserLogoutStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - PatchedUserOAuthSourceConnectionRequest: - type: object - description: OAuth Source Serializer - properties: - user: - type: integer - identifier: - type: string - minLength: 1 - maxLength: 255 - access_token: - type: string - writeOnly: true - nullable: true - PatchedUserRequest: - type: object - description: User Serializer - properties: - username: - type: string - minLength: 1 - maxLength: 150 - name: - type: string - description: User's display name. - is_active: - type: boolean - title: Active - description: Designates whether this user should be treated as active. Unselect - this instead of deleting accounts. - last_login: - type: string - format: date-time - nullable: true - groups: - type: array - items: - type: string - format: uuid - email: - type: string - format: email - title: Email address - maxLength: 254 - attributes: - type: object - additionalProperties: {} - path: - type: string - minLength: 1 - PatchedUserSAMLSourceConnectionRequest: - type: object - description: SAML Source Serializer - properties: - user: - type: integer - identifier: - type: string - minLength: 1 - PatchedUserWriteStageRequest: - type: object - description: UserWriteStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - create_users_as_inactive: - type: boolean - description: When set, newly created users are inactive and cannot login. - create_users_group: - type: string - format: uuid - nullable: true - description: Optionally add newly created users to this group. - can_create_users: - type: boolean - description: When set, this stage can create users. If not enabled and no - user is available, stage will fail. - user_path_template: - type: string - PatchedWebAuthnDeviceRequest: - type: object - description: Serializer for WebAuthn authenticator devices - properties: - name: - type: string - minLength: 1 - maxLength: 200 - Permission: - type: object - description: Permission used for consent - properties: - name: - type: string - id: - type: string - required: - - id - - name - PlexAuthenticationChallenge: - type: object - description: Challenge shown to the user in identification stage - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-source-plex - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - client_id: - type: string - slug: - type: string - required: - - client_id - - slug - - type - PlexAuthenticationChallengeResponseRequest: - type: object - description: Pseudo class for plex response - properties: - component: - type: string - minLength: 1 - default: ak-source-plex - PlexSource: - type: object - description: Plex Source Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pbm uuid - name: - type: string - description: Source's display Name. - slug: - type: string - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - readOnly: true - user_path_template: - type: string - icon: - type: string - nullable: true - readOnly: true - client_id: - type: string - description: Client identifier used to talk to Plex. - allowed_servers: - type: array - items: - type: string - description: Which servers a user has to be a member of to be granted access. - Empty list allows every server. - allow_friends: - type: boolean - description: Allow friends to authenticate, even if you don't share a server. - plex_token: - type: string - description: Plex token used to check friends - required: - - component - - icon - - managed - - meta_model_name - - name - - pk - - plex_token - - slug - - verbose_name - - verbose_name_plural - PlexSourceConnection: - type: object - description: Plex Source connection Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - user: - type: integer - readOnly: true - source: - allOf: - - $ref: '#/components/schemas/Source' - readOnly: true - identifier: - type: string - plex_token: - type: string - required: - - identifier - - pk - - plex_token - - source - - user - PlexSourceConnectionRequest: - type: object - description: Plex Source connection Serializer - properties: - identifier: - type: string - minLength: 1 - plex_token: - type: string - minLength: 1 - required: - - identifier - - plex_token - PlexSourceRequest: - type: object - description: Plex Source Serializer - properties: - name: - type: string - minLength: 1 - description: Source's display Name. - slug: - type: string - minLength: 1 - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - user_path_template: - type: string - minLength: 1 - client_id: - type: string - minLength: 1 - description: Client identifier used to talk to Plex. - allowed_servers: - type: array - items: - type: string - minLength: 1 - description: Which servers a user has to be a member of to be granted access. - Empty list allows every server. - allow_friends: - type: boolean - description: Allow friends to authenticate, even if you don't share a server. - plex_token: - type: string - minLength: 1 - description: Plex token used to check friends - required: - - name - - plex_token - - slug - PlexTokenRedeemRequest: - type: object - description: Serializer to redeem a plex token - properties: - plex_token: - type: string - minLength: 1 - required: - - plex_token - Policy: - type: object - description: Policy Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Policy uuid - name: - type: string - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - bound_to: - type: integer - readOnly: true - required: - - bound_to - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - PolicyBinding: - type: object - description: PolicyBinding Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Policy binding uuid - policy: - type: string - format: uuid - nullable: true - group: - type: string - format: uuid - nullable: true - user: - type: integer - nullable: true - policy_obj: - allOf: - - $ref: '#/components/schemas/Policy' - readOnly: true - group_obj: - allOf: - - $ref: '#/components/schemas/Group' - readOnly: true - user_obj: - allOf: - - $ref: '#/components/schemas/User' - readOnly: true - target: - type: string - format: uuid - negate: - type: boolean - description: Negates the outcome of the policy. Messages are unaffected. - enabled: - type: boolean - order: - type: integer - maximum: 2147483647 - minimum: -2147483648 - timeout: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: Timeout after which Policy execution is terminated. - required: - - group_obj - - order - - pk - - policy_obj - - target - - user_obj - PolicyBindingRequest: - type: object - description: PolicyBinding Serializer - properties: - policy: - type: string - format: uuid - nullable: true - group: - type: string - format: uuid - nullable: true - user: - type: integer - nullable: true - target: - type: string - format: uuid - negate: - type: boolean - description: Negates the outcome of the policy. Messages are unaffected. - enabled: - type: boolean - order: - type: integer - maximum: 2147483647 - minimum: -2147483648 - timeout: - type: integer - maximum: 2147483647 - minimum: -2147483648 - description: Timeout after which Policy execution is terminated. - required: - - order - - target - PolicyEngineMode: - enum: - - all - - any - type: string - PolicyRequest: - type: object - description: Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - required: - - name - PolicyTestRequest: - type: object - description: Test policy execution for a user with context - properties: - user: - type: integer - context: - type: object - additionalProperties: {} - required: - - user - PolicyTestResult: - type: object - description: result of a policy test - properties: - passing: - type: boolean - messages: - type: array - items: - type: string - readOnly: true - log_messages: - type: array - items: - type: object - additionalProperties: {} - readOnly: true - required: - - log_messages - - messages - - passing - Prompt: - type: object - description: Prompt Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Prompt uuid - field_key: - type: string - description: Name of the form field, also used to store the value - label: - type: string - type: - $ref: '#/components/schemas/PromptTypeEnum' - required: - type: boolean - placeholder: - type: string - order: - type: integer - maximum: 2147483647 - minimum: -2147483648 - promptstage_set: - type: array - items: - $ref: '#/components/schemas/Stage' - sub_text: - type: string - placeholder_expression: - type: boolean - required: - - field_key - - label - - pk - - type - PromptChallenge: - type: object - description: Initial challenge being sent, define fields - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: ak-stage-prompt - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - fields: - type: array - items: - $ref: '#/components/schemas/StagePrompt' - required: - - fields - - type - PromptChallengeResponseRequest: - type: object - description: |- - Validate response, fields are dynamically created based - on the stage - properties: - component: - type: string - minLength: 1 - default: ak-stage-prompt - additionalProperties: {} - PromptRequest: - type: object - description: Prompt Serializer - properties: - field_key: - type: string - minLength: 1 - description: Name of the form field, also used to store the value - label: - type: string - minLength: 1 - type: - $ref: '#/components/schemas/PromptTypeEnum' - required: - type: boolean - placeholder: - type: string - order: - type: integer - maximum: 2147483647 - minimum: -2147483648 - promptstage_set: - type: array - items: - $ref: '#/components/schemas/StageRequest' - sub_text: - type: string - placeholder_expression: - type: boolean - required: - - field_key - - label - - type - PromptStage: - type: object - description: PromptStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - fields: - type: array - items: - type: string - format: uuid - validation_policies: - type: array - items: - type: string - format: uuid - required: - - component - - fields - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - PromptStageRequest: - type: object - description: PromptStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - fields: - type: array - items: - type: string - format: uuid - validation_policies: - type: array - items: - type: string - format: uuid - required: - - fields - - name - PromptTypeEnum: - enum: - - text - - text_read_only - - username - - email - - password - - number - - checkbox - - date - - date-time - - file - - separator - - hidden - - static - - ak-locale - type: string - PropertyMapping: - type: object - description: PropertyMapping Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pm uuid - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - name: - type: string - expression: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - required: - - component - - expression - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - PropertyMappingPreview: - type: object - description: Preview how the current user is mapped via the property mappings - selected in a provider - properties: - preview: - type: object - additionalProperties: {} - readOnly: true - required: - - preview - PropertyMappingTestResult: - type: object - description: Result of a Property-mapping test - properties: - result: - type: string - readOnly: true - successful: - type: boolean - readOnly: true - required: - - result - - successful - Provider: - type: object - description: Provider Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - name: - type: string - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - component: - type: string - readOnly: true - assigned_application_slug: - type: string - description: Internal application name, used in URLs. - readOnly: true - assigned_application_name: - type: string - description: Application's display Name. - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - required: - - assigned_application_name - - assigned_application_slug - - authorization_flow - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - ProviderEnum: - enum: - - twilio - - generic - type: string - ProviderRequest: - type: object - description: Provider Serializer - properties: - name: - type: string - minLength: 1 - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - required: - - authorization_flow - - name - ProviderTypeEnum: - enum: - - apple - - azuread - - discord - - facebook - - github - - google - - openidconnect - - okta - - reddit - - twitter - - mailcow - - twitch - type: string - ProxyMode: - enum: - - proxy - - forward_single - - forward_domain - type: string - ProxyOutpostConfig: - type: object - description: Proxy provider serializer for outposts - properties: - pk: - type: integer - readOnly: true - title: ID - name: - type: string - internal_host: - type: string - format: uri - external_host: - type: string - format: uri - internal_host_ssl_validation: - type: boolean - description: Validate SSL Certificates of upstream servers - client_id: - type: string - maxLength: 255 - client_secret: - type: string - maxLength: 255 - oidc_configuration: - allOf: - - $ref: '#/components/schemas/OpenIDConnectConfiguration' - readOnly: true - cookie_secret: - type: string - certificate: - type: string - format: uuid - nullable: true - skip_path_regex: - type: string - description: Regular expressions for which authentication is not required. - Each new line is interpreted as a new Regular Expression. - basic_auth_enabled: - type: boolean - title: Set HTTP-Basic Authentication - description: Set a custom HTTP-Basic Authentication header based on values - from authentik. - basic_auth_password_attribute: - type: string - title: HTTP-Basic Password Key - description: User/Group Attribute used for the password part of the HTTP-Basic - Header. - basic_auth_user_attribute: - type: string - title: HTTP-Basic Username Key - description: User/Group Attribute used for the user part of the HTTP-Basic - Header. If not set, the user's Email address is used. - mode: - allOf: - - $ref: '#/components/schemas/ProxyMode' - description: Enable support for forwardAuth in traefik and nginx auth_request. - Exclusive with internal_host. - cookie_domain: - type: string - token_validity: - type: number - format: double - nullable: true - readOnly: true - scopes_to_request: - type: array - items: - type: string - readOnly: true - assigned_application_slug: - type: string - description: Internal application name, used in URLs. - readOnly: true - assigned_application_name: - type: string - description: Application's display Name. - readOnly: true - required: - - assigned_application_name - - assigned_application_slug - - external_host - - name - - oidc_configuration - - pk - - scopes_to_request - - token_validity - ProxyProvider: - type: object - description: ProxyProvider Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - name: - type: string - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - component: - type: string - readOnly: true - assigned_application_slug: - type: string - description: Internal application name, used in URLs. - readOnly: true - assigned_application_name: - type: string - description: Application's display Name. - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - internal_host: - type: string - format: uri - external_host: - type: string - format: uri - internal_host_ssl_validation: - type: boolean - description: Validate SSL Certificates of upstream servers - certificate: - type: string - format: uuid - nullable: true - skip_path_regex: - type: string - description: Regular expressions for which authentication is not required. - Each new line is interpreted as a new Regular Expression. - basic_auth_enabled: - type: boolean - title: Set HTTP-Basic Authentication - description: Set a custom HTTP-Basic Authentication header based on values - from authentik. - basic_auth_password_attribute: - type: string - title: HTTP-Basic Password Key - description: User/Group Attribute used for the password part of the HTTP-Basic - Header. - basic_auth_user_attribute: - type: string - title: HTTP-Basic Username Key - description: User/Group Attribute used for the user part of the HTTP-Basic - Header. If not set, the user's Email address is used. - mode: - allOf: - - $ref: '#/components/schemas/ProxyMode' - description: Enable support for forwardAuth in traefik and nginx auth_request. - Exclusive with internal_host. - redirect_uris: - type: string - readOnly: true - cookie_domain: - type: string - token_validity: - type: string - description: 'Tokens not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - outpost_set: - type: array - items: - type: string - readOnly: true - required: - - assigned_application_name - - assigned_application_slug - - authorization_flow - - component - - external_host - - meta_model_name - - name - - outpost_set - - pk - - redirect_uris - - verbose_name - - verbose_name_plural - ProxyProviderRequest: - type: object - description: ProxyProvider Serializer - properties: - name: - type: string - minLength: 1 - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - internal_host: - type: string - format: uri - external_host: - type: string - minLength: 1 - format: uri - internal_host_ssl_validation: - type: boolean - description: Validate SSL Certificates of upstream servers - certificate: - type: string - format: uuid - nullable: true - skip_path_regex: - type: string - description: Regular expressions for which authentication is not required. - Each new line is interpreted as a new Regular Expression. - basic_auth_enabled: - type: boolean - title: Set HTTP-Basic Authentication - description: Set a custom HTTP-Basic Authentication header based on values - from authentik. - basic_auth_password_attribute: - type: string - title: HTTP-Basic Password Key - description: User/Group Attribute used for the password part of the HTTP-Basic - Header. - basic_auth_user_attribute: - type: string - title: HTTP-Basic Username Key - description: User/Group Attribute used for the user part of the HTTP-Basic - Header. If not set, the user's Email address is used. - mode: - allOf: - - $ref: '#/components/schemas/ProxyMode' - description: Enable support for forwardAuth in traefik and nginx auth_request. - Exclusive with internal_host. - cookie_domain: - type: string - token_validity: - type: string - minLength: 1 - description: 'Tokens not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - required: - - authorization_flow - - external_host - - name - RedirectChallenge: - type: object - description: Challenge type to redirect the client - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: xak-flow-redirect - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - to: - type: string - required: - - to - - type - RefreshTokenModel: - type: object - description: Serializer for BaseGrantModel and RefreshToken - properties: - pk: - type: integer - readOnly: true - title: ID - provider: - $ref: '#/components/schemas/OAuth2Provider' - user: - $ref: '#/components/schemas/User' - is_expired: - type: boolean - readOnly: true - expires: - type: string - format: date-time - scope: - type: array - items: - type: string - id_token: - type: string - readOnly: true - revoked: - type: boolean - required: - - id_token - - is_expired - - pk - - provider - - scope - - user - Reputation: - type: object - description: Reputation Serializer - properties: - pk: - type: string - format: uuid - title: Reputation uuid - identifier: - type: string - ip: - type: string - ip_geo_data: - type: object - additionalProperties: {} - score: - type: integer - maximum: 9223372036854775807 - minimum: -9223372036854775808 - format: int64 - updated: - type: string - format: date-time - readOnly: true - required: - - identifier - - ip - - updated - ReputationPolicy: - type: object - description: Reputation Policy Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Policy uuid - name: - type: string - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - bound_to: - type: integer - readOnly: true - check_ip: - type: boolean - check_username: - type: boolean - threshold: - type: integer - maximum: 2147483647 - minimum: -2147483648 - required: - - bound_to - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - ReputationPolicyRequest: - type: object - description: Reputation Policy Serializer - properties: - name: - type: string - minLength: 1 - execution_logging: - type: boolean - description: When this option is enabled, all executions of this policy - will be logged. By default, only execution errors are logged. - check_ip: - type: boolean - check_username: - type: boolean - threshold: - type: integer - maximum: 2147483647 - minimum: -2147483648 - required: - - name - ResidentKeyRequirementEnum: - enum: - - discouraged - - preferred - - required - type: string - SAMLMetadata: - type: object - description: SAML Provider Metadata serializer - properties: - metadata: - type: string - readOnly: true - download_url: - type: string - readOnly: true - required: - - download_url - - metadata - SAMLPropertyMapping: - type: object - description: SAMLPropertyMapping Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pm uuid - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - name: - type: string - expression: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - saml_name: - type: string - friendly_name: - type: string - nullable: true - required: - - component - - expression - - meta_model_name - - name - - pk - - saml_name - - verbose_name - - verbose_name_plural - SAMLPropertyMappingRequest: - type: object - description: SAMLPropertyMapping Serializer - properties: - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - name: - type: string - minLength: 1 - expression: - type: string - minLength: 1 - saml_name: - type: string - minLength: 1 - friendly_name: - type: string - nullable: true - required: - - expression - - name - - saml_name - SAMLProvider: - type: object - description: SAMLProvider Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - name: - type: string - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - component: - type: string - readOnly: true - assigned_application_slug: - type: string - description: Internal application name, used in URLs. - readOnly: true - assigned_application_name: - type: string - description: Application's display Name. - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - acs_url: - type: string - format: uri - maxLength: 200 - audience: - type: string - description: Value of the audience restriction field of the assertion. When - left empty, no audience restriction will be added. - issuer: - type: string - description: Also known as EntityID - assertion_valid_not_before: - type: string - description: 'Assertion valid not before current time + this value (Format: - hours=-1;minutes=-2;seconds=-3).' - assertion_valid_not_on_or_after: - type: string - description: 'Assertion not valid on or after current time + this value - (Format: hours=1;minutes=2;seconds=3).' - session_valid_not_on_or_after: - type: string - description: 'Session not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - name_id_mapping: - type: string - format: uuid - nullable: true - title: NameID Property Mapping - description: Configure how the NameID value will be created. When left empty, - the NameIDPolicy of the incoming request will be considered - digest_algorithm: - $ref: '#/components/schemas/DigestAlgorithmEnum' - signature_algorithm: - $ref: '#/components/schemas/SignatureAlgorithmEnum' - signing_kp: - type: string - format: uuid - nullable: true - title: Signing Keypair - description: Keypair used to sign outgoing Responses going to the Service - Provider. - verification_kp: - type: string - format: uuid - nullable: true - title: Verification Certificate - description: When selected, incoming assertion's Signatures will be validated - against this certificate. To allow unsigned Requests, leave on default. - sp_binding: - allOf: - - $ref: '#/components/schemas/SpBindingEnum' - title: Service Provider Binding - description: This determines how authentik sends the response back to the - Service Provider. - url_download_metadata: - type: string - readOnly: true - url_sso_post: - type: string - readOnly: true - url_sso_redirect: - type: string - readOnly: true - url_sso_init: - type: string - readOnly: true - required: - - acs_url - - assigned_application_name - - assigned_application_slug - - authorization_flow - - component - - meta_model_name - - name - - pk - - url_download_metadata - - url_sso_init - - url_sso_post - - url_sso_redirect - - verbose_name - - verbose_name_plural - SAMLProviderImportRequest: - type: object - description: Import saml provider from XML Metadata - properties: - name: - type: string - minLength: 1 - authorization_flow: - type: string - minLength: 1 - description: Visible in the URL. - file: - type: string - format: binary - required: - - authorization_flow - - file - - name - SAMLProviderRequest: - type: object - description: SAMLProvider Serializer - properties: - name: - type: string - minLength: 1 - authorization_flow: - type: string - format: uuid - description: Flow used when authorizing this provider. - property_mappings: - type: array - items: - type: string - format: uuid - acs_url: - type: string - format: uri - minLength: 1 - maxLength: 200 - audience: - type: string - description: Value of the audience restriction field of the assertion. When - left empty, no audience restriction will be added. - issuer: - type: string - minLength: 1 - description: Also known as EntityID - assertion_valid_not_before: - type: string - minLength: 1 - description: 'Assertion valid not before current time + this value (Format: - hours=-1;minutes=-2;seconds=-3).' - assertion_valid_not_on_or_after: - type: string - minLength: 1 - description: 'Assertion not valid on or after current time + this value - (Format: hours=1;minutes=2;seconds=3).' - session_valid_not_on_or_after: - type: string - minLength: 1 - description: 'Session not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - name_id_mapping: - type: string - format: uuid - nullable: true - title: NameID Property Mapping - description: Configure how the NameID value will be created. When left empty, - the NameIDPolicy of the incoming request will be considered - digest_algorithm: - $ref: '#/components/schemas/DigestAlgorithmEnum' - signature_algorithm: - $ref: '#/components/schemas/SignatureAlgorithmEnum' - signing_kp: - type: string - format: uuid - nullable: true - title: Signing Keypair - description: Keypair used to sign outgoing Responses going to the Service - Provider. - verification_kp: - type: string - format: uuid - nullable: true - title: Verification Certificate - description: When selected, incoming assertion's Signatures will be validated - against this certificate. To allow unsigned Requests, leave on default. - sp_binding: - allOf: - - $ref: '#/components/schemas/SpBindingEnum' - title: Service Provider Binding - description: This determines how authentik sends the response back to the - Service Provider. - required: - - acs_url - - authorization_flow - - name - SAMLSource: - type: object - description: SAMLSource Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pbm uuid - name: - type: string - description: Source's display Name. - slug: - type: string - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - readOnly: true - user_path_template: - type: string - icon: - type: string - nullable: true - readOnly: true - pre_authentication_flow: - type: string - format: uuid - description: Flow used before authentication. - issuer: - type: string - description: Also known as Entity ID. Defaults the Metadata URL. - sso_url: - type: string - format: uri - description: URL that the initial Login request is sent to. - maxLength: 200 - slo_url: - type: string - format: uri - nullable: true - description: Optional URL if your IDP supports Single-Logout. - maxLength: 200 - allow_idp_initiated: - type: boolean - description: Allows authentication flows initiated by the IdP. This can - be a security risk, as no validation of the request ID is done. - name_id_policy: - allOf: - - $ref: '#/components/schemas/NameIdPolicyEnum' - description: NameID Policy sent to the IdP. Can be unset, in which case - no Policy is sent. - binding_type: - $ref: '#/components/schemas/BindingTypeEnum' - signing_kp: - type: string - format: uuid - nullable: true - title: Signing Keypair - description: Keypair which is used to sign outgoing requests. Leave empty - to disable signing. - digest_algorithm: - $ref: '#/components/schemas/DigestAlgorithmEnum' - signature_algorithm: - $ref: '#/components/schemas/SignatureAlgorithmEnum' - temporary_user_delete_after: - type: string - title: Delete temporary users after - description: 'Time offset when temporary users should be deleted. This only - applies if your IDP uses the NameID Format ''transient'', and the user - doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' - required: - - component - - icon - - managed - - meta_model_name - - name - - pk - - pre_authentication_flow - - slug - - sso_url - - verbose_name - - verbose_name_plural - SAMLSourceRequest: - type: object - description: SAMLSource Serializer - properties: - name: - type: string - minLength: 1 - description: Source's display Name. - slug: - type: string - minLength: 1 - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - user_path_template: - type: string - minLength: 1 - pre_authentication_flow: - type: string - format: uuid - description: Flow used before authentication. - issuer: - type: string - description: Also known as Entity ID. Defaults the Metadata URL. - sso_url: - type: string - format: uri - minLength: 1 - description: URL that the initial Login request is sent to. - maxLength: 200 - slo_url: - type: string - format: uri - nullable: true - description: Optional URL if your IDP supports Single-Logout. - maxLength: 200 - allow_idp_initiated: - type: boolean - description: Allows authentication flows initiated by the IdP. This can - be a security risk, as no validation of the request ID is done. - name_id_policy: - allOf: - - $ref: '#/components/schemas/NameIdPolicyEnum' - description: NameID Policy sent to the IdP. Can be unset, in which case - no Policy is sent. - binding_type: - $ref: '#/components/schemas/BindingTypeEnum' - signing_kp: - type: string - format: uuid - nullable: true - title: Signing Keypair - description: Keypair which is used to sign outgoing requests. Leave empty - to disable signing. - digest_algorithm: - $ref: '#/components/schemas/DigestAlgorithmEnum' - signature_algorithm: - $ref: '#/components/schemas/SignatureAlgorithmEnum' - temporary_user_delete_after: - type: string - minLength: 1 - title: Delete temporary users after - description: 'Time offset when temporary users should be deleted. This only - applies if your IDP uses the NameID Format ''transient'', and the user - doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' - required: - - name - - pre_authentication_flow - - slug - - sso_url - SMSDevice: - type: object - description: Serializer for sms authenticator devices - properties: - name: - type: string - description: The human-readable name of this device. - maxLength: 64 - pk: - type: integer - readOnly: true - title: ID - phone_number: - type: string - readOnly: true - required: - - name - - phone_number - - pk - SMSDeviceRequest: - type: object - description: Serializer for sms authenticator devices - properties: - name: - type: string - minLength: 1 - description: The human-readable name of this device. - maxLength: 64 - required: - - name - ScopeMapping: - type: object - description: ScopeMapping Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pm uuid - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - name: - type: string - expression: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - scope_name: - type: string - description: Scope used by the client - description: - type: string - description: Description shown to the user when consenting. If left empty, - the user won't be informed. - required: - - component - - expression - - meta_model_name - - name - - pk - - scope_name - - verbose_name - - verbose_name_plural - ScopeMappingRequest: - type: object - description: ScopeMapping Serializer - properties: - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - name: - type: string - minLength: 1 - expression: - type: string - minLength: 1 - scope_name: - type: string - minLength: 1 - description: Scope used by the client - description: - type: string - description: Description shown to the user when consenting. If left empty, - the user won't be informed. - required: - - expression - - name - - scope_name - SelectableStage: - type: object - description: Serializer for stages which can be selected by users - properties: - pk: - type: string - format: uuid - name: - type: string - verbose_name: - type: string - meta_model_name: - type: string - required: - - meta_model_name - - name - - pk - - verbose_name - ServiceConnection: - type: object - description: ServiceConnection Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Uuid - name: - type: string - local: - type: boolean - description: If enabled, use the local connection. Required Docker socket/Kubernetes - Integration - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - ServiceConnectionRequest: - type: object - description: ServiceConnection Serializer - properties: - name: - type: string - minLength: 1 - local: - type: boolean - description: If enabled, use the local connection. Required Docker socket/Kubernetes - Integration - required: - - name - ServiceConnectionState: - type: object - description: Serializer for Service connection state - properties: - healthy: - type: boolean - readOnly: true - version: - type: string - readOnly: true - required: - - healthy - - version - SessionUser: - type: object - description: |- - Response for the /user/me endpoint, returns the currently active user (as `user` property) - and, if this user is being impersonated, the original user in the `original` property. - properties: - user: - $ref: '#/components/schemas/UserSelf' - original: - $ref: '#/components/schemas/UserSelf' - required: - - user - SeverityEnum: - enum: - - notice - - warning - - alert - type: string - ShellChallenge: - type: object - description: challenge type to render HTML as-is - properties: - type: - $ref: '#/components/schemas/ChallengeChoices' - flow_info: - $ref: '#/components/schemas/ContextualFlowInfo' - component: - type: string - default: xak-flow-shell - response_errors: - type: object - additionalProperties: - type: array - items: - $ref: '#/components/schemas/ErrorDetail' - body: - type: string - required: - - body - - type - SignatureAlgorithmEnum: - enum: - - http://www.w3.org/2000/09/xmldsig#rsa-sha1 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 - - http://www.w3.org/2000/09/xmldsig#dsa-sha1 - type: string - Source: - type: object - description: Source Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Pbm uuid - name: - type: string - description: Source's display Name. - slug: - type: string - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - readOnly: true - user_path_template: - type: string - icon: - type: string - nullable: true - readOnly: true - required: - - component - - icon - - managed - - meta_model_name - - name - - pk - - slug - - verbose_name - - verbose_name_plural - SourceRequest: - type: object - description: Source Serializer - properties: - name: - type: string - minLength: 1 - description: Source's display Name. - slug: - type: string - minLength: 1 - description: Internal source name, used in URLs. - maxLength: 50 - pattern: ^[-a-zA-Z0-9_]+$ - enabled: - type: boolean - authentication_flow: - type: string - format: uuid - nullable: true - description: Flow to use when authenticating existing users. - enrollment_flow: - type: string - format: uuid - nullable: true - description: Flow to use when enrolling new users. - policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineMode' - user_matching_mode: - allOf: - - $ref: '#/components/schemas/UserMatchingModeEnum' - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - user_path_template: - type: string - minLength: 1 - required: - - name - - slug - SourceType: - type: object - description: Serializer for SourceType - properties: - name: - type: string - slug: - type: string - urls_customizable: - type: boolean - request_token_url: - type: string - readOnly: true - nullable: true - authorization_url: - type: string - readOnly: true - nullable: true - access_token_url: - type: string - readOnly: true - nullable: true - profile_url: - type: string - readOnly: true - nullable: true - required: - - access_token_url - - authorization_url - - name - - profile_url - - request_token_url - - slug - - urls_customizable - SpBindingEnum: - enum: - - redirect - - post - type: string - Stage: - type: object - description: Stage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - StagePrompt: - type: object - description: Serializer for a single Prompt field - properties: - field_key: - type: string - label: - type: string - type: - $ref: '#/components/schemas/PromptTypeEnum' - required: - type: boolean - placeholder: - type: string - order: - type: integer - sub_text: - type: string - required: - - field_key - - label - - order - - placeholder - - required - - sub_text - - type - StageRequest: - type: object - description: Stage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - required: - - name - StaticDevice: - type: object - description: Serializer for static authenticator devices - properties: - name: - type: string - description: The human-readable name of this device. - maxLength: 64 - token_set: - type: array - items: - $ref: '#/components/schemas/StaticDeviceToken' - readOnly: true - pk: - type: integer - readOnly: true - title: ID - required: - - name - - pk - - token_set - StaticDeviceRequest: - type: object - description: Serializer for static authenticator devices - properties: - name: - type: string - minLength: 1 - description: The human-readable name of this device. - maxLength: 64 - required: - - name - StaticDeviceToken: - type: object - description: Serializer for static device's tokens - properties: - token: - type: string - maxLength: 16 - required: - - token - StaticDeviceTokenRequest: - type: object - description: Serializer for static device's tokens - properties: - token: - type: string - minLength: 1 - maxLength: 16 - required: - - token - SubModeEnum: - enum: - - hashed_user_id - - user_username - - user_email - - user_upn - type: string - System: - type: object - description: Get system information. - properties: - env: - type: object - additionalProperties: - type: string - readOnly: true - http_headers: - type: object - additionalProperties: - type: string - readOnly: true - http_host: - type: string - readOnly: true - http_is_secure: - type: boolean - readOnly: true - runtime: - type: object - description: Runtime information - properties: - python_version: - type: string - gunicorn_version: - type: string - environment: - type: string - architecture: - type: string - platform: - type: string - uname: - type: string - required: - - architecture - - environment - - gunicorn_version - - platform - - python_version - - uname - readOnly: true - tenant: - type: string - readOnly: true - server_time: - type: string - format: date-time - readOnly: true - embedded_outpost_host: - type: string - readOnly: true - required: - - embedded_outpost_host - - env - - http_headers - - http_host - - http_is_secure - - runtime - - server_time - - tenant - TOTPDevice: - type: object - description: Serializer for totp authenticator devices - properties: - name: - type: string - description: The human-readable name of this device. - maxLength: 64 - pk: - type: integer - readOnly: true - title: ID - required: - - name - - pk - TOTPDeviceRequest: - type: object - description: Serializer for totp authenticator devices - properties: - name: - type: string - minLength: 1 - description: The human-readable name of this device. - maxLength: 64 - required: - - name - Task: - type: object - description: Serialize TaskInfo and TaskResult - properties: - task_name: - type: string - task_description: - type: string - task_finish_timestamp: - type: string - format: date-time - status: - $ref: '#/components/schemas/TaskStatusEnum' - messages: - type: array - items: {} - required: - - messages - - status - - task_description - - task_finish_timestamp - - task_name - TaskStatusEnum: - enum: - - SUCCESSFUL - - WARNING - - ERROR - - UNKNOWN - type: string - Tenant: - type: object - description: Tenant Serializer - properties: - tenant_uuid: - type: string - format: uuid - readOnly: true - domain: - type: string - description: Domain that activates this tenant. Can be a superset, i.e. - `a.b` for `aa.b` and `ba.b` - default: - type: boolean - branding_title: - type: string - branding_logo: - type: string - branding_favicon: - type: string - flow_authentication: - type: string - format: uuid - nullable: true - flow_invalidation: - type: string - format: uuid - nullable: true - flow_recovery: - type: string - format: uuid - nullable: true - flow_unenrollment: - type: string - format: uuid - nullable: true - flow_user_settings: - type: string - format: uuid - nullable: true - flow_device_code: - type: string - format: uuid - nullable: true - event_retention: - type: string - description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).' - web_certificate: - type: string - format: uuid - nullable: true - description: Web Certificate used by the authentik Core webserver. - attributes: - type: object - additionalProperties: {} - required: - - domain - - tenant_uuid - TenantRequest: - type: object - description: Tenant Serializer - properties: - domain: - type: string - minLength: 1 - description: Domain that activates this tenant. Can be a superset, i.e. - `a.b` for `aa.b` and `ba.b` - default: - type: boolean - branding_title: - type: string - minLength: 1 - branding_logo: - type: string - minLength: 1 - branding_favicon: - type: string - minLength: 1 - flow_authentication: - type: string - format: uuid - nullable: true - flow_invalidation: - type: string - format: uuid - nullable: true - flow_recovery: - type: string - format: uuid - nullable: true - flow_unenrollment: - type: string - format: uuid - nullable: true - flow_user_settings: - type: string - format: uuid - nullable: true - flow_device_code: - type: string - format: uuid - nullable: true - event_retention: - type: string - minLength: 1 - description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).' - web_certificate: - type: string - format: uuid - nullable: true - description: Web Certificate used by the authentik Core webserver. - attributes: - type: object - additionalProperties: {} - required: - - domain - Token: - type: object - description: Token Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Token uuid - managed: - type: string - nullable: true - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - identifier: - type: string - maxLength: 255 - pattern: ^[-a-zA-Z0-9_]+$ - intent: - $ref: '#/components/schemas/IntentEnum' - user: - type: integer - user_obj: - allOf: - - $ref: '#/components/schemas/User' - readOnly: true - description: - type: string - expires: - type: string - format: date-time - expiring: - type: boolean - required: - - identifier - - pk - - user_obj - TokenRequest: - type: object - description: Token Serializer - properties: - managed: - type: string - nullable: true - minLength: 1 - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object - can be overwritten by migrations. You can still modify the objects via - the API, but expect changes to be overwritten in a later update. - identifier: - type: string - minLength: 1 - maxLength: 255 - pattern: ^[-a-zA-Z0-9_]+$ - intent: - $ref: '#/components/schemas/IntentEnum' - user: - type: integer - description: - type: string - expires: - type: string - format: date-time - expiring: - type: boolean - required: - - identifier - TokenSetKeyRequest: - type: object - properties: - key: - type: string - minLength: 1 - required: - - key - TokenView: - type: object - description: Show token's current key - properties: - key: - type: string - readOnly: true - required: - - key - TypeCreate: - type: object - description: Types of an object that can be created - properties: - name: - type: string - description: - type: string - component: - type: string - model_name: - type: string - required: - - component - - description - - model_name - - name - UsedBy: - type: object - description: A list of all objects referencing the queried object - properties: - app: - type: string - model_name: - type: string - pk: - type: string - name: - type: string - action: - $ref: '#/components/schemas/UsedByActionEnum' - required: - - action - - app - - model_name - - name - - pk - UsedByActionEnum: - enum: - - CASCADE - - CASCADE_MANY - - SET_NULL - - SET_DEFAULT - type: string - User: - type: object - description: User Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - username: - type: string - maxLength: 150 - name: - type: string - description: User's display name. - is_active: - type: boolean - title: Active - description: Designates whether this user should be treated as active. Unselect - this instead of deleting accounts. - last_login: - type: string - format: date-time - nullable: true - is_superuser: - type: boolean - readOnly: true - groups: - type: array - items: - type: string - format: uuid - groups_obj: - type: array - items: - $ref: '#/components/schemas/UserGroup' - readOnly: true - email: - type: string - format: email - title: Email address - maxLength: 254 - avatar: - type: string - readOnly: true - attributes: - type: object - additionalProperties: {} - uid: - type: string - readOnly: true - path: - type: string - required: - - avatar - - groups - - groups_obj - - is_superuser - - name - - pk - - uid - - username - UserConsent: - type: object - description: UserConsent Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - expires: - type: string - format: date-time - user: - $ref: '#/components/schemas/User' - application: - $ref: '#/components/schemas/Application' - permissions: - type: string - default: '' - required: - - application - - pk - - user - UserDeleteStage: - type: object - description: UserDeleteStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - UserDeleteStageRequest: - type: object - description: UserDeleteStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - required: - - name - UserFieldsEnum: - enum: - - email - - username - - upn - type: string - UserGroup: - type: object - description: Simplified Group Serializer for user's groups - properties: - pk: - type: string - format: uuid - readOnly: true - title: Group uuid - num_pk: - type: integer - readOnly: true - name: - type: string - maxLength: 80 - is_superuser: - type: boolean - description: Users added to this group will be superusers. - parent: - type: string - format: uuid - nullable: true - parent_name: - type: string - readOnly: true - attributes: - type: object - additionalProperties: {} - required: - - name - - num_pk - - parent_name - - pk - UserGroupRequest: - type: object - description: Simplified Group Serializer for user's groups - properties: - name: - type: string - minLength: 1 - maxLength: 80 - is_superuser: - type: boolean - description: Users added to this group will be superusers. - parent: - type: string - format: uuid - nullable: true - attributes: - type: object - additionalProperties: {} - required: - - name - UserLoginStage: - type: object - description: UserLoginStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - session_duration: - type: string - description: 'Determines how long a session lasts. Default of 0 means that - the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - UserLoginStageRequest: - type: object - description: UserLoginStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - session_duration: - type: string - minLength: 1 - description: 'Determines how long a session lasts. Default of 0 means that - the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' - required: - - name - UserLogoutStage: - type: object - description: UserLogoutStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - UserLogoutStageRequest: - type: object - description: UserLogoutStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - required: - - name - UserMatchingModeEnum: - enum: - - identifier - - email_link - - email_deny - - username_link - - username_deny - type: string - UserMetrics: - type: object - description: User Metrics - properties: - logins_per_1h: - type: array - items: - $ref: '#/components/schemas/Coordinate' - readOnly: true - logins_failed_per_1h: - type: array - items: - $ref: '#/components/schemas/Coordinate' - readOnly: true - authorizations_per_1h: - type: array - items: - $ref: '#/components/schemas/Coordinate' - readOnly: true - required: - - authorizations_per_1h - - logins_failed_per_1h - - logins_per_1h - UserOAuthSourceConnection: - type: object - description: OAuth Source Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - user: - type: integer - source: - allOf: - - $ref: '#/components/schemas/Source' - readOnly: true - identifier: - type: string - maxLength: 255 - required: - - identifier - - pk - - source - - user - UserOAuthSourceConnectionRequest: - type: object - description: OAuth Source Serializer - properties: - user: - type: integer - identifier: - type: string - minLength: 1 - maxLength: 255 - access_token: - type: string - writeOnly: true - nullable: true - required: - - identifier - - user - UserPasswordSetRequest: - type: object - properties: - password: - type: string - minLength: 1 - required: - - password - UserPath: - type: object - properties: - paths: - type: array - items: - type: string - readOnly: true - required: - - paths - UserRequest: - type: object - description: User Serializer - properties: - username: - type: string - minLength: 1 - maxLength: 150 - name: - type: string - description: User's display name. - is_active: - type: boolean - title: Active - description: Designates whether this user should be treated as active. Unselect - this instead of deleting accounts. - last_login: - type: string - format: date-time - nullable: true - groups: - type: array - items: - type: string - format: uuid - email: - type: string - format: email - title: Email address - maxLength: 254 - attributes: - type: object - additionalProperties: {} - path: - type: string - minLength: 1 - required: - - groups - - name - - username - UserSAMLSourceConnection: - type: object - description: SAML Source Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - user: - type: integer - source: - allOf: - - $ref: '#/components/schemas/Source' - readOnly: true - identifier: - type: string - required: - - identifier - - pk - - source - - user - UserSAMLSourceConnectionRequest: - type: object - description: SAML Source Serializer - properties: - user: - type: integer - identifier: - type: string - minLength: 1 - required: - - identifier - - user - UserSelf: - type: object - description: User Serializer for information a user can retrieve about themselves - properties: - pk: - type: integer - readOnly: true - title: ID - username: - type: string - description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ - only. - pattern: ^[\w.@+-]+$ - maxLength: 150 - name: - type: string - description: User's display name. - is_active: - type: boolean - readOnly: true - title: Active - description: Designates whether this user should be treated as active. Unselect - this instead of deleting accounts. - is_superuser: - type: boolean - readOnly: true - groups: - type: array - items: - $ref: '#/components/schemas/UserSelfGroups' - readOnly: true - email: - type: string - format: email - title: Email address - maxLength: 254 - avatar: - type: string - readOnly: true - uid: - type: string - readOnly: true - settings: - type: object - additionalProperties: {} - readOnly: true - required: - - avatar - - groups - - is_active - - is_superuser - - name - - pk - - settings - - uid - - username - UserSelfGroups: - type: object - properties: - name: - type: string - readOnly: true - pk: - type: string - readOnly: true - required: - - name - - pk - UserServiceAccountRequest: - type: object - properties: - name: - type: string - minLength: 1 - create_group: - type: boolean - default: false - required: - - name - UserServiceAccountResponse: - type: object - properties: - username: - type: string - token: - type: string - user_uid: - type: string - user_pk: - type: integer - group_pk: - type: string - required: - - token - - user_pk - - user_uid - - username - UserSetting: - type: object - description: Serializer for User settings for stages and sources - properties: - object_uid: - type: string - component: - type: string - title: - type: string - configure_url: - type: string - icon_url: - type: string - required: - - component - - object_uid - - title - UserSourceConnection: - type: object - description: OAuth Source Serializer - properties: - pk: - type: integer - readOnly: true - title: ID - user: - type: integer - readOnly: true - source: - allOf: - - $ref: '#/components/schemas/Source' - readOnly: true - created: - type: string - format: date-time - readOnly: true - required: - - created - - pk - - source - - user - UserVerificationEnum: - enum: - - required - - preferred - - discouraged - type: string - UserWriteStage: - type: object - description: UserWriteStage Serializer - properties: - pk: - type: string - format: uuid - readOnly: true - title: Stage uuid - name: - type: string - component: - type: string - readOnly: true - verbose_name: - type: string - readOnly: true - verbose_name_plural: - type: string - readOnly: true - meta_model_name: - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSet' - create_users_as_inactive: - type: boolean - description: When set, newly created users are inactive and cannot login. - create_users_group: - type: string - format: uuid - nullable: true - description: Optionally add newly created users to this group. - can_create_users: - type: boolean - description: When set, this stage can create users. If not enabled and no - user is available, stage will fail. - user_path_template: - type: string - required: - - component - - meta_model_name - - name - - pk - - verbose_name - - verbose_name_plural - UserWriteStageRequest: - type: object - description: UserWriteStage Serializer - properties: - name: - type: string - minLength: 1 - flow_set: - type: array - items: - $ref: '#/components/schemas/FlowSetRequest' - create_users_as_inactive: - type: boolean - description: When set, newly created users are inactive and cannot login. - create_users_group: - type: string - format: uuid - nullable: true - description: Optionally add newly created users to this group. - can_create_users: - type: boolean - description: When set, this stage can create users. If not enabled and no - user is available, stage will fail. - user_path_template: - type: string - required: - - name - ValidationError: - type: object - description: Validation Error - properties: - non_field_errors: - type: array - items: - type: string - code: - type: string - additionalProperties: {} - Version: - type: object - description: Get running and latest version. - properties: - version_current: - type: string - readOnly: true - version_latest: - type: string - readOnly: true - build_hash: - type: string - readOnly: true - outdated: - type: boolean - readOnly: true - required: - - build_hash - - outdated - - version_current - - version_latest - WebAuthnDevice: - type: object - description: Serializer for WebAuthn authenticator devices - properties: - pk: - type: integer - readOnly: true - title: ID - name: - type: string - maxLength: 200 - created_on: - type: string - format: date-time - readOnly: true - required: - - created_on - - name - - pk - WebAuthnDeviceRequest: - type: object - description: Serializer for WebAuthn authenticator devices - properties: - name: - type: string - minLength: 1 - maxLength: 200 - required: - - name - Workers: - type: object - properties: - count: - type: integer - required: - - count - securitySchemes: - authentik: - type: apiKey - in: header - name: Authorization - scheme: bearer -servers: -- url: /api/v3/