openapi: 3.0.3
info:
  title: authentik
  version: 2023.10.4
  description: Making authentication simple.
  contact:
    email: hello@goauthentik.io
  license:
    name: MIT
    url: https://github.com/goauthentik/authentik/blob/main/LICENSE
paths:
  /admin/apps/:
    get:
      operationId: admin_apps_list
      description: Read-only view list all installed apps
      tags:
      - admin
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/App'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /admin/metrics/:
    get:
      operationId: admin_metrics_retrieve
      description: Login Metrics per 1h
      tags:
      - admin
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LoginMetrics'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /admin/models/:
    get:
      operationId: admin_models_list
      description: Read-only view list all installed models
      tags:
      - admin
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/App'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /admin/system/:
    get:
      operationId: admin_system_retrieve
      description: Get system information.
      tags:
      - admin
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/System'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: admin_system_create
      description: Get system information.
      tags:
      - admin
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/System'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /admin/system_tasks/:
    get:
      operationId: admin_system_tasks_list
      description: List system tasks
      tags:
      - admin
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Task'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /admin/system_tasks/{id}/:
    get:
      operationId: admin_system_tasks_retrieve
      description: Get a single system task
      parameters:
      - in: path
        name: id
        schema:
          type: string
        required: true
      tags:
      - admin
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Task'
          description: ''
        '404':
          description: Task not found
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /admin/system_tasks/{id}/retry/:
    post:
      operationId: admin_system_tasks_retry_create
      description: Retry task
      parameters:
      - in: path
        name: id
        schema:
          type: string
        required: true
      tags:
      - admin
      security:
      - authentik: []
      responses:
        '204':
          description: Task retried successfully
        '404':
          description: Task not found
        '500':
          description: Failed to retry task
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /admin/version/:
    get:
      operationId: admin_version_retrieve
      description: Get running and latest version.
      tags:
      - admin
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Version'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /admin/workers/:
    get:
      operationId: admin_workers_retrieve
      description: Get currently connected worker count.
      tags:
      - admin
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Workers'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/admin/all/:
    get:
      operationId: authenticators_admin_all_list
      description: Get all devices for current user
      parameters:
      - in: query
        name: user
        schema:
          type: integer
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Device'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/admin/duo/:
    get:
      operationId: authenticators_admin_duo_list
      description: Viewset for Duo authenticator devices (for admins)
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedDuoDeviceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: authenticators_admin_duo_create
      description: Viewset for Duo authenticator devices (for admins)
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DuoDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DuoDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/admin/duo/{id}/:
    get:
      operationId: authenticators_admin_duo_retrieve
      description: Viewset for Duo authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Duo Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DuoDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: authenticators_admin_duo_update
      description: Viewset for Duo authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Duo Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DuoDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DuoDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: authenticators_admin_duo_partial_update
      description: Viewset for Duo authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Duo Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedDuoDeviceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DuoDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: authenticators_admin_duo_destroy
      description: Viewset for Duo authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Duo Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/admin/sms/:
    get:
      operationId: authenticators_admin_sms_list
      description: Viewset for sms authenticator devices (for admins)
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedSMSDeviceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: authenticators_admin_sms_create
      description: Viewset for sms authenticator devices (for admins)
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SMSDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SMSDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/admin/sms/{id}/:
    get:
      operationId: authenticators_admin_sms_retrieve
      description: Viewset for sms authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SMS Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SMSDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: authenticators_admin_sms_update
      description: Viewset for sms authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SMS Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SMSDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SMSDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: authenticators_admin_sms_partial_update
      description: Viewset for sms authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SMS Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedSMSDeviceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SMSDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: authenticators_admin_sms_destroy
      description: Viewset for sms authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SMS Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/admin/static/:
    get:
      operationId: authenticators_admin_static_list
      description: Viewset for static authenticator devices (for admins)
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedStaticDeviceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: authenticators_admin_static_create
      description: Viewset for static authenticator devices (for admins)
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/StaticDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StaticDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/admin/static/{id}/:
    get:
      operationId: authenticators_admin_static_retrieve
      description: Viewset for static authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Static Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StaticDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: authenticators_admin_static_update
      description: Viewset for static authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Static Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/StaticDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StaticDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: authenticators_admin_static_partial_update
      description: Viewset for static authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Static Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedStaticDeviceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StaticDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: authenticators_admin_static_destroy
      description: Viewset for static authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Static Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/admin/totp/:
    get:
      operationId: authenticators_admin_totp_list
      description: Viewset for totp authenticator devices (for admins)
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedTOTPDeviceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: authenticators_admin_totp_create
      description: Viewset for totp authenticator devices (for admins)
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TOTPDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TOTPDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/admin/totp/{id}/:
    get:
      operationId: authenticators_admin_totp_retrieve
      description: Viewset for totp authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this TOTP Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TOTPDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: authenticators_admin_totp_update
      description: Viewset for totp authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this TOTP Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TOTPDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TOTPDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: authenticators_admin_totp_partial_update
      description: Viewset for totp authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this TOTP Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedTOTPDeviceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TOTPDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: authenticators_admin_totp_destroy
      description: Viewset for totp authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this TOTP Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/admin/webauthn/:
    get:
      operationId: authenticators_admin_webauthn_list
      description: Viewset for WebAuthn authenticator devices (for admins)
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: authenticators_admin_webauthn_create
      description: Viewset for WebAuthn authenticator devices (for admins)
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/WebAuthnDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebAuthnDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/admin/webauthn/{id}/:
    get:
      operationId: authenticators_admin_webauthn_retrieve
      description: Viewset for WebAuthn authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this WebAuthn Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebAuthnDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: authenticators_admin_webauthn_update
      description: Viewset for WebAuthn authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this WebAuthn Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/WebAuthnDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebAuthnDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: authenticators_admin_webauthn_partial_update
      description: Viewset for WebAuthn authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this WebAuthn Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebAuthnDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: authenticators_admin_webauthn_destroy
      description: Viewset for WebAuthn authenticator devices (for admins)
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this WebAuthn Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/all/:
    get:
      operationId: authenticators_all_list
      description: Get all devices for current user
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Device'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/duo/:
    get:
      operationId: authenticators_duo_list
      description: Viewset for Duo authenticator devices
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedDuoDeviceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/duo/{id}/:
    get:
      operationId: authenticators_duo_retrieve
      description: Viewset for Duo authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Duo Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DuoDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: authenticators_duo_update
      description: Viewset for Duo authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Duo Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DuoDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DuoDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: authenticators_duo_partial_update
      description: Viewset for Duo authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Duo Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedDuoDeviceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DuoDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: authenticators_duo_destroy
      description: Viewset for Duo authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Duo Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/duo/{id}/used_by/:
    get:
      operationId: authenticators_duo_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Duo Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/sms/:
    get:
      operationId: authenticators_sms_list
      description: Viewset for sms authenticator devices
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedSMSDeviceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/sms/{id}/:
    get:
      operationId: authenticators_sms_retrieve
      description: Viewset for sms authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SMS Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SMSDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: authenticators_sms_update
      description: Viewset for sms authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SMS Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SMSDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SMSDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: authenticators_sms_partial_update
      description: Viewset for sms authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SMS Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedSMSDeviceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SMSDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: authenticators_sms_destroy
      description: Viewset for sms authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SMS Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/sms/{id}/used_by/:
    get:
      operationId: authenticators_sms_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SMS Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/static/:
    get:
      operationId: authenticators_static_list
      description: Viewset for static authenticator devices
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedStaticDeviceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/static/{id}/:
    get:
      operationId: authenticators_static_retrieve
      description: Viewset for static authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Static Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StaticDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: authenticators_static_update
      description: Viewset for static authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Static Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/StaticDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StaticDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: authenticators_static_partial_update
      description: Viewset for static authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Static Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedStaticDeviceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StaticDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: authenticators_static_destroy
      description: Viewset for static authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Static Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/static/{id}/used_by/:
    get:
      operationId: authenticators_static_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Static Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/totp/:
    get:
      operationId: authenticators_totp_list
      description: Viewset for totp authenticator devices
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedTOTPDeviceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/totp/{id}/:
    get:
      operationId: authenticators_totp_retrieve
      description: Viewset for totp authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this TOTP Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TOTPDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: authenticators_totp_update
      description: Viewset for totp authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this TOTP Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TOTPDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TOTPDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: authenticators_totp_partial_update
      description: Viewset for totp authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this TOTP Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedTOTPDeviceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TOTPDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: authenticators_totp_destroy
      description: Viewset for totp authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this TOTP Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/totp/{id}/used_by/:
    get:
      operationId: authenticators_totp_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this TOTP Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/webauthn/:
    get:
      operationId: authenticators_webauthn_list
      description: Viewset for WebAuthn authenticator devices
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/webauthn/{id}/:
    get:
      operationId: authenticators_webauthn_retrieve
      description: Viewset for WebAuthn authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this WebAuthn Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebAuthnDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: authenticators_webauthn_update
      description: Viewset for WebAuthn authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this WebAuthn Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/WebAuthnDeviceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebAuthnDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: authenticators_webauthn_partial_update
      description: Viewset for WebAuthn authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this WebAuthn Device.
        required: true
      tags:
      - authenticators
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebAuthnDevice'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: authenticators_webauthn_destroy
      description: Viewset for WebAuthn authenticator devices
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this WebAuthn Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /authenticators/webauthn/{id}/used_by/:
    get:
      operationId: authenticators_webauthn_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this WebAuthn Device.
        required: true
      tags:
      - authenticators
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/applications/:
    get:
      operationId: core_applications_list
      description: Custom list method that checks Policy based access instead of guardian
      parameters:
      - in: query
        name: group
        schema:
          type: string
      - in: query
        name: meta_description
        schema:
          type: string
      - in: query
        name: meta_launch_url
        schema:
          type: string
      - in: query
        name: meta_publisher
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: slug
        schema:
          type: string
      - in: query
        name: superuser_full_list
        schema:
          type: boolean
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedApplicationList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: core_applications_create
      description: Application Viewset
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ApplicationRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Application'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/applications/{slug}/:
    get:
      operationId: core_applications_retrieve
      description: Application Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal application name, used in URLs.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Application'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: core_applications_update
      description: Application Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal application name, used in URLs.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ApplicationRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Application'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: core_applications_partial_update
      description: Application Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal application name, used in URLs.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedApplicationRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Application'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: core_applications_destroy
      description: Application Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal application name, used in URLs.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/applications/{slug}/check_access/:
    get:
      operationId: core_applications_check_access_retrieve
      description: Check access to a single application by slug
      parameters:
      - in: query
        name: for_user
        schema:
          type: integer
      - in: path
        name: slug
        schema:
          type: string
          description: Internal application name, used in URLs.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyTestResult'
          description: ''
        '404':
          description: for_user user not found
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/applications/{slug}/metrics/:
    get:
      operationId: core_applications_metrics_list
      description: Metrics for application logins
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal application name, used in URLs.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Coordinate'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/applications/{slug}/set_icon/:
    post:
      operationId: core_applications_set_icon_create
      description: Set application icon
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal application name, used in URLs.
        required: true
      tags:
      - core
      requestBody:
        content:
          multipart/form-data:
            schema:
              $ref: '#/components/schemas/FileUploadRequest'
      security:
      - authentik: []
      responses:
        '200':
          description: Success
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/applications/{slug}/set_icon_url/:
    post:
      operationId: core_applications_set_icon_url_create
      description: Set application icon (as URL)
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal application name, used in URLs.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FilePathRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          description: Success
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/applications/{slug}/used_by/:
    get:
      operationId: core_applications_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal application name, used in URLs.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/authenticated_sessions/:
    get:
      operationId: core_authenticated_sessions_list
      description: AuthenticatedSession Viewset
      parameters:
      - in: query
        name: last_ip
        schema:
          type: string
      - in: query
        name: last_user_agent
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: user__username
        schema:
          type: string
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedAuthenticatedSessionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/authenticated_sessions/{uuid}/:
    get:
      operationId: core_authenticated_sessions_retrieve
      description: AuthenticatedSession Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Authenticated Session.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatedSession'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: core_authenticated_sessions_destroy
      description: AuthenticatedSession Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Authenticated Session.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/authenticated_sessions/{uuid}/used_by/:
    get:
      operationId: core_authenticated_sessions_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Authenticated Session.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/groups/:
    get:
      operationId: core_groups_list
      description: Group Viewset
      parameters:
      - in: query
        name: attributes
        schema:
          type: string
        description: Attributes
      - in: query
        name: is_superuser
        schema:
          type: boolean
      - in: query
        name: members_by_pk
        schema:
          type: array
          items:
            type: integer
        explode: true
        style: form
      - in: query
        name: members_by_username
        schema:
          type: array
          items:
            type: string
        description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
          only.
        explode: true
        style: form
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedGroupList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: core_groups_create
      description: Group Viewset
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GroupRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Group'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/groups/{group_uuid}/:
    get:
      operationId: core_groups_retrieve
      description: Group Viewset
      parameters:
      - in: path
        name: group_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Group.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Group'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: core_groups_update
      description: Group Viewset
      parameters:
      - in: path
        name: group_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Group.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GroupRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Group'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: core_groups_partial_update
      description: Group Viewset
      parameters:
      - in: path
        name: group_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Group.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedGroupRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Group'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: core_groups_destroy
      description: Group Viewset
      parameters:
      - in: path
        name: group_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Group.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/groups/{group_uuid}/add_user/:
    post:
      operationId: core_groups_add_user_create
      description: Add user to group
      parameters:
      - in: path
        name: group_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Group.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserAccountRequest'
        required: true
      security:
      - authentik: []
      responses:
        '204':
          description: User added
        '404':
          description: User not found
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/groups/{group_uuid}/remove_user/:
    post:
      operationId: core_groups_remove_user_create
      description: Add user to group
      parameters:
      - in: path
        name: group_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Group.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserAccountRequest'
        required: true
      security:
      - authentik: []
      responses:
        '204':
          description: User added
        '404':
          description: User not found
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/groups/{group_uuid}/used_by/:
    get:
      operationId: core_groups_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: group_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Group.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/tenants/:
    get:
      operationId: core_tenants_list
      description: Tenant Viewset
      parameters:
      - in: query
        name: branding_favicon
        schema:
          type: string
      - in: query
        name: branding_logo
        schema:
          type: string
      - in: query
        name: branding_title
        schema:
          type: string
      - in: query
        name: default
        schema:
          type: boolean
      - in: query
        name: domain
        schema:
          type: string
      - in: query
        name: event_retention
        schema:
          type: string
      - in: query
        name: flow_authentication
        schema:
          type: string
          format: uuid
      - in: query
        name: flow_device_code
        schema:
          type: string
          format: uuid
      - in: query
        name: flow_invalidation
        schema:
          type: string
          format: uuid
      - in: query
        name: flow_recovery
        schema:
          type: string
          format: uuid
      - in: query
        name: flow_unenrollment
        schema:
          type: string
          format: uuid
      - in: query
        name: flow_user_settings
        schema:
          type: string
          format: uuid
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: tenant_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: web_certificate
        schema:
          type: string
          format: uuid
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedTenantList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: core_tenants_create
      description: Tenant Viewset
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TenantRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Tenant'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/tenants/{tenant_uuid}/:
    get:
      operationId: core_tenants_retrieve
      description: Tenant Viewset
      parameters:
      - in: path
        name: tenant_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Tenant.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Tenant'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: core_tenants_update
      description: Tenant Viewset
      parameters:
      - in: path
        name: tenant_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Tenant.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TenantRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Tenant'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: core_tenants_partial_update
      description: Tenant Viewset
      parameters:
      - in: path
        name: tenant_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Tenant.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedTenantRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Tenant'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: core_tenants_destroy
      description: Tenant Viewset
      parameters:
      - in: path
        name: tenant_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Tenant.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/tenants/{tenant_uuid}/used_by/:
    get:
      operationId: core_tenants_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: tenant_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Tenant.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/tenants/current/:
    get:
      operationId: core_tenants_current_retrieve
      description: Get current tenant
      tags:
      - core
      security:
      - authentik: []
      - {}
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CurrentTenant'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/tokens/:
    get:
      operationId: core_tokens_list
      description: Token Viewset
      parameters:
      - in: query
        name: description
        schema:
          type: string
      - in: query
        name: expires
        schema:
          type: string
          format: date-time
      - in: query
        name: expiring
        schema:
          type: boolean
      - in: query
        name: identifier
        schema:
          type: string
      - in: query
        name: intent
        schema:
          type: string
          enum:
          - api
          - app_password
          - recovery
          - verification
        description: |-
          * `verification` - Intent Verification
          * `api` - Intent Api
          * `recovery` - Intent Recovery
          * `app_password` - Intent App Password
      - in: query
        name: managed
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: user__username
        schema:
          type: string
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedTokenList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: core_tokens_create
      description: Token Viewset
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TokenRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Token'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/tokens/{identifier}/:
    get:
      operationId: core_tokens_retrieve
      description: Token Viewset
      parameters:
      - in: path
        name: identifier
        schema:
          type: string
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Token'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: core_tokens_update
      description: Token Viewset
      parameters:
      - in: path
        name: identifier
        schema:
          type: string
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TokenRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Token'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: core_tokens_partial_update
      description: Token Viewset
      parameters:
      - in: path
        name: identifier
        schema:
          type: string
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedTokenRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Token'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: core_tokens_destroy
      description: Token Viewset
      parameters:
      - in: path
        name: identifier
        schema:
          type: string
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/tokens/{identifier}/set_key/:
    post:
      operationId: core_tokens_set_key_create
      description: |-
        Set token key. Action is logged as event. `authentik_core.set_token_key` permission
        is required.
      parameters:
      - in: path
        name: identifier
        schema:
          type: string
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TokenSetKeyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully changed key
        '400':
          description: Missing key
        '404':
          description: Token not found or expired
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/tokens/{identifier}/used_by/:
    get:
      operationId: core_tokens_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: identifier
        schema:
          type: string
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/tokens/{identifier}/view_key/:
    get:
      operationId: core_tokens_view_key_retrieve
      description: Return token key and log access
      parameters:
      - in: path
        name: identifier
        schema:
          type: string
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TokenView'
          description: ''
        '404':
          description: Token not found or expired
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/transactional/applications/:
    put:
      operationId: core_transactional_applications_update
      description: Convert data into a blueprint, validate it and apply it
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TransactionApplicationRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TransactionApplicationResponse'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/user_consent/:
    get:
      operationId: core_user_consent_list
      description: UserConsent Viewset
      parameters:
      - in: query
        name: application
        schema:
          type: string
          format: uuid
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: user
        schema:
          type: integer
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedUserConsentList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/user_consent/{id}/:
    get:
      operationId: core_user_consent_retrieve
      description: UserConsent Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User Consent.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserConsent'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: core_user_consent_destroy
      description: UserConsent Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User Consent.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/user_consent/{id}/used_by/:
    get:
      operationId: core_user_consent_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User Consent.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/:
    get:
      operationId: core_users_list
      description: User Viewset
      parameters:
      - in: query
        name: attributes
        schema:
          type: string
        description: Attributes
      - in: query
        name: email
        schema:
          type: string
      - in: query
        name: groups_by_name
        schema:
          type: array
          items:
            type: string
        explode: true
        style: form
      - in: query
        name: groups_by_pk
        schema:
          type: array
          items:
            type: string
            format: uuid
        explode: true
        style: form
      - in: query
        name: is_active
        schema:
          type: boolean
      - in: query
        name: is_superuser
        schema:
          type: boolean
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: path
        schema:
          type: string
      - in: query
        name: path_startswith
        schema:
          type: string
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: type
        schema:
          type: array
          items:
            type: string
            enum:
            - external
            - internal
            - internal_service_account
            - service_account
        description: |-
          * `internal` - Internal
          * `external` - External
          * `service_account` - Service Account
          * `internal_service_account` - Internal Service Account
        explode: true
        style: form
      - in: query
        name: username
        schema:
          type: string
      - in: query
        name: uuid
        schema:
          type: string
          format: uuid
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedUserList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: core_users_create
      description: User Viewset
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/User'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/{id}/:
    get:
      operationId: core_users_retrieve
      description: User Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/User'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: core_users_update
      description: User Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/User'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: core_users_partial_update
      description: User Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedUserRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/User'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: core_users_destroy
      description: User Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/{id}/impersonate/:
    post:
      operationId: core_users_impersonate_create
      description: Impersonate a user
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully started impersonation
        '401':
          description: Access denied
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/{id}/metrics/:
    get:
      operationId: core_users_metrics_retrieve
      description: User metrics per 1h
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserMetrics'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/{id}/recovery/:
    get:
      operationId: core_users_recovery_retrieve
      description: Create a temporary link that a user can use to recover their accounts
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Link'
          description: ''
        '404':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Link'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/{id}/recovery_email/:
    get:
      operationId: core_users_recovery_email_retrieve
      description: Create a temporary link that a user can use to recover their accounts
      parameters:
      - in: query
        name: email_stage
        schema:
          type: string
        required: true
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully sent recover email
        '404':
          description: Bad request
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/{id}/set_password/:
    post:
      operationId: core_users_set_password_create
      description: Set password for user
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserPasswordSetRequest'
        required: true
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully changed password
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/{id}/used_by/:
    get:
      operationId: core_users_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/impersonate_end/:
    get:
      operationId: core_users_impersonate_end_retrieve
      description: End Impersonation a user
      tags:
      - core
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully started impersonation
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/me/:
    get:
      operationId: core_users_me_retrieve
      description: Get information about current user
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SessionUser'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/paths/:
    get:
      operationId: core_users_paths_retrieve
      description: Get all user paths
      parameters:
      - in: query
        name: search
        schema:
          type: string
      tags:
      - core
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserPath'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /core/users/service_account/:
    post:
      operationId: core_users_service_account_create
      description: Create a new user account that is marked as a service account
      tags:
      - core
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserServiceAccountRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserServiceAccountResponse'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /crypto/certificatekeypairs/:
    get:
      operationId: crypto_certificatekeypairs_list
      description: CertificateKeyPair Viewset
      parameters:
      - in: query
        name: has_key
        schema:
          type: boolean
        description: Only return certificate-key pairs with keys
      - in: query
        name: include_details
        schema:
          type: boolean
          default: true
      - in: query
        name: managed
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - crypto
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedCertificateKeyPairList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: crypto_certificatekeypairs_create
      description: CertificateKeyPair Viewset
      tags:
      - crypto
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CertificateKeyPairRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CertificateKeyPair'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /crypto/certificatekeypairs/{kp_uuid}/:
    get:
      operationId: crypto_certificatekeypairs_retrieve
      description: CertificateKeyPair Viewset
      parameters:
      - in: path
        name: kp_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Certificate-Key Pair.
        required: true
      tags:
      - crypto
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CertificateKeyPair'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: crypto_certificatekeypairs_update
      description: CertificateKeyPair Viewset
      parameters:
      - in: path
        name: kp_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Certificate-Key Pair.
        required: true
      tags:
      - crypto
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CertificateKeyPairRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CertificateKeyPair'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: crypto_certificatekeypairs_partial_update
      description: CertificateKeyPair Viewset
      parameters:
      - in: path
        name: kp_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Certificate-Key Pair.
        required: true
      tags:
      - crypto
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedCertificateKeyPairRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CertificateKeyPair'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: crypto_certificatekeypairs_destroy
      description: CertificateKeyPair Viewset
      parameters:
      - in: path
        name: kp_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Certificate-Key Pair.
        required: true
      tags:
      - crypto
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /crypto/certificatekeypairs/{kp_uuid}/used_by/:
    get:
      operationId: crypto_certificatekeypairs_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: kp_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Certificate-Key Pair.
        required: true
      tags:
      - crypto
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /crypto/certificatekeypairs/{kp_uuid}/view_certificate/:
    get:
      operationId: crypto_certificatekeypairs_view_certificate_retrieve
      description: Return certificate-key pairs certificate and log access
      parameters:
      - in: query
        name: download
        schema:
          type: boolean
      - in: path
        name: kp_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Certificate-Key Pair.
        required: true
      tags:
      - crypto
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CertificateData'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /crypto/certificatekeypairs/{kp_uuid}/view_private_key/:
    get:
      operationId: crypto_certificatekeypairs_view_private_key_retrieve
      description: Return certificate-key pairs private key and log access
      parameters:
      - in: query
        name: download
        schema:
          type: boolean
      - in: path
        name: kp_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Certificate-Key Pair.
        required: true
      tags:
      - crypto
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CertificateData'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /crypto/certificatekeypairs/generate/:
    post:
      operationId: crypto_certificatekeypairs_generate_create
      description: Generate a new, self-signed certificate-key pair
      tags:
      - crypto
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CertificateGenerationRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CertificateKeyPair'
          description: ''
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /enterprise/license/:
    get:
      operationId: enterprise_license_list
      description: License Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - enterprise
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedLicenseList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: enterprise_license_create
      description: License Viewset
      tags:
      - enterprise
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LicenseRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/License'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /enterprise/license/{license_uuid}/:
    get:
      operationId: enterprise_license_retrieve
      description: License Viewset
      parameters:
      - in: path
        name: license_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this License.
        required: true
      tags:
      - enterprise
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/License'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: enterprise_license_update
      description: License Viewset
      parameters:
      - in: path
        name: license_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this License.
        required: true
      tags:
      - enterprise
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LicenseRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/License'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: enterprise_license_partial_update
      description: License Viewset
      parameters:
      - in: path
        name: license_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this License.
        required: true
      tags:
      - enterprise
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedLicenseRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/License'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: enterprise_license_destroy
      description: License Viewset
      parameters:
      - in: path
        name: license_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this License.
        required: true
      tags:
      - enterprise
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /enterprise/license/{license_uuid}/used_by/:
    get:
      operationId: enterprise_license_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: license_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this License.
        required: true
      tags:
      - enterprise
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /enterprise/license/forecast/:
    get:
      operationId: enterprise_license_forecast_retrieve
      description: Forecast how many users will be required in a year
      tags:
      - enterprise
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LicenseForecast'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /enterprise/license/get_install_id/:
    get:
      operationId: enterprise_license_get_install_id_retrieve
      description: Get install_id
      tags:
      - enterprise
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InstallID'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /enterprise/license/summary/:
    get:
      operationId: enterprise_license_summary_retrieve
      description: Get the total license status
      tags:
      - enterprise
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LicenseSummary'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/events/:
    get:
      operationId: events_events_list
      description: Event Read-Only Viewset
      parameters:
      - in: query
        name: action
        schema:
          type: string
      - in: query
        name: client_ip
        schema:
          type: string
      - in: query
        name: context_authorized_app
        schema:
          type: string
        description: Context Authorized application
      - in: query
        name: context_model_app
        schema:
          type: string
        description: Context Model App
      - in: query
        name: context_model_name
        schema:
          type: string
        description: Context Model Name
      - in: query
        name: context_model_pk
        schema:
          type: string
        description: Context Model Primary Key
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: tenant_name
        schema:
          type: string
        description: Tenant name
      - in: query
        name: username
        schema:
          type: string
        description: Username
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedEventList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: events_events_create
      description: Event Read-Only Viewset
      tags:
      - events
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/EventRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Event'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/events/{event_uuid}/:
    get:
      operationId: events_events_retrieve
      description: Event Read-Only Viewset
      parameters:
      - in: path
        name: event_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Event.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Event'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: events_events_update
      description: Event Read-Only Viewset
      parameters:
      - in: path
        name: event_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Event.
        required: true
      tags:
      - events
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/EventRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Event'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: events_events_partial_update
      description: Event Read-Only Viewset
      parameters:
      - in: path
        name: event_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Event.
        required: true
      tags:
      - events
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedEventRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Event'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: events_events_destroy
      description: Event Read-Only Viewset
      parameters:
      - in: path
        name: event_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Event.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/events/actions/:
    get:
      operationId: events_events_actions_list
      description: Get all actions
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/TypeCreate'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/events/per_month/:
    get:
      operationId: events_events_per_month_list
      description: Get the count of events per month
      parameters:
      - in: query
        name: action
        schema:
          type: string
      - in: query
        name: query
        schema:
          type: string
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Coordinate'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/events/top_per_user/:
    get:
      operationId: events_events_top_per_user_list
      description: Get the top_n events grouped by user count
      parameters:
      - in: query
        name: action
        schema:
          type: string
      - in: query
        name: top_n
        schema:
          type: integer
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/EventTopPerUser'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/notifications/:
    get:
      operationId: events_notifications_list
      description: Notification Viewset
      parameters:
      - in: query
        name: body
        schema:
          type: string
      - in: query
        name: created
        schema:
          type: string
          format: date-time
      - in: query
        name: event
        schema:
          type: string
          format: uuid
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: seen
        schema:
          type: boolean
      - in: query
        name: severity
        schema:
          type: string
          enum:
          - alert
          - notice
          - warning
        description: |-
          * `notice` - Notice
          * `warning` - Warning
          * `alert` - Alert
      - in: query
        name: user
        schema:
          type: integer
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedNotificationList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/notifications/{uuid}/:
    get:
      operationId: events_notifications_retrieve
      description: Notification Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Notification'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: events_notifications_update
      description: Notification Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification.
        required: true
      tags:
      - events
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/NotificationRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Notification'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: events_notifications_partial_update
      description: Notification Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification.
        required: true
      tags:
      - events
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedNotificationRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Notification'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: events_notifications_destroy
      description: Notification Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/notifications/{uuid}/used_by/:
    get:
      operationId: events_notifications_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/notifications/mark_all_seen/:
    post:
      operationId: events_notifications_mark_all_seen_create
      description: Mark all the user's notifications as seen
      tags:
      - events
      security:
      - authentik: []
      responses:
        '204':
          description: Marked tasks as read successfully.
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/rules/:
    get:
      operationId: events_rules_list
      description: NotificationRule Viewset
      parameters:
      - in: query
        name: group__name
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: severity
        schema:
          type: string
          enum:
          - alert
          - notice
          - warning
        description: |-
          Controls which severity level the created notifications will have.

          * `notice` - Notice
          * `warning` - Warning
          * `alert` - Alert
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedNotificationRuleList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: events_rules_create
      description: NotificationRule Viewset
      tags:
      - events
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/NotificationRuleRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationRule'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/rules/{pbm_uuid}/:
    get:
      operationId: events_rules_retrieve
      description: NotificationRule Viewset
      parameters:
      - in: path
        name: pbm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification Rule.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationRule'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: events_rules_update
      description: NotificationRule Viewset
      parameters:
      - in: path
        name: pbm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification Rule.
        required: true
      tags:
      - events
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/NotificationRuleRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationRule'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: events_rules_partial_update
      description: NotificationRule Viewset
      parameters:
      - in: path
        name: pbm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification Rule.
        required: true
      tags:
      - events
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedNotificationRuleRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationRule'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: events_rules_destroy
      description: NotificationRule Viewset
      parameters:
      - in: path
        name: pbm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification Rule.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/rules/{pbm_uuid}/used_by/:
    get:
      operationId: events_rules_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: pbm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification Rule.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/transports/:
    get:
      operationId: events_transports_list
      description: NotificationTransport Viewset
      parameters:
      - in: query
        name: mode
        schema:
          type: string
          enum:
          - email
          - local
          - webhook
          - webhook_slack
        description: |-
          * `local` - authentik inbuilt notifications
          * `webhook` - Generic Webhook
          * `webhook_slack` - Slack Webhook (Slack/Discord)
          * `email` - Email
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: send_once
        schema:
          type: boolean
      - in: query
        name: webhook_url
        schema:
          type: string
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedNotificationTransportList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: events_transports_create
      description: NotificationTransport Viewset
      tags:
      - events
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/NotificationTransportRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationTransport'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/transports/{uuid}/:
    get:
      operationId: events_transports_retrieve
      description: NotificationTransport Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification Transport.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationTransport'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: events_transports_update
      description: NotificationTransport Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification Transport.
        required: true
      tags:
      - events
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/NotificationTransportRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationTransport'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: events_transports_partial_update
      description: NotificationTransport Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification Transport.
        required: true
      tags:
      - events
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedNotificationTransportRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationTransport'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: events_transports_destroy
      description: NotificationTransport Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification Transport.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/transports/{uuid}/test/:
    post:
      operationId: events_transports_test_create
      description: |-
        Send example notification using selected transport. Requires
        Modify permissions.
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification Transport.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationTransportTest'
          description: ''
        '500':
          description: Failed to test transport
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /events/transports/{uuid}/used_by/:
    get:
      operationId: events_transports_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Notification Transport.
        required: true
      tags:
      - events
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/bindings/:
    get:
      operationId: flows_bindings_list
      description: FlowStageBinding Viewset
      parameters:
      - in: query
        name: evaluate_on_plan
        schema:
          type: boolean
      - in: query
        name: fsb_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: invalid_response_action
        schema:
          type: string
          enum:
          - restart
          - restart_with_context
          - retry
        description: |-
          Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

          * `retry` - Retry
          * `restart` - Restart
          * `restart_with_context` - Restart With Context
      - in: query
        name: order
        schema:
          type: integer
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: pbm_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: policies
        schema:
          type: array
          items:
            type: string
            format: uuid
        explode: true
        style: form
      - in: query
        name: policy_engine_mode
        schema:
          type: string
          enum:
          - all
          - any
        description: |-
          * `all` - all, all policies must pass
          * `any` - any, any policy must pass
      - in: query
        name: re_evaluate_policies
        schema:
          type: boolean
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage
        schema:
          type: string
          format: uuid
      - in: query
        name: target
        schema:
          type: string
          format: uuid
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedFlowStageBindingList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: flows_bindings_create
      description: FlowStageBinding Viewset
      tags:
      - flows
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FlowStageBindingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FlowStageBinding'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/bindings/{fsb_uuid}/:
    get:
      operationId: flows_bindings_retrieve
      description: FlowStageBinding Viewset
      parameters:
      - in: path
        name: fsb_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Flow Stage Binding.
        required: true
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FlowStageBinding'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: flows_bindings_update
      description: FlowStageBinding Viewset
      parameters:
      - in: path
        name: fsb_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Flow Stage Binding.
        required: true
      tags:
      - flows
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FlowStageBindingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FlowStageBinding'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: flows_bindings_partial_update
      description: FlowStageBinding Viewset
      parameters:
      - in: path
        name: fsb_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Flow Stage Binding.
        required: true
      tags:
      - flows
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedFlowStageBindingRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FlowStageBinding'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: flows_bindings_destroy
      description: FlowStageBinding Viewset
      parameters:
      - in: path
        name: fsb_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Flow Stage Binding.
        required: true
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/bindings/{fsb_uuid}/used_by/:
    get:
      operationId: flows_bindings_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: fsb_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Flow Stage Binding.
        required: true
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/executor/{flow_slug}/:
    get:
      operationId: flows_executor_get
      description: Get the next pending challenge from the currently active flow.
      parameters:
      - in: path
        name: flow_slug
        schema:
          type: string
        required: true
      - in: query
        name: query
        schema:
          type: string
        description: Querystring as received
        required: true
      tags:
      - flows
      security:
      - authentik: []
      - {}
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ChallengeTypes'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: flows_executor_solve
      description: Solve the previously retrieved challenge and advanced to the next
        stage.
      parameters:
      - in: path
        name: flow_slug
        schema:
          type: string
        required: true
      - in: query
        name: query
        schema:
          type: string
        description: Querystring as received
        required: true
      tags:
      - flows
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FlowChallengeResponseRequest'
      security:
      - authentik: []
      - {}
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ChallengeTypes'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/inspector/{flow_slug}/:
    get:
      operationId: flows_inspector_get
      description: Get current flow state and record it
      parameters:
      - in: path
        name: flow_slug
        schema:
          type: string
        required: true
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FlowInspection'
          description: ''
        '400':
          description: No flow plan in session.
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/instances/:
    get:
      operationId: flows_instances_list
      description: Flow Viewset
      parameters:
      - in: query
        name: denied_action
        schema:
          type: string
          enum:
          - continue
          - message
          - message_continue
        description: |-
          Configure what should happen when a flow denies access to a user.

          * `message_continue` - Message Continue
          * `message` - Message
          * `continue` - Continue
      - in: query
        name: designation
        schema:
          type: string
          enum:
          - authentication
          - authorization
          - enrollment
          - invalidation
          - recovery
          - stage_configuration
          - unenrollment
        description: |-
          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

          * `authentication` - Authentication
          * `authorization` - Authorization
          * `invalidation` - Invalidation
          * `enrollment` - Enrollment
          * `unenrollment` - Unrenollment
          * `recovery` - Recovery
          * `stage_configuration` - Stage Configuration
      - in: query
        name: flow_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: slug
        schema:
          type: string
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedFlowList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: flows_instances_create
      description: Flow Viewset
      tags:
      - flows
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FlowRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Flow'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/instances/{slug}/:
    get:
      operationId: flows_instances_retrieve
      description: Flow Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Visible in the URL.
        required: true
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Flow'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: flows_instances_update
      description: Flow Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Visible in the URL.
        required: true
      tags:
      - flows
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FlowRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Flow'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: flows_instances_partial_update
      description: Flow Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Visible in the URL.
        required: true
      tags:
      - flows
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedFlowRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Flow'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: flows_instances_destroy
      description: Flow Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Visible in the URL.
        required: true
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/instances/{slug}/diagram/:
    get:
      operationId: flows_instances_diagram_retrieve
      description: Return diagram for flow with slug `slug`, in the format used by
        flowchart.js
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Visible in the URL.
        required: true
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FlowDiagram'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/instances/{slug}/execute/:
    get:
      operationId: flows_instances_execute_retrieve
      description: Execute flow for current user
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Visible in the URL.
        required: true
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Link'
          description: ''
        '400':
          description: Flow not applicable
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/instances/{slug}/export/:
    get:
      operationId: flows_instances_export_retrieve
      description: Export flow to .yaml file
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Visible in the URL.
        required: true
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: string
                format: binary
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/instances/{slug}/set_background/:
    post:
      operationId: flows_instances_set_background_create
      description: Set Flow background
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Visible in the URL.
        required: true
      tags:
      - flows
      requestBody:
        content:
          multipart/form-data:
            schema:
              $ref: '#/components/schemas/FileUploadRequest'
      security:
      - authentik: []
      responses:
        '200':
          description: Success
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/instances/{slug}/set_background_url/:
    post:
      operationId: flows_instances_set_background_url_create
      description: Set Flow background (as URL)
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Visible in the URL.
        required: true
      tags:
      - flows
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FilePathRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          description: Success
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/instances/{slug}/used_by/:
    get:
      operationId: flows_instances_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Visible in the URL.
        required: true
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/instances/cache_clear/:
    post:
      operationId: flows_instances_cache_clear_create
      description: Clear flow cache
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully cleared cache
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/instances/cache_info/:
    get:
      operationId: flows_instances_cache_info_retrieve
      description: Info about cached flows
      tags:
      - flows
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Cache'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /flows/instances/import/:
    post:
      operationId: flows_instances_import_create
      description: Import flow from .yaml file
      tags:
      - flows
      requestBody:
        content:
          multipart/form-data:
            schema:
              $ref: '#/components/schemas/FileUploadRequest'
      security:
      - authentik: []
      responses:
        '204':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FlowImportResult'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FlowImportResult'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /managed/blueprints/:
    get:
      operationId: managed_blueprints_list
      description: Blueprint instances
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: path
        schema:
          type: string
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - managed
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedBlueprintInstanceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: managed_blueprints_create
      description: Blueprint instances
      tags:
      - managed
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/BlueprintInstanceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BlueprintInstance'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /managed/blueprints/{instance_uuid}/:
    get:
      operationId: managed_blueprints_retrieve
      description: Blueprint instances
      parameters:
      - in: path
        name: instance_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Blueprint Instance.
        required: true
      tags:
      - managed
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BlueprintInstance'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: managed_blueprints_update
      description: Blueprint instances
      parameters:
      - in: path
        name: instance_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Blueprint Instance.
        required: true
      tags:
      - managed
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/BlueprintInstanceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BlueprintInstance'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: managed_blueprints_partial_update
      description: Blueprint instances
      parameters:
      - in: path
        name: instance_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Blueprint Instance.
        required: true
      tags:
      - managed
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedBlueprintInstanceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BlueprintInstance'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: managed_blueprints_destroy
      description: Blueprint instances
      parameters:
      - in: path
        name: instance_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Blueprint Instance.
        required: true
      tags:
      - managed
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /managed/blueprints/{instance_uuid}/apply/:
    post:
      operationId: managed_blueprints_apply_create
      description: Apply a blueprint
      parameters:
      - in: path
        name: instance_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Blueprint Instance.
        required: true
      tags:
      - managed
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BlueprintInstance'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /managed/blueprints/{instance_uuid}/used_by/:
    get:
      operationId: managed_blueprints_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: instance_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Blueprint Instance.
        required: true
      tags:
      - managed
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /managed/blueprints/available/:
    get:
      operationId: managed_blueprints_available_list
      description: Get blueprints
      tags:
      - managed
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/BlueprintFile'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /oauth2/access_tokens/:
    get:
      operationId: oauth2_access_tokens_list
      description: AccessToken Viewset
      parameters:
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: provider
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: user
        schema:
          type: integer
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedTokenModelList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /oauth2/access_tokens/{id}/:
    get:
      operationId: oauth2_access_tokens_retrieve
      description: AccessToken Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2 Access Token.
        required: true
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TokenModel'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: oauth2_access_tokens_destroy
      description: AccessToken Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2 Access Token.
        required: true
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /oauth2/access_tokens/{id}/used_by/:
    get:
      operationId: oauth2_access_tokens_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2 Access Token.
        required: true
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /oauth2/authorization_codes/:
    get:
      operationId: oauth2_authorization_codes_list
      description: AuthorizationCode Viewset
      parameters:
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: provider
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: user
        schema:
          type: integer
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /oauth2/authorization_codes/{id}/:
    get:
      operationId: oauth2_authorization_codes_retrieve
      description: AuthorizationCode Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Authorization Code.
        required: true
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExpiringBaseGrantModel'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: oauth2_authorization_codes_destroy
      description: AuthorizationCode Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Authorization Code.
        required: true
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /oauth2/authorization_codes/{id}/used_by/:
    get:
      operationId: oauth2_authorization_codes_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Authorization Code.
        required: true
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /oauth2/refresh_tokens/:
    get:
      operationId: oauth2_refresh_tokens_list
      description: RefreshToken Viewset
      parameters:
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: provider
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: user
        schema:
          type: integer
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedTokenModelList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /oauth2/refresh_tokens/{id}/:
    get:
      operationId: oauth2_refresh_tokens_retrieve
      description: RefreshToken Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2 Refresh Token.
        required: true
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TokenModel'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: oauth2_refresh_tokens_destroy
      description: RefreshToken Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2 Refresh Token.
        required: true
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /oauth2/refresh_tokens/{id}/used_by/:
    get:
      operationId: oauth2_refresh_tokens_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2 Refresh Token.
        required: true
      tags:
      - oauth2
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/instances/:
    get:
      operationId: outposts_instances_list
      description: Outpost Viewset
      parameters:
      - in: query
        name: managed__icontains
        schema:
          type: string
      - in: query
        name: managed__iexact
        schema:
          type: string
      - in: query
        name: name__icontains
        schema:
          type: string
      - in: query
        name: name__iexact
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: providers__isnull
        schema:
          type: boolean
      - in: query
        name: providers_by_pk
        schema:
          type: array
          items:
            type: integer
        explode: true
        style: form
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: service_connection__name__icontains
        schema:
          type: string
      - in: query
        name: service_connection__name__iexact
        schema:
          type: string
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedOutpostList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: outposts_instances_create
      description: Outpost Viewset
      tags:
      - outposts
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OutpostRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Outpost'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/instances/{uuid}/:
    get:
      operationId: outposts_instances_retrieve
      description: Outpost Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Outpost.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Outpost'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: outposts_instances_update
      description: Outpost Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Outpost.
        required: true
      tags:
      - outposts
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OutpostRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Outpost'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: outposts_instances_partial_update
      description: Outpost Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Outpost.
        required: true
      tags:
      - outposts
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedOutpostRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Outpost'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: outposts_instances_destroy
      description: Outpost Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Outpost.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/instances/{uuid}/health/:
    get:
      operationId: outposts_instances_health_list
      description: Get outposts current health
      parameters:
      - in: query
        name: managed__icontains
        schema:
          type: string
      - in: query
        name: managed__iexact
        schema:
          type: string
      - in: query
        name: name__icontains
        schema:
          type: string
      - in: query
        name: name__iexact
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - in: query
        name: providers__isnull
        schema:
          type: boolean
      - in: query
        name: providers_by_pk
        schema:
          type: array
          items:
            type: integer
        explode: true
        style: form
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: service_connection__name__icontains
        schema:
          type: string
      - in: query
        name: service_connection__name__iexact
        schema:
          type: string
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Outpost.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/OutpostHealth'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/instances/{uuid}/used_by/:
    get:
      operationId: outposts_instances_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Outpost.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/instances/default_settings/:
    get:
      operationId: outposts_instances_default_settings_retrieve
      description: Global default outpost config
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OutpostDefaultConfig'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/ldap/:
    get:
      operationId: outposts_ldap_list
      description: LDAPProvider Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedLDAPOutpostConfigList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/ldap/{id}/:
    get:
      operationId: outposts_ldap_retrieve
      description: LDAPProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this LDAP Provider.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPOutpostConfig'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/proxy/:
    get:
      operationId: outposts_proxy_list
      description: ProxyProvider Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedProxyOutpostConfigList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/proxy/{id}/:
    get:
      operationId: outposts_proxy_retrieve
      description: ProxyProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Proxy Provider.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ProxyOutpostConfig'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/radius/:
    get:
      operationId: outposts_radius_list
      description: RadiusProvider Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedRadiusOutpostConfigList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/radius/{id}/:
    get:
      operationId: outposts_radius_retrieve
      description: RadiusProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Radius Provider.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RadiusOutpostConfig'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/service_connections/all/:
    get:
      operationId: outposts_service_connections_all_list
      description: ServiceConnection Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedServiceConnectionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/service_connections/all/{uuid}/:
    get:
      operationId: outposts_service_connections_all_retrieve
      description: ServiceConnection Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Outpost Service-Connection.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ServiceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: outposts_service_connections_all_destroy
      description: ServiceConnection Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Outpost Service-Connection.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/service_connections/all/{uuid}/state/:
    get:
      operationId: outposts_service_connections_all_state_retrieve
      description: Get the service connection's state
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Outpost Service-Connection.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ServiceConnectionState'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/service_connections/all/{uuid}/used_by/:
    get:
      operationId: outposts_service_connections_all_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Outpost Service-Connection.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/service_connections/all/types/:
    get:
      operationId: outposts_service_connections_all_types_list
      description: Get all creatable service connection types
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/TypeCreate'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/service_connections/docker/:
    get:
      operationId: outposts_service_connections_docker_list
      description: DockerServiceConnection Viewset
      parameters:
      - in: query
        name: local
        schema:
          type: boolean
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: tls_authentication
        schema:
          type: string
          format: uuid
      - in: query
        name: tls_verification
        schema:
          type: string
          format: uuid
      - in: query
        name: url
        schema:
          type: string
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedDockerServiceConnectionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: outposts_service_connections_docker_create
      description: DockerServiceConnection Viewset
      tags:
      - outposts
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DockerServiceConnectionRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DockerServiceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/service_connections/docker/{uuid}/:
    get:
      operationId: outposts_service_connections_docker_retrieve
      description: DockerServiceConnection Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Docker Service-Connection.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DockerServiceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: outposts_service_connections_docker_update
      description: DockerServiceConnection Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Docker Service-Connection.
        required: true
      tags:
      - outposts
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DockerServiceConnectionRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DockerServiceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: outposts_service_connections_docker_partial_update
      description: DockerServiceConnection Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Docker Service-Connection.
        required: true
      tags:
      - outposts
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DockerServiceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: outposts_service_connections_docker_destroy
      description: DockerServiceConnection Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Docker Service-Connection.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/service_connections/docker/{uuid}/used_by/:
    get:
      operationId: outposts_service_connections_docker_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Docker Service-Connection.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/service_connections/kubernetes/:
    get:
      operationId: outposts_service_connections_kubernetes_list
      description: KubernetesServiceConnection Viewset
      parameters:
      - in: query
        name: local
        schema:
          type: boolean
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedKubernetesServiceConnectionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: outposts_service_connections_kubernetes_create
      description: KubernetesServiceConnection Viewset
      tags:
      - outposts
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/KubernetesServiceConnectionRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/KubernetesServiceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/service_connections/kubernetes/{uuid}/:
    get:
      operationId: outposts_service_connections_kubernetes_retrieve
      description: KubernetesServiceConnection Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Kubernetes Service-Connection.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/KubernetesServiceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: outposts_service_connections_kubernetes_update
      description: KubernetesServiceConnection Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Kubernetes Service-Connection.
        required: true
      tags:
      - outposts
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/KubernetesServiceConnectionRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/KubernetesServiceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: outposts_service_connections_kubernetes_partial_update
      description: KubernetesServiceConnection Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Kubernetes Service-Connection.
        required: true
      tags:
      - outposts
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/KubernetesServiceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: outposts_service_connections_kubernetes_destroy
      description: KubernetesServiceConnection Viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Kubernetes Service-Connection.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /outposts/service_connections/kubernetes/{uuid}/used_by/:
    get:
      operationId: outposts_service_connections_kubernetes_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Kubernetes Service-Connection.
        required: true
      tags:
      - outposts
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/all/:
    get:
      operationId: policies_all_list
      description: Policy Viewset
      parameters:
      - in: query
        name: bindings__isnull
        schema:
          type: boolean
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: promptstage__isnull
        schema:
          type: boolean
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedPolicyList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/all/{policy_uuid}/:
    get:
      operationId: policies_all_retrieve
      description: Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Policy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: policies_all_destroy
      description: Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/all/{policy_uuid}/test/:
    post:
      operationId: policies_all_test_create
      description: Test policy
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PolicyTestRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyTestResult'
          description: ''
        '400':
          description: Invalid parameters
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/all/{policy_uuid}/used_by/:
    get:
      operationId: policies_all_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/all/cache_clear/:
    post:
      operationId: policies_all_cache_clear_create
      description: Clear policy cache
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully cleared cache
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/all/cache_info/:
    get:
      operationId: policies_all_cache_info_retrieve
      description: Info about cached policies
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Cache'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/all/types/:
    get:
      operationId: policies_all_types_list
      description: Get all creatable policy types
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/TypeCreate'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/bindings/:
    get:
      operationId: policies_bindings_list
      description: PolicyBinding Viewset
      parameters:
      - in: query
        name: enabled
        schema:
          type: boolean
      - in: query
        name: order
        schema:
          type: integer
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: policy
        schema:
          type: string
          format: uuid
      - in: query
        name: policy__isnull
        schema:
          type: boolean
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: target
        schema:
          type: string
          format: uuid
      - in: query
        name: target_in
        schema:
          type: array
          items:
            type: string
            format: uuid
        explode: true
        style: form
      - in: query
        name: timeout
        schema:
          type: integer
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedPolicyBindingList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: policies_bindings_create
      description: PolicyBinding Viewset
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PolicyBindingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyBinding'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/bindings/{policy_binding_uuid}/:
    get:
      operationId: policies_bindings_retrieve
      description: PolicyBinding Viewset
      parameters:
      - in: path
        name: policy_binding_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Policy Binding.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyBinding'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: policies_bindings_update
      description: PolicyBinding Viewset
      parameters:
      - in: path
        name: policy_binding_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Policy Binding.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PolicyBindingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyBinding'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: policies_bindings_partial_update
      description: PolicyBinding Viewset
      parameters:
      - in: path
        name: policy_binding_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Policy Binding.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedPolicyBindingRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyBinding'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: policies_bindings_destroy
      description: PolicyBinding Viewset
      parameters:
      - in: path
        name: policy_binding_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Policy Binding.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/bindings/{policy_binding_uuid}/used_by/:
    get:
      operationId: policies_bindings_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: policy_binding_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Policy Binding.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/dummy/:
    get:
      operationId: policies_dummy_list
      description: Dummy Viewset
      parameters:
      - in: query
        name: created
        schema:
          type: string
          format: date-time
      - in: query
        name: execution_logging
        schema:
          type: boolean
      - in: query
        name: last_updated
        schema:
          type: string
          format: date-time
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: policy_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: result
        schema:
          type: boolean
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: wait_max
        schema:
          type: integer
      - in: query
        name: wait_min
        schema:
          type: integer
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedDummyPolicyList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: policies_dummy_create
      description: Dummy Viewset
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DummyPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DummyPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/dummy/{policy_uuid}/:
    get:
      operationId: policies_dummy_retrieve
      description: Dummy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Dummy Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DummyPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: policies_dummy_update
      description: Dummy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Dummy Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DummyPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DummyPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: policies_dummy_partial_update
      description: Dummy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Dummy Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedDummyPolicyRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DummyPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: policies_dummy_destroy
      description: Dummy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Dummy Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/dummy/{policy_uuid}/used_by/:
    get:
      operationId: policies_dummy_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Dummy Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/event_matcher/:
    get:
      operationId: policies_event_matcher_list
      description: Event Matcher Policy Viewset
      parameters:
      - in: query
        name: action
        schema:
          type: string
          nullable: true
          enum:
          - authorize_application
          - configuration_error
          - custom_
          - email_sent
          - flow_execution
          - impersonation_ended
          - impersonation_started
          - invitation_used
          - login
          - login_failed
          - logout
          - model_created
          - model_deleted
          - model_updated
          - password_set
          - policy_exception
          - policy_execution
          - property_mapping_exception
          - secret_rotate
          - secret_view
          - source_linked
          - suspicious_request
          - system_exception
          - system_task_exception
          - system_task_execution
          - update_available
          - user_write
        description: |-
          Match created events with this action type. When left empty, all action types will be matched.

          * `login` - Login
          * `login_failed` - Login Failed
          * `logout` - Logout
          * `user_write` - User Write
          * `suspicious_request` - Suspicious Request
          * `password_set` - Password Set
          * `secret_view` - Secret View
          * `secret_rotate` - Secret Rotate
          * `invitation_used` - Invite Used
          * `authorize_application` - Authorize Application
          * `source_linked` - Source Linked
          * `impersonation_started` - Impersonation Started
          * `impersonation_ended` - Impersonation Ended
          * `flow_execution` - Flow Execution
          * `policy_execution` - Policy Execution
          * `policy_exception` - Policy Exception
          * `property_mapping_exception` - Property Mapping Exception
          * `system_task_execution` - System Task Execution
          * `system_task_exception` - System Task Exception
          * `system_exception` - System Exception
          * `configuration_error` - Configuration Error
          * `model_created` - Model Created
          * `model_updated` - Model Updated
          * `model_deleted` - Model Deleted
          * `email_sent` - Email Sent
          * `update_available` - Update Available
          * `custom_` - Custom Prefix
      - in: query
        name: app
        schema:
          type: string
      - in: query
        name: client_ip
        schema:
          type: string
      - in: query
        name: created
        schema:
          type: string
          format: date-time
      - in: query
        name: execution_logging
        schema:
          type: boolean
      - in: query
        name: last_updated
        schema:
          type: string
          format: date-time
      - in: query
        name: model
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: policy_uuid
        schema:
          type: string
          format: uuid
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedEventMatcherPolicyList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: policies_event_matcher_create
      description: Event Matcher Policy Viewset
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/EventMatcherPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EventMatcherPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/event_matcher/{policy_uuid}/:
    get:
      operationId: policies_event_matcher_retrieve
      description: Event Matcher Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Event Matcher Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EventMatcherPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: policies_event_matcher_update
      description: Event Matcher Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Event Matcher Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/EventMatcherPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EventMatcherPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: policies_event_matcher_partial_update
      description: Event Matcher Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Event Matcher Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EventMatcherPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: policies_event_matcher_destroy
      description: Event Matcher Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Event Matcher Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/event_matcher/{policy_uuid}/used_by/:
    get:
      operationId: policies_event_matcher_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Event Matcher Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/expression/:
    get:
      operationId: policies_expression_list
      description: Source Viewset
      parameters:
      - in: query
        name: created
        schema:
          type: string
          format: date-time
      - in: query
        name: execution_logging
        schema:
          type: boolean
      - in: query
        name: expression
        schema:
          type: string
      - in: query
        name: last_updated
        schema:
          type: string
          format: date-time
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: policy_uuid
        schema:
          type: string
          format: uuid
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedExpressionPolicyList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: policies_expression_create
      description: Source Viewset
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ExpressionPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExpressionPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/expression/{policy_uuid}/:
    get:
      operationId: policies_expression_retrieve
      description: Source Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Expression Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExpressionPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: policies_expression_update
      description: Source Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Expression Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ExpressionPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExpressionPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: policies_expression_partial_update
      description: Source Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Expression Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedExpressionPolicyRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExpressionPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: policies_expression_destroy
      description: Source Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Expression Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/expression/{policy_uuid}/used_by/:
    get:
      operationId: policies_expression_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Expression Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/password/:
    get:
      operationId: policies_password_list
      description: Password Policy Viewset
      parameters:
      - in: query
        name: amount_digits
        schema:
          type: integer
      - in: query
        name: amount_lowercase
        schema:
          type: integer
      - in: query
        name: amount_symbols
        schema:
          type: integer
      - in: query
        name: amount_uppercase
        schema:
          type: integer
      - in: query
        name: check_have_i_been_pwned
        schema:
          type: boolean
      - in: query
        name: check_static_rules
        schema:
          type: boolean
      - in: query
        name: check_zxcvbn
        schema:
          type: boolean
      - in: query
        name: created
        schema:
          type: string
          format: date-time
      - in: query
        name: error_message
        schema:
          type: string
      - in: query
        name: execution_logging
        schema:
          type: boolean
      - in: query
        name: hibp_allowed_count
        schema:
          type: integer
      - in: query
        name: last_updated
        schema:
          type: string
          format: date-time
      - in: query
        name: length_min
        schema:
          type: integer
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: password_field
        schema:
          type: string
      - in: query
        name: policy_uuid
        schema:
          type: string
          format: uuid
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: symbol_charset
        schema:
          type: string
      - in: query
        name: zxcvbn_score_threshold
        schema:
          type: integer
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedPasswordPolicyList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: policies_password_create
      description: Password Policy Viewset
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PasswordPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/password/{policy_uuid}/:
    get:
      operationId: policies_password_retrieve
      description: Password Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: policies_password_update
      description: Password Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PasswordPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: policies_password_partial_update
      description: Password Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedPasswordPolicyRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: policies_password_destroy
      description: Password Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/password/{policy_uuid}/used_by/:
    get:
      operationId: policies_password_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/password_expiry/:
    get:
      operationId: policies_password_expiry_list
      description: Password Expiry Viewset
      parameters:
      - in: query
        name: created
        schema:
          type: string
          format: date-time
      - in: query
        name: days
        schema:
          type: integer
      - in: query
        name: deny_only
        schema:
          type: boolean
      - in: query
        name: execution_logging
        schema:
          type: boolean
      - in: query
        name: last_updated
        schema:
          type: string
          format: date-time
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: policy_uuid
        schema:
          type: string
          format: uuid
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedPasswordExpiryPolicyList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: policies_password_expiry_create
      description: Password Expiry Viewset
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PasswordExpiryPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordExpiryPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/password_expiry/{policy_uuid}/:
    get:
      operationId: policies_password_expiry_retrieve
      description: Password Expiry Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Expiry Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordExpiryPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: policies_password_expiry_update
      description: Password Expiry Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Expiry Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PasswordExpiryPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordExpiryPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: policies_password_expiry_partial_update
      description: Password Expiry Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Expiry Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordExpiryPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: policies_password_expiry_destroy
      description: Password Expiry Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Expiry Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/password_expiry/{policy_uuid}/used_by/:
    get:
      operationId: policies_password_expiry_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Expiry Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/reputation/:
    get:
      operationId: policies_reputation_list
      description: Reputation Policy Viewset
      parameters:
      - in: query
        name: check_ip
        schema:
          type: boolean
      - in: query
        name: check_username
        schema:
          type: boolean
      - in: query
        name: created
        schema:
          type: string
          format: date-time
      - in: query
        name: execution_logging
        schema:
          type: boolean
      - in: query
        name: last_updated
        schema:
          type: string
          format: date-time
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: policy_uuid
        schema:
          type: string
          format: uuid
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: threshold
        schema:
          type: integer
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedReputationPolicyList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: policies_reputation_create
      description: Reputation Policy Viewset
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ReputationPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ReputationPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/reputation/{policy_uuid}/:
    get:
      operationId: policies_reputation_retrieve
      description: Reputation Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Reputation Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ReputationPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: policies_reputation_update
      description: Reputation Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Reputation Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ReputationPolicyRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ReputationPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: policies_reputation_partial_update
      description: Reputation Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Reputation Policy.
        required: true
      tags:
      - policies
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedReputationPolicyRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ReputationPolicy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: policies_reputation_destroy
      description: Reputation Policy Viewset
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Reputation Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/reputation/{policy_uuid}/used_by/:
    get:
      operationId: policies_reputation_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: policy_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Reputation Policy.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/reputation/scores/:
    get:
      operationId: policies_reputation_scores_list
      description: Reputation Viewset
      parameters:
      - in: query
        name: identifier
        schema:
          type: string
      - in: query
        name: ip
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: score
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedReputationList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/reputation/scores/{reputation_uuid}/:
    get:
      operationId: policies_reputation_scores_retrieve
      description: Reputation Viewset
      parameters:
      - in: path
        name: reputation_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Reputation Score.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Reputation'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: policies_reputation_scores_destroy
      description: Reputation Viewset
      parameters:
      - in: path
        name: reputation_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Reputation Score.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /policies/reputation/scores/{reputation_uuid}/used_by/:
    get:
      operationId: policies_reputation_scores_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: reputation_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Reputation Score.
        required: true
      tags:
      - policies
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/all/:
    get:
      operationId: propertymappings_all_list
      description: PropertyMapping Viewset
      parameters:
      - in: query
        name: managed__isnull
        schema:
          type: boolean
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedPropertyMappingList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/all/{pm_uuid}/:
    get:
      operationId: propertymappings_all_retrieve
      description: PropertyMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Property Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PropertyMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: propertymappings_all_destroy
      description: PropertyMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Property Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/all/{pm_uuid}/test/:
    post:
      operationId: propertymappings_all_test_create
      description: Test Property Mapping
      parameters:
      - in: query
        name: format_result
        schema:
          type: boolean
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Property Mapping.
        required: true
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PolicyTestRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PropertyMappingTestResult'
          description: ''
        '400':
          description: Invalid parameters
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/all/{pm_uuid}/used_by/:
    get:
      operationId: propertymappings_all_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Property Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/all/types/:
    get:
      operationId: propertymappings_all_types_list
      description: Get all creatable property-mapping types
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/TypeCreate'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/ldap/:
    get:
      operationId: propertymappings_ldap_list
      description: LDAP PropertyMapping Viewset
      parameters:
      - in: query
        name: expression
        schema:
          type: string
      - in: query
        name: managed
        schema:
          type: array
          items:
            type: string
        explode: true
        style: form
      - in: query
        name: name
        schema:
          type: string
      - in: query
        name: object_field
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: pm_uuid
        schema:
          type: string
          format: uuid
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedLDAPPropertyMappingList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: propertymappings_ldap_create
      description: LDAP PropertyMapping Viewset
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LDAPPropertyMappingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPPropertyMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/ldap/{pm_uuid}/:
    get:
      operationId: propertymappings_ldap_retrieve
      description: LDAP PropertyMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this LDAP Property Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPPropertyMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: propertymappings_ldap_update
      description: LDAP PropertyMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this LDAP Property Mapping.
        required: true
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LDAPPropertyMappingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPPropertyMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: propertymappings_ldap_partial_update
      description: LDAP PropertyMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this LDAP Property Mapping.
        required: true
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPPropertyMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: propertymappings_ldap_destroy
      description: LDAP PropertyMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this LDAP Property Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/ldap/{pm_uuid}/used_by/:
    get:
      operationId: propertymappings_ldap_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this LDAP Property Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/notification/:
    get:
      operationId: propertymappings_notification_list
      description: NotificationWebhookMapping Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedNotificationWebhookMappingList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: propertymappings_notification_create
      description: NotificationWebhookMapping Viewset
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/NotificationWebhookMappingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationWebhookMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/notification/{pm_uuid}/:
    get:
      operationId: propertymappings_notification_retrieve
      description: NotificationWebhookMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Webhook Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationWebhookMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: propertymappings_notification_update
      description: NotificationWebhookMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Webhook Mapping.
        required: true
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/NotificationWebhookMappingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationWebhookMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: propertymappings_notification_partial_update
      description: NotificationWebhookMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Webhook Mapping.
        required: true
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedNotificationWebhookMappingRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationWebhookMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: propertymappings_notification_destroy
      description: NotificationWebhookMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Webhook Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/notification/{pm_uuid}/used_by/:
    get:
      operationId: propertymappings_notification_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Webhook Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/saml/:
    get:
      operationId: propertymappings_saml_list
      description: SAMLPropertyMapping Viewset
      parameters:
      - in: query
        name: expression
        schema:
          type: string
      - in: query
        name: friendly_name
        schema:
          type: string
      - in: query
        name: managed
        schema:
          type: array
          items:
            type: string
        explode: true
        style: form
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: pm_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: saml_name
        schema:
          type: string
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedSAMLPropertyMappingList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: propertymappings_saml_create
      description: SAMLPropertyMapping Viewset
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SAMLPropertyMappingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLPropertyMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/saml/{pm_uuid}/:
    get:
      operationId: propertymappings_saml_retrieve
      description: SAMLPropertyMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SAML Property Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLPropertyMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: propertymappings_saml_update
      description: SAMLPropertyMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SAML Property Mapping.
        required: true
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SAMLPropertyMappingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLPropertyMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: propertymappings_saml_partial_update
      description: SAMLPropertyMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SAML Property Mapping.
        required: true
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLPropertyMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: propertymappings_saml_destroy
      description: SAMLPropertyMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SAML Property Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/saml/{pm_uuid}/used_by/:
    get:
      operationId: propertymappings_saml_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SAML Property Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/scim/:
    get:
      operationId: propertymappings_scim_list
      description: SCIMMapping Viewset
      parameters:
      - in: query
        name: expression
        schema:
          type: string
      - in: query
        name: managed
        schema:
          type: array
          items:
            type: string
        explode: true
        style: form
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: pm_uuid
        schema:
          type: string
          format: uuid
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedSCIMMappingList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: propertymappings_scim_create
      description: SCIMMapping Viewset
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SCIMMappingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/scim/{pm_uuid}/:
    get:
      operationId: propertymappings_scim_retrieve
      description: SCIMMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SCIM Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: propertymappings_scim_update
      description: SCIMMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SCIM Mapping.
        required: true
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SCIMMappingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: propertymappings_scim_partial_update
      description: SCIMMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SCIM Mapping.
        required: true
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedSCIMMappingRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: propertymappings_scim_destroy
      description: SCIMMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SCIM Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/scim/{pm_uuid}/used_by/:
    get:
      operationId: propertymappings_scim_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SCIM Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/scope/:
    get:
      operationId: propertymappings_scope_list
      description: ScopeMapping Viewset
      parameters:
      - in: query
        name: managed
        schema:
          type: array
          items:
            type: string
        explode: true
        style: form
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: scope_name
        schema:
          type: string
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedScopeMappingList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: propertymappings_scope_create
      description: ScopeMapping Viewset
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ScopeMappingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScopeMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/scope/{pm_uuid}/:
    get:
      operationId: propertymappings_scope_retrieve
      description: ScopeMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Scope Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScopeMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: propertymappings_scope_update
      description: ScopeMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Scope Mapping.
        required: true
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ScopeMappingRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScopeMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: propertymappings_scope_partial_update
      description: ScopeMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Scope Mapping.
        required: true
      tags:
      - propertymappings
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedScopeMappingRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScopeMapping'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: propertymappings_scope_destroy
      description: ScopeMapping Viewset
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Scope Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /propertymappings/scope/{pm_uuid}/used_by/:
    get:
      operationId: propertymappings_scope_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: pm_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Scope Mapping.
        required: true
      tags:
      - propertymappings
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/all/:
    get:
      operationId: providers_all_list
      description: Provider Viewset
      parameters:
      - in: query
        name: application__isnull
        schema:
          type: boolean
      - in: query
        name: backchannel_only
        schema:
          type: boolean
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedProviderList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/all/{id}/:
    get:
      operationId: providers_all_retrieve
      description: Provider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Provider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: providers_all_destroy
      description: Provider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/all/{id}/used_by/:
    get:
      operationId: providers_all_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/all/types/:
    get:
      operationId: providers_all_types_list
      description: Get all creatable provider types
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/TypeCreate'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/ldap/:
    get:
      operationId: providers_ldap_list
      description: LDAPProvider Viewset
      parameters:
      - in: query
        name: application__isnull
        schema:
          type: boolean
      - in: query
        name: authorization_flow__slug__iexact
        schema:
          type: string
      - in: query
        name: base_dn__iexact
        schema:
          type: string
      - in: query
        name: certificate__kp_uuid__iexact
        schema:
          type: string
          format: uuid
      - in: query
        name: certificate__name__iexact
        schema:
          type: string
      - in: query
        name: gid_start_number__iexact
        schema:
          type: integer
      - in: query
        name: name__iexact
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: search_group__group_uuid__iexact
        schema:
          type: string
          format: uuid
      - in: query
        name: search_group__name__iexact
        schema:
          type: string
      - in: query
        name: tls_server_name__iexact
        schema:
          type: string
      - in: query
        name: uid_start_number__iexact
        schema:
          type: integer
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedLDAPProviderList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: providers_ldap_create
      description: LDAPProvider Viewset
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LDAPProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/ldap/{id}/:
    get:
      operationId: providers_ldap_retrieve
      description: LDAPProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this LDAP Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: providers_ldap_update
      description: LDAPProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this LDAP Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LDAPProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: providers_ldap_partial_update
      description: LDAPProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this LDAP Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedLDAPProviderRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: providers_ldap_destroy
      description: LDAPProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this LDAP Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/ldap/{id}/used_by/:
    get:
      operationId: providers_ldap_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this LDAP Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/oauth2/:
    get:
      operationId: providers_oauth2_list
      description: OAuth2Provider Viewset
      parameters:
      - in: query
        name: access_code_validity
        schema:
          type: string
      - in: query
        name: access_token_validity
        schema:
          type: string
      - in: query
        name: application
        schema:
          type: string
          format: uuid
      - in: query
        name: authorization_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: client_id
        schema:
          type: string
      - in: query
        name: client_type
        schema:
          type: string
          enum:
          - confidential
          - public
        description: |-
          Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

          * `confidential` - Confidential
          * `public` - Public
      - in: query
        name: include_claims_in_id_token
        schema:
          type: boolean
      - in: query
        name: issuer_mode
        schema:
          type: string
          enum:
          - global
          - per_provider
        description: |-
          Configure how the issuer field of the ID Token should be filled.

          * `global` - Same identifier is used for all providers
          * `per_provider` - Each provider has a different issuer, based on the application slug.
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: property_mappings
        schema:
          type: array
          items:
            type: string
            format: uuid
        explode: true
        style: form
      - in: query
        name: redirect_uris
        schema:
          type: string
      - in: query
        name: refresh_token_validity
        schema:
          type: string
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: signing_key
        schema:
          type: string
          format: uuid
      - in: query
        name: sub_mode
        schema:
          type: string
          enum:
          - hashed_user_id
          - user_email
          - user_id
          - user_upn
          - user_username
          - user_uuid
        description: |-
          Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

          * `hashed_user_id` - Based on the Hashed User ID
          * `user_id` - Based on user ID
          * `user_uuid` - Based on user UUID
          * `user_username` - Based on the username
          * `user_email` - Based on the User's Email. This is recommended over the UPN method.
          * `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedOAuth2ProviderList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: providers_oauth2_create
      description: OAuth2Provider Viewset
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OAuth2ProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuth2Provider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/oauth2/{id}/:
    get:
      operationId: providers_oauth2_retrieve
      description: OAuth2Provider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2/OpenID Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuth2Provider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: providers_oauth2_update
      description: OAuth2Provider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2/OpenID Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OAuth2ProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuth2Provider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: providers_oauth2_partial_update
      description: OAuth2Provider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2/OpenID Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedOAuth2ProviderRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuth2Provider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: providers_oauth2_destroy
      description: OAuth2Provider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2/OpenID Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/oauth2/{id}/preview_user/:
    get:
      operationId: providers_oauth2_preview_user_retrieve
      description: Preview user data for provider
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2/OpenID Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PropertyMappingPreview'
          description: ''
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/oauth2/{id}/setup_urls/:
    get:
      operationId: providers_oauth2_setup_urls_retrieve
      description: Get Providers setup URLs
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2/OpenID Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuth2ProviderSetupURLs'
          description: ''
        '404':
          description: Provider has no application assigned
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/oauth2/{id}/used_by/:
    get:
      operationId: providers_oauth2_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this OAuth2/OpenID Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/proxy/:
    get:
      operationId: providers_proxy_list
      description: ProxyProvider Viewset
      parameters:
      - in: query
        name: application__isnull
        schema:
          type: boolean
      - in: query
        name: authorization_flow__slug__iexact
        schema:
          type: string
      - in: query
        name: basic_auth_enabled__iexact
        schema:
          type: boolean
      - in: query
        name: basic_auth_password_attribute__iexact
        schema:
          type: string
      - in: query
        name: basic_auth_user_attribute__iexact
        schema:
          type: string
      - in: query
        name: certificate__kp_uuid__iexact
        schema:
          type: string
          format: uuid
      - in: query
        name: certificate__name__iexact
        schema:
          type: string
      - in: query
        name: cookie_domain__iexact
        schema:
          type: string
      - in: query
        name: external_host__iexact
        schema:
          type: string
      - in: query
        name: internal_host__iexact
        schema:
          type: string
      - in: query
        name: internal_host_ssl_validation__iexact
        schema:
          type: boolean
      - in: query
        name: mode__iexact
        schema:
          type: string
      - in: query
        name: name__iexact
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: property_mappings__iexact
        schema:
          type: array
          items:
            type: string
            format: uuid
        explode: true
        style: form
      - in: query
        name: redirect_uris__iexact
        schema:
          type: string
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: skip_path_regex__iexact
        schema:
          type: string
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedProxyProviderList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: providers_proxy_create
      description: ProxyProvider Viewset
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ProxyProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ProxyProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/proxy/{id}/:
    get:
      operationId: providers_proxy_retrieve
      description: ProxyProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Proxy Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ProxyProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: providers_proxy_update
      description: ProxyProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Proxy Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ProxyProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ProxyProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: providers_proxy_partial_update
      description: ProxyProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Proxy Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedProxyProviderRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ProxyProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: providers_proxy_destroy
      description: ProxyProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Proxy Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/proxy/{id}/used_by/:
    get:
      operationId: providers_proxy_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Proxy Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/radius/:
    get:
      operationId: providers_radius_list
      description: RadiusProvider Viewset
      parameters:
      - in: query
        name: application__isnull
        schema:
          type: boolean
      - in: query
        name: authorization_flow__slug__iexact
        schema:
          type: string
      - in: query
        name: client_networks__iexact
        schema:
          type: string
      - in: query
        name: name__iexact
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedRadiusProviderList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: providers_radius_create
      description: RadiusProvider Viewset
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RadiusProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RadiusProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/radius/{id}/:
    get:
      operationId: providers_radius_retrieve
      description: RadiusProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Radius Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RadiusProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: providers_radius_update
      description: RadiusProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Radius Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RadiusProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RadiusProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: providers_radius_partial_update
      description: RadiusProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Radius Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedRadiusProviderRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RadiusProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: providers_radius_destroy
      description: RadiusProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Radius Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/radius/{id}/used_by/:
    get:
      operationId: providers_radius_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this Radius Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/saml/:
    get:
      operationId: providers_saml_list
      description: SAMLProvider Viewset
      parameters:
      - in: query
        name: acs_url
        schema:
          type: string
      - in: query
        name: assertion_valid_not_before
        schema:
          type: string
      - in: query
        name: assertion_valid_not_on_or_after
        schema:
          type: string
      - in: query
        name: audience
        schema:
          type: string
      - in: query
        name: authentication_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: authorization_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: backchannel_application
        schema:
          type: string
          format: uuid
      - in: query
        name: default_relay_state
        schema:
          type: string
      - in: query
        name: digest_algorithm
        schema:
          type: string
          enum:
          - http://www.w3.org/2000/09/xmldsig#sha1
          - http://www.w3.org/2001/04/xmldsig-more#sha384
          - http://www.w3.org/2001/04/xmlenc#sha256
          - http://www.w3.org/2001/04/xmlenc#sha512
        description: |-
          * `http://www.w3.org/2000/09/xmldsig#sha1` - SHA1
          * `http://www.w3.org/2001/04/xmlenc#sha256` - SHA256
          * `http://www.w3.org/2001/04/xmldsig-more#sha384` - SHA384
          * `http://www.w3.org/2001/04/xmlenc#sha512` - SHA512
      - in: query
        name: is_backchannel
        schema:
          type: boolean
      - in: query
        name: issuer
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - in: query
        name: name_id_mapping
        schema:
          type: string
          format: uuid
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: property_mappings
        schema:
          type: array
          items:
            type: string
            format: uuid
        explode: true
        style: form
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: session_valid_not_on_or_after
        schema:
          type: string
      - in: query
        name: signature_algorithm
        schema:
          type: string
          enum:
          - http://www.w3.org/2000/09/xmldsig#dsa-sha1
          - http://www.w3.org/2000/09/xmldsig#rsa-sha1
          - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
          - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
          - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
        description: |-
          * `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - RSA-SHA1
          * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - RSA-SHA256
          * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - RSA-SHA384
          * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - RSA-SHA512
          * `http://www.w3.org/2000/09/xmldsig#dsa-sha1` - DSA-SHA1
      - in: query
        name: signing_kp
        schema:
          type: string
          format: uuid
      - in: query
        name: sp_binding
        schema:
          type: string
          title: Service Provider Binding
          enum:
          - post
          - redirect
        description: |-
          This determines how authentik sends the response back to the Service Provider.

          * `redirect` - Redirect
          * `post` - Post
      - in: query
        name: verification_kp
        schema:
          type: string
          format: uuid
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedSAMLProviderList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: providers_saml_create
      description: SAMLProvider Viewset
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SAMLProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/saml/{id}/:
    get:
      operationId: providers_saml_retrieve
      description: SAMLProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SAML Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: providers_saml_update
      description: SAMLProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SAML Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SAMLProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: providers_saml_partial_update
      description: SAMLProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SAML Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedSAMLProviderRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: providers_saml_destroy
      description: SAMLProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SAML Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/saml/{id}/metadata/:
    get:
      operationId: providers_saml_metadata_retrieve
      description: Return metadata as XML string
      parameters:
      - in: query
        name: download
        schema:
          type: boolean
      - in: query
        name: force_binding
        schema:
          type: string
          enum:
          - urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
          - urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
        description: Optionally force the metadata to only include one binding.
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SAML Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      - {}
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLMetadata'
          description: ''
        '404':
          description: Provider has no application assigned
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/saml/{id}/preview_user/:
    get:
      operationId: providers_saml_preview_user_retrieve
      description: Preview user data for provider
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SAML Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PropertyMappingPreview'
          description: ''
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/saml/{id}/used_by/:
    get:
      operationId: providers_saml_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SAML Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/saml/import_metadata/:
    post:
      operationId: providers_saml_import_metadata_create
      description: Create provider from SAML Metadata
      tags:
      - providers
      requestBody:
        content:
          multipart/form-data:
            schema:
              $ref: '#/components/schemas/SAMLProviderImportRequest'
        required: true
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully imported provider
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/scim/:
    get:
      operationId: providers_scim_list
      description: SCIMProvider Viewset
      parameters:
      - in: query
        name: exclude_users_service_account
        schema:
          type: boolean
      - in: query
        name: filter_group
        schema:
          type: string
          format: uuid
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: url
        schema:
          type: string
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedSCIMProviderList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: providers_scim_create
      description: SCIMProvider Viewset
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SCIMProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/scim/{id}/:
    get:
      operationId: providers_scim_retrieve
      description: SCIMProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SCIM Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: providers_scim_update
      description: SCIMProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SCIM Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SCIMProviderRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: providers_scim_partial_update
      description: SCIMProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SCIM Provider.
        required: true
      tags:
      - providers
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedSCIMProviderRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SCIMProvider'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: providers_scim_destroy
      description: SCIMProvider Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SCIM Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/scim/{id}/sync_status/:
    get:
      operationId: providers_scim_sync_status_retrieve
      description: Get provider's sync status
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SCIM Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Task'
          description: ''
        '404':
          description: Task not found
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /providers/scim/{id}/used_by/:
    get:
      operationId: providers_scim_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this SCIM Provider.
        required: true
      tags:
      - providers
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/permissions/:
    get:
      operationId: rbac_permissions_list
      description: Read-only list of all permissions, filterable by model and app
      parameters:
      - in: query
        name: codename
        schema:
          type: string
      - in: query
        name: content_type__app_label
        schema:
          type: string
      - in: query
        name: content_type__model
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: role
        schema:
          type: string
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: user
        schema:
          type: integer
      tags:
      - rbac
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedPermissionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/permissions/{id}/:
    get:
      operationId: rbac_permissions_retrieve
      description: Read-only list of all permissions, filterable by model and app
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this permission.
        required: true
      tags:
      - rbac
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Permission'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/permissions/assigned_by_roles/:
    get:
      operationId: rbac_permissions_assigned_by_roles_list
      description: Get assigned object permissions for a single object
      parameters:
      - in: query
        name: model
        schema:
          type: string
          enum:
          - authentik_blueprints.blueprintinstance
          - authentik_core.application
          - authentik_core.group
          - authentik_core.token
          - authentik_core.user
          - authentik_crypto.certificatekeypair
          - authentik_enterprise.license
          - authentik_events.event
          - authentik_events.notification
          - authentik_events.notificationrule
          - authentik_events.notificationtransport
          - authentik_events.notificationwebhookmapping
          - authentik_flows.flow
          - authentik_flows.flowstagebinding
          - authentik_outposts.dockerserviceconnection
          - authentik_outposts.kubernetesserviceconnection
          - authentik_outposts.outpost
          - authentik_policies.policybinding
          - authentik_policies_dummy.dummypolicy
          - authentik_policies_event_matcher.eventmatcherpolicy
          - authentik_policies_expiry.passwordexpirypolicy
          - authentik_policies_expression.expressionpolicy
          - authentik_policies_password.passwordpolicy
          - authentik_policies_reputation.reputation
          - authentik_policies_reputation.reputationpolicy
          - authentik_providers_ldap.ldapprovider
          - authentik_providers_oauth2.accesstoken
          - authentik_providers_oauth2.authorizationcode
          - authentik_providers_oauth2.oauth2provider
          - authentik_providers_oauth2.refreshtoken
          - authentik_providers_oauth2.scopemapping
          - authentik_providers_proxy.proxyprovider
          - authentik_providers_radius.radiusprovider
          - authentik_providers_saml.samlpropertymapping
          - authentik_providers_saml.samlprovider
          - authentik_providers_scim.scimmapping
          - authentik_providers_scim.scimprovider
          - authentik_rbac.role
          - authentik_sources_ldap.ldappropertymapping
          - authentik_sources_ldap.ldapsource
          - authentik_sources_oauth.oauthsource
          - authentik_sources_oauth.useroauthsourceconnection
          - authentik_sources_plex.plexsource
          - authentik_sources_plex.plexsourceconnection
          - authentik_sources_saml.samlsource
          - authentik_sources_saml.usersamlsourceconnection
          - authentik_stages_authenticator_duo.authenticatorduostage
          - authentik_stages_authenticator_duo.duodevice
          - authentik_stages_authenticator_sms.authenticatorsmsstage
          - authentik_stages_authenticator_sms.smsdevice
          - authentik_stages_authenticator_static.authenticatorstaticstage
          - authentik_stages_authenticator_static.staticdevice
          - authentik_stages_authenticator_totp.authenticatortotpstage
          - authentik_stages_authenticator_totp.totpdevice
          - authentik_stages_authenticator_validate.authenticatorvalidatestage
          - authentik_stages_authenticator_webauthn.authenticatewebauthnstage
          - authentik_stages_authenticator_webauthn.webauthndevice
          - authentik_stages_captcha.captchastage
          - authentik_stages_consent.consentstage
          - authentik_stages_consent.userconsent
          - authentik_stages_deny.denystage
          - authentik_stages_dummy.dummystage
          - authentik_stages_email.emailstage
          - authentik_stages_identification.identificationstage
          - authentik_stages_invitation.invitation
          - authentik_stages_invitation.invitationstage
          - authentik_stages_password.passwordstage
          - authentik_stages_prompt.prompt
          - authentik_stages_prompt.promptstage
          - authentik_stages_user_delete.userdeletestage
          - authentik_stages_user_login.userloginstage
          - authentik_stages_user_logout.userlogoutstage
          - authentik_stages_user_write.userwritestage
          - authentik_tenants.tenant
        description: |-
          * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
          * `authentik_events.event` - Event
          * `authentik_events.notificationtransport` - Notification Transport
          * `authentik_events.notification` - Notification
          * `authentik_events.notificationrule` - Notification Rule
          * `authentik_events.notificationwebhookmapping` - Webhook Mapping
          * `authentik_flows.flow` - Flow
          * `authentik_flows.flowstagebinding` - Flow Stage Binding
          * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
          * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
          * `authentik_outposts.outpost` - Outpost
          * `authentik_policies_dummy.dummypolicy` - Dummy Policy
          * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
          * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
          * `authentik_policies_expression.expressionpolicy` - Expression Policy
          * `authentik_policies_password.passwordpolicy` - Password Policy
          * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
          * `authentik_policies_reputation.reputation` - Reputation Score
          * `authentik_policies.policybinding` - Policy Binding
          * `authentik_providers_ldap.ldapprovider` - LDAP Provider
          * `authentik_providers_oauth2.scopemapping` - Scope Mapping
          * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
          * `authentik_providers_oauth2.authorizationcode` - Authorization Code
          * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
          * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
          * `authentik_providers_proxy.proxyprovider` - Proxy Provider
          * `authentik_providers_radius.radiusprovider` - Radius Provider
          * `authentik_providers_saml.samlprovider` - SAML Provider
          * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
          * `authentik_providers_scim.scimprovider` - SCIM Provider
          * `authentik_providers_scim.scimmapping` - SCIM Mapping
          * `authentik_rbac.role` - Role
          * `authentik_sources_ldap.ldapsource` - LDAP Source
          * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
          * `authentik_sources_oauth.oauthsource` - OAuth Source
          * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
          * `authentik_sources_plex.plexsource` - Plex Source
          * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
          * `authentik_sources_saml.samlsource` - SAML Source
          * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
          * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
          * `authentik_stages_authenticator_duo.duodevice` - Duo Device
          * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
          * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
          * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
          * `authentik_stages_authenticator_static.staticdevice` - Static Device
          * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
          * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
          * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
          * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
          * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
          * `authentik_stages_captcha.captchastage` - Captcha Stage
          * `authentik_stages_consent.consentstage` - Consent Stage
          * `authentik_stages_consent.userconsent` - User Consent
          * `authentik_stages_deny.denystage` - Deny Stage
          * `authentik_stages_dummy.dummystage` - Dummy Stage
          * `authentik_stages_email.emailstage` - Email Stage
          * `authentik_stages_identification.identificationstage` - Identification Stage
          * `authentik_stages_invitation.invitationstage` - Invitation Stage
          * `authentik_stages_invitation.invitation` - Invitation
          * `authentik_stages_password.passwordstage` - Password Stage
          * `authentik_stages_prompt.prompt` - Prompt
          * `authentik_stages_prompt.promptstage` - Prompt Stage
          * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
          * `authentik_stages_user_login.userloginstage` - User Login Stage
          * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
          * `authentik_stages_user_write.userwritestage` - User Write Stage
          * `authentik_tenants.tenant` - Tenant
          * `authentik_blueprints.blueprintinstance` - Blueprint Instance
          * `authentik_core.group` - Group
          * `authentik_core.user` - User
          * `authentik_core.application` - Application
          * `authentik_core.token` - Token
          * `authentik_enterprise.license` - License
        required: true
      - in: query
        name: object_pk
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - rbac
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedRoleAssignedObjectPermissionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/permissions/assigned_by_roles/{uuid}/assign/:
    post:
      operationId: rbac_permissions_assigned_by_roles_assign_create
      description: |-
        Assign permission(s) to role. When `object_pk` is set, the permissions
        are only assigned to the specific object, otherwise they are assigned globally.
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Role.
        required: true
      tags:
      - rbac
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PermissionAssignRequest'
        required: true
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully assigned
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/permissions/assigned_by_roles/{uuid}/unassign/:
    patch:
      operationId: rbac_permissions_assigned_by_roles_unassign_partial_update
      description: |-
        Unassign permission(s) to role. When `object_pk` is set, the permissions
        are only assigned to the specific object, otherwise they are assigned globally.
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Role.
        required: true
      tags:
      - rbac
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedPermissionAssignRequest'
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully unassigned
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/permissions/assigned_by_users/:
    get:
      operationId: rbac_permissions_assigned_by_users_list
      description: Get assigned object permissions for a single object
      parameters:
      - in: query
        name: model
        schema:
          type: string
          enum:
          - authentik_blueprints.blueprintinstance
          - authentik_core.application
          - authentik_core.group
          - authentik_core.token
          - authentik_core.user
          - authentik_crypto.certificatekeypair
          - authentik_enterprise.license
          - authentik_events.event
          - authentik_events.notification
          - authentik_events.notificationrule
          - authentik_events.notificationtransport
          - authentik_events.notificationwebhookmapping
          - authentik_flows.flow
          - authentik_flows.flowstagebinding
          - authentik_outposts.dockerserviceconnection
          - authentik_outposts.kubernetesserviceconnection
          - authentik_outposts.outpost
          - authentik_policies.policybinding
          - authentik_policies_dummy.dummypolicy
          - authentik_policies_event_matcher.eventmatcherpolicy
          - authentik_policies_expiry.passwordexpirypolicy
          - authentik_policies_expression.expressionpolicy
          - authentik_policies_password.passwordpolicy
          - authentik_policies_reputation.reputation
          - authentik_policies_reputation.reputationpolicy
          - authentik_providers_ldap.ldapprovider
          - authentik_providers_oauth2.accesstoken
          - authentik_providers_oauth2.authorizationcode
          - authentik_providers_oauth2.oauth2provider
          - authentik_providers_oauth2.refreshtoken
          - authentik_providers_oauth2.scopemapping
          - authentik_providers_proxy.proxyprovider
          - authentik_providers_radius.radiusprovider
          - authentik_providers_saml.samlpropertymapping
          - authentik_providers_saml.samlprovider
          - authentik_providers_scim.scimmapping
          - authentik_providers_scim.scimprovider
          - authentik_rbac.role
          - authentik_sources_ldap.ldappropertymapping
          - authentik_sources_ldap.ldapsource
          - authentik_sources_oauth.oauthsource
          - authentik_sources_oauth.useroauthsourceconnection
          - authentik_sources_plex.plexsource
          - authentik_sources_plex.plexsourceconnection
          - authentik_sources_saml.samlsource
          - authentik_sources_saml.usersamlsourceconnection
          - authentik_stages_authenticator_duo.authenticatorduostage
          - authentik_stages_authenticator_duo.duodevice
          - authentik_stages_authenticator_sms.authenticatorsmsstage
          - authentik_stages_authenticator_sms.smsdevice
          - authentik_stages_authenticator_static.authenticatorstaticstage
          - authentik_stages_authenticator_static.staticdevice
          - authentik_stages_authenticator_totp.authenticatortotpstage
          - authentik_stages_authenticator_totp.totpdevice
          - authentik_stages_authenticator_validate.authenticatorvalidatestage
          - authentik_stages_authenticator_webauthn.authenticatewebauthnstage
          - authentik_stages_authenticator_webauthn.webauthndevice
          - authentik_stages_captcha.captchastage
          - authentik_stages_consent.consentstage
          - authentik_stages_consent.userconsent
          - authentik_stages_deny.denystage
          - authentik_stages_dummy.dummystage
          - authentik_stages_email.emailstage
          - authentik_stages_identification.identificationstage
          - authentik_stages_invitation.invitation
          - authentik_stages_invitation.invitationstage
          - authentik_stages_password.passwordstage
          - authentik_stages_prompt.prompt
          - authentik_stages_prompt.promptstage
          - authentik_stages_user_delete.userdeletestage
          - authentik_stages_user_login.userloginstage
          - authentik_stages_user_logout.userlogoutstage
          - authentik_stages_user_write.userwritestage
          - authentik_tenants.tenant
        description: |-
          * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
          * `authentik_events.event` - Event
          * `authentik_events.notificationtransport` - Notification Transport
          * `authentik_events.notification` - Notification
          * `authentik_events.notificationrule` - Notification Rule
          * `authentik_events.notificationwebhookmapping` - Webhook Mapping
          * `authentik_flows.flow` - Flow
          * `authentik_flows.flowstagebinding` - Flow Stage Binding
          * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
          * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
          * `authentik_outposts.outpost` - Outpost
          * `authentik_policies_dummy.dummypolicy` - Dummy Policy
          * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
          * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
          * `authentik_policies_expression.expressionpolicy` - Expression Policy
          * `authentik_policies_password.passwordpolicy` - Password Policy
          * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
          * `authentik_policies_reputation.reputation` - Reputation Score
          * `authentik_policies.policybinding` - Policy Binding
          * `authentik_providers_ldap.ldapprovider` - LDAP Provider
          * `authentik_providers_oauth2.scopemapping` - Scope Mapping
          * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
          * `authentik_providers_oauth2.authorizationcode` - Authorization Code
          * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
          * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
          * `authentik_providers_proxy.proxyprovider` - Proxy Provider
          * `authentik_providers_radius.radiusprovider` - Radius Provider
          * `authentik_providers_saml.samlprovider` - SAML Provider
          * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
          * `authentik_providers_scim.scimprovider` - SCIM Provider
          * `authentik_providers_scim.scimmapping` - SCIM Mapping
          * `authentik_rbac.role` - Role
          * `authentik_sources_ldap.ldapsource` - LDAP Source
          * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
          * `authentik_sources_oauth.oauthsource` - OAuth Source
          * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
          * `authentik_sources_plex.plexsource` - Plex Source
          * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
          * `authentik_sources_saml.samlsource` - SAML Source
          * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
          * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
          * `authentik_stages_authenticator_duo.duodevice` - Duo Device
          * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
          * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
          * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
          * `authentik_stages_authenticator_static.staticdevice` - Static Device
          * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
          * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
          * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
          * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
          * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
          * `authentik_stages_captcha.captchastage` - Captcha Stage
          * `authentik_stages_consent.consentstage` - Consent Stage
          * `authentik_stages_consent.userconsent` - User Consent
          * `authentik_stages_deny.denystage` - Deny Stage
          * `authentik_stages_dummy.dummystage` - Dummy Stage
          * `authentik_stages_email.emailstage` - Email Stage
          * `authentik_stages_identification.identificationstage` - Identification Stage
          * `authentik_stages_invitation.invitationstage` - Invitation Stage
          * `authentik_stages_invitation.invitation` - Invitation
          * `authentik_stages_password.passwordstage` - Password Stage
          * `authentik_stages_prompt.prompt` - Prompt
          * `authentik_stages_prompt.promptstage` - Prompt Stage
          * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
          * `authentik_stages_user_login.userloginstage` - User Login Stage
          * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
          * `authentik_stages_user_write.userwritestage` - User Write Stage
          * `authentik_tenants.tenant` - Tenant
          * `authentik_blueprints.blueprintinstance` - Blueprint Instance
          * `authentik_core.group` - Group
          * `authentik_core.user` - User
          * `authentik_core.application` - Application
          * `authentik_core.token` - Token
          * `authentik_enterprise.license` - License
        required: true
      - in: query
        name: object_pk
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - rbac
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedUserAssignedObjectPermissionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/permissions/assigned_by_users/{id}/assign/:
    post:
      operationId: rbac_permissions_assigned_by_users_assign_create
      description: Assign permission(s) to user
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - rbac
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PermissionAssignRequest'
        required: true
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully assigned
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/permissions/assigned_by_users/{id}/unassign/:
    patch:
      operationId: rbac_permissions_assigned_by_users_unassign_partial_update
      description: |-
        Unassign permission(s) to user. When `object_pk` is set, the permissions
        are only assigned to the specific object, otherwise they are assigned globally.
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User.
        required: true
      tags:
      - rbac
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedPermissionAssignRequest'
      security:
      - authentik: []
      responses:
        '204':
          description: Successfully unassigned
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/permissions/roles/:
    get:
      operationId: rbac_permissions_roles_list
      description: Get a role's assigned object permissions
      parameters:
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: uuid
        schema:
          type: string
          format: uuid
        required: true
      tags:
      - rbac
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedExtraRoleObjectPermissionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/permissions/users/:
    get:
      operationId: rbac_permissions_users_list
      description: Get a users's assigned object permissions
      parameters:
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: user_id
        schema:
          type: integer
        required: true
      tags:
      - rbac
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedExtraUserObjectPermissionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/roles/:
    get:
      operationId: rbac_roles_list
      description: Role viewset
      parameters:
      - in: query
        name: group__name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - rbac
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedRoleList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: rbac_roles_create
      description: Role viewset
      tags:
      - rbac
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RoleRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Role'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/roles/{uuid}/:
    get:
      operationId: rbac_roles_retrieve
      description: Role viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Role.
        required: true
      tags:
      - rbac
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Role'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: rbac_roles_update
      description: Role viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Role.
        required: true
      tags:
      - rbac
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RoleRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Role'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: rbac_roles_partial_update
      description: Role viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Role.
        required: true
      tags:
      - rbac
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedRoleRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Role'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: rbac_roles_destroy
      description: Role viewset
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Role.
        required: true
      tags:
      - rbac
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /rbac/roles/{uuid}/used_by/:
    get:
      operationId: rbac_roles_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Role.
        required: true
      tags:
      - rbac
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /root/config/:
    get:
      operationId: root_config_retrieve
      description: Retrieve public configuration options
      tags:
      - root
      security:
      - authentik: []
      - {}
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Config'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /schema/:
    get:
      operationId: schema_retrieve
      description: |-
        OpenApi3 schema for this API. Format can be selected via content negotiation.

        - YAML: application/vnd.oai.openapi
        - JSON: application/vnd.oai.openapi+json
      parameters:
      - in: query
        name: format
        schema:
          type: string
          enum:
          - json
          - yaml
      - in: query
        name: lang
        schema:
          type: string
          enum:
          - af
          - ar
          - ar-dz
          - ast
          - az
          - be
          - bg
          - bn
          - br
          - bs
          - ca
          - ckb
          - cs
          - cy
          - da
          - de
          - dsb
          - el
          - en
          - en-au
          - en-gb
          - eo
          - es
          - es-ar
          - es-co
          - es-mx
          - es-ni
          - es-ve
          - et
          - eu
          - fa
          - fi
          - fr
          - fy
          - ga
          - gd
          - gl
          - he
          - hi
          - hr
          - hsb
          - hu
          - hy
          - ia
          - id
          - ig
          - io
          - is
          - it
          - ja
          - ka
          - kab
          - kk
          - km
          - kn
          - ko
          - ky
          - lb
          - lt
          - lv
          - mk
          - ml
          - mn
          - mr
          - ms
          - my
          - nb
          - ne
          - nl
          - nn
          - os
          - pa
          - pl
          - pt
          - pt-br
          - ro
          - ru
          - sk
          - sl
          - sq
          - sr
          - sr-latn
          - sv
          - sw
          - ta
          - te
          - tg
          - th
          - tk
          - tr
          - tt
          - udm
          - uk
          - ur
          - uz
          - vi
          - zh-hans
          - zh-hant
      tags:
      - schema
      security:
      - authentik: []
      - {}
      responses:
        '200':
          content:
            application/vnd.oai.openapi:
              schema:
                type: object
                additionalProperties: {}
            application/yaml:
              schema:
                type: object
                additionalProperties: {}
            application/vnd.oai.openapi+json:
              schema:
                type: object
                additionalProperties: {}
            application/json:
              schema:
                type: object
                additionalProperties: {}
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/all/:
    get:
      operationId: sources_all_list
      description: Source Viewset
      parameters:
      - in: query
        name: managed
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: slug
        schema:
          type: string
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedSourceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/all/{slug}/:
    get:
      operationId: sources_all_retrieve
      description: Source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Source'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: sources_all_destroy
      description: Source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/all/{slug}/set_icon/:
    post:
      operationId: sources_all_set_icon_create
      description: Set source icon
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      requestBody:
        content:
          multipart/form-data:
            schema:
              $ref: '#/components/schemas/FileUploadRequest'
      security:
      - authentik: []
      responses:
        '200':
          description: Success
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/all/{slug}/set_icon_url/:
    post:
      operationId: sources_all_set_icon_url_create
      description: Set source icon (as URL)
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/FilePathRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          description: Success
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/all/{slug}/used_by/:
    get:
      operationId: sources_all_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/all/types/:
    get:
      operationId: sources_all_types_list
      description: Get all creatable source types
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/TypeCreate'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/all/user_settings/:
    get:
      operationId: sources_all_user_settings_list
      description: Get all sources the user can configure
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UserSetting'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/ldap/:
    get:
      operationId: sources_ldap_list
      description: LDAP Source Viewset
      parameters:
      - in: query
        name: additional_group_dn
        schema:
          type: string
      - in: query
        name: additional_user_dn
        schema:
          type: string
      - in: query
        name: base_dn
        schema:
          type: string
      - in: query
        name: bind_cn
        schema:
          type: string
      - in: query
        name: client_certificate
        schema:
          type: string
          format: uuid
      - in: query
        name: enabled
        schema:
          type: boolean
      - in: query
        name: group_membership_field
        schema:
          type: string
      - in: query
        name: group_object_filter
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - in: query
        name: object_uniqueness_field
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: peer_certificate
        schema:
          type: string
          format: uuid
      - in: query
        name: property_mappings
        schema:
          type: array
          items:
            type: string
            format: uuid
        explode: true
        style: form
      - in: query
        name: property_mappings_group
        schema:
          type: array
          items:
            type: string
            format: uuid
        explode: true
        style: form
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: server_uri
        schema:
          type: string
      - in: query
        name: slug
        schema:
          type: string
      - in: query
        name: sni
        schema:
          type: boolean
      - in: query
        name: start_tls
        schema:
          type: boolean
      - in: query
        name: sync_groups
        schema:
          type: boolean
      - in: query
        name: sync_parent_group
        schema:
          type: string
          format: uuid
      - in: query
        name: sync_users
        schema:
          type: boolean
      - in: query
        name: sync_users_password
        schema:
          type: boolean
      - in: query
        name: user_object_filter
        schema:
          type: string
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedLDAPSourceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: sources_ldap_create
      description: LDAP Source Viewset
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LDAPSourceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/ldap/{slug}/:
    get:
      operationId: sources_ldap_retrieve
      description: LDAP Source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: sources_ldap_update
      description: LDAP Source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LDAPSourceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: sources_ldap_partial_update
      description: LDAP Source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedLDAPSourceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: sources_ldap_destroy
      description: LDAP Source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/ldap/{slug}/debug/:
    get:
      operationId: sources_ldap_debug_retrieve
      description: Get raw LDAP data to debug
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LDAPDebug'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/ldap/{slug}/sync_status/:
    get:
      operationId: sources_ldap_sync_status_list
      description: Get source's sync status
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Task'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/ldap/{slug}/used_by/:
    get:
      operationId: sources_ldap_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/oauth/:
    get:
      operationId: sources_oauth_list
      description: Source Viewset
      parameters:
      - in: query
        name: access_token_url
        schema:
          type: string
      - in: query
        name: additional_scopes
        schema:
          type: string
      - in: query
        name: authentication_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: authorization_url
        schema:
          type: string
      - in: query
        name: consumer_key
        schema:
          type: string
      - in: query
        name: enabled
        schema:
          type: boolean
      - in: query
        name: enrollment_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: has_jwks
        schema:
          type: boolean
        description: Only return sources with JWKS data
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: policy_engine_mode
        schema:
          type: string
          enum:
          - all
          - any
        description: |-
          * `all` - all, all policies must pass
          * `any` - any, any policy must pass
      - in: query
        name: profile_url
        schema:
          type: string
      - in: query
        name: provider_type
        schema:
          type: string
      - in: query
        name: request_token_url
        schema:
          type: string
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: slug
        schema:
          type: string
      - in: query
        name: user_matching_mode
        schema:
          type: string
          enum:
          - email_deny
          - email_link
          - identifier
          - username_deny
          - username_link
        description: |-
          How the source determines if an existing user should be authenticated or a new user enrolled.

          * `identifier` - Use the source-specific identifier
          * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
          * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
          * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
          * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedOAuthSourceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: sources_oauth_create
      description: Source Viewset
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OAuthSourceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuthSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/oauth/{slug}/:
    get:
      operationId: sources_oauth_retrieve
      description: Source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuthSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: sources_oauth_update
      description: Source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OAuthSourceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuthSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: sources_oauth_partial_update
      description: Source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedOAuthSourceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuthSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: sources_oauth_destroy
      description: Source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/oauth/{slug}/used_by/:
    get:
      operationId: sources_oauth_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/oauth/source_types/:
    get:
      operationId: sources_oauth_source_types_list
      description: |-
        Get all creatable source types. If ?name is set, only returns the type for <name>.
        If <name> isn't found, returns the default type.
      parameters:
      - in: query
        name: name
        schema:
          type: string
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/SourceType'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/plex/:
    get:
      operationId: sources_plex_list
      description: Plex source Viewset
      parameters:
      - in: query
        name: allow_friends
        schema:
          type: boolean
      - in: query
        name: authentication_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: client_id
        schema:
          type: string
      - in: query
        name: enabled
        schema:
          type: boolean
      - in: query
        name: enrollment_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: policy_engine_mode
        schema:
          type: string
          enum:
          - all
          - any
        description: |-
          * `all` - all, all policies must pass
          * `any` - any, any policy must pass
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: slug
        schema:
          type: string
      - in: query
        name: user_matching_mode
        schema:
          type: string
          enum:
          - email_deny
          - email_link
          - identifier
          - username_deny
          - username_link
        description: |-
          How the source determines if an existing user should be authenticated or a new user enrolled.

          * `identifier` - Use the source-specific identifier
          * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
          * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
          * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
          * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedPlexSourceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: sources_plex_create
      description: Plex source Viewset
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PlexSourceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PlexSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/plex/{slug}/:
    get:
      operationId: sources_plex_retrieve
      description: Plex source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PlexSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: sources_plex_update
      description: Plex source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PlexSourceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PlexSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: sources_plex_partial_update
      description: Plex source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedPlexSourceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PlexSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: sources_plex_destroy
      description: Plex source Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/plex/{slug}/used_by/:
    get:
      operationId: sources_plex_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/plex/redeem_token/:
    post:
      operationId: sources_plex_redeem_token_create
      description: |-
        Redeem a plex token, check it's access to resources against what's allowed
        for the source, and redirect to an authentication/enrollment flow.
      parameters:
      - in: query
        name: slug
        schema:
          type: string
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PlexTokenRedeemRequest'
        required: true
      security:
      - authentik: []
      - {}
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RedirectChallenge'
          description: ''
        '400':
          description: Token not found
        '403':
          description: Access denied
  /sources/plex/redeem_token_authenticated/:
    post:
      operationId: sources_plex_redeem_token_authenticated_create
      description: Redeem a plex token for an authenticated user, creating a connection
      parameters:
      - in: query
        name: slug
        schema:
          type: string
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PlexTokenRedeemRequest'
        required: true
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          description: Token not found
        '403':
          description: Access denied
  /sources/saml/:
    get:
      operationId: sources_saml_list
      description: SAMLSource Viewset
      parameters:
      - in: query
        name: allow_idp_initiated
        schema:
          type: boolean
      - in: query
        name: authentication_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: binding_type
        schema:
          type: string
          enum:
          - POST
          - POST_AUTO
          - REDIRECT
        description: |-
          * `REDIRECT` - Redirect Binding
          * `POST` - POST Binding
          * `POST_AUTO` - POST Binding with auto-confirmation
      - in: query
        name: digest_algorithm
        schema:
          type: string
          enum:
          - http://www.w3.org/2000/09/xmldsig#sha1
          - http://www.w3.org/2001/04/xmldsig-more#sha384
          - http://www.w3.org/2001/04/xmlenc#sha256
          - http://www.w3.org/2001/04/xmlenc#sha512
        description: |-
          * `http://www.w3.org/2000/09/xmldsig#sha1` - SHA1
          * `http://www.w3.org/2001/04/xmlenc#sha256` - SHA256
          * `http://www.w3.org/2001/04/xmldsig-more#sha384` - SHA384
          * `http://www.w3.org/2001/04/xmlenc#sha512` - SHA512
      - in: query
        name: enabled
        schema:
          type: boolean
      - in: query
        name: enrollment_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: issuer
        schema:
          type: string
      - in: query
        name: managed
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - in: query
        name: name_id_policy
        schema:
          type: string
          enum:
          - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
          - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
          - urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName
          - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
          - urn:oasis:names:tc:SAML:2.0:nameid-format:transient
        description: |-
          NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

          * `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
          * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
          * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
          * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
          * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: policy_engine_mode
        schema:
          type: string
          enum:
          - all
          - any
        description: |-
          * `all` - all, all policies must pass
          * `any` - any, any policy must pass
      - in: query
        name: pre_authentication_flow
        schema:
          type: string
          format: uuid
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: signature_algorithm
        schema:
          type: string
          enum:
          - http://www.w3.org/2000/09/xmldsig#dsa-sha1
          - http://www.w3.org/2000/09/xmldsig#rsa-sha1
          - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
          - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
          - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
        description: |-
          * `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - RSA-SHA1
          * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - RSA-SHA256
          * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - RSA-SHA384
          * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - RSA-SHA512
          * `http://www.w3.org/2000/09/xmldsig#dsa-sha1` - DSA-SHA1
      - in: query
        name: signing_kp
        schema:
          type: string
          format: uuid
      - in: query
        name: slo_url
        schema:
          type: string
      - in: query
        name: slug
        schema:
          type: string
      - in: query
        name: sso_url
        schema:
          type: string
      - in: query
        name: temporary_user_delete_after
        schema:
          type: string
      - in: query
        name: user_matching_mode
        schema:
          type: string
          enum:
          - email_deny
          - email_link
          - identifier
          - username_deny
          - username_link
        description: |-
          How the source determines if an existing user should be authenticated or a new user enrolled.

          * `identifier` - Use the source-specific identifier
          * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
          * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
          * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
          * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
      - in: query
        name: verification_kp
        schema:
          type: string
          format: uuid
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedSAMLSourceList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: sources_saml_create
      description: SAMLSource Viewset
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SAMLSourceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/saml/{slug}/:
    get:
      operationId: sources_saml_retrieve
      description: SAMLSource Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: sources_saml_update
      description: SAMLSource Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SAMLSourceRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: sources_saml_partial_update
      description: SAMLSource Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedSAMLSourceRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLSource'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: sources_saml_destroy
      description: SAMLSource Viewset
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/saml/{slug}/metadata/:
    get:
      operationId: sources_saml_metadata_retrieve
      description: Return metadata as XML string
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SAMLMetadata'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/saml/{slug}/used_by/:
    get:
      operationId: sources_saml_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: slug
        schema:
          type: string
          description: Internal source name, used in URLs.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/all/:
    get:
      operationId: sources_user_connections_all_list
      description: User-source connection Viewset
      parameters:
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: user
        schema:
          type: integer
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedUserSourceConnectionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/all/{id}/:
    get:
      operationId: sources_user_connections_all_retrieve
      description: User-source connection Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this user source connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: sources_user_connections_all_update
      description: User-source connection Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this user source connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: sources_user_connections_all_partial_update
      description: User-source connection Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this user source connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: sources_user_connections_all_destroy
      description: User-source connection Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this user source connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/all/{id}/used_by/:
    get:
      operationId: sources_user_connections_all_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this user source connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/oauth/:
    get:
      operationId: sources_user_connections_oauth_list
      description: Source Viewset
      parameters:
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: source__slug
        schema:
          type: string
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedUserOAuthSourceConnectionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: sources_user_connections_oauth_create
      description: Source Viewset
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserOAuthSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/oauth/{id}/:
    get:
      operationId: sources_user_connections_oauth_retrieve
      description: Source Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User OAuth Source Connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserOAuthSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: sources_user_connections_oauth_update
      description: Source Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User OAuth Source Connection.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserOAuthSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: sources_user_connections_oauth_partial_update
      description: Source Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User OAuth Source Connection.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserOAuthSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: sources_user_connections_oauth_destroy
      description: Source Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User OAuth Source Connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/oauth/{id}/used_by/:
    get:
      operationId: sources_user_connections_oauth_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User OAuth Source Connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/plex/:
    get:
      operationId: sources_user_connections_plex_list
      description: Plex Source connection Serializer
      parameters:
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: source__slug
        schema:
          type: string
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedPlexSourceConnectionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: sources_user_connections_plex_create
      description: Plex Source connection Serializer
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PlexSourceConnectionRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PlexSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/plex/{id}/:
    get:
      operationId: sources_user_connections_plex_retrieve
      description: Plex Source connection Serializer
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User Plex Source Connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PlexSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: sources_user_connections_plex_update
      description: Plex Source connection Serializer
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User Plex Source Connection.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PlexSourceConnectionRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PlexSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: sources_user_connections_plex_partial_update
      description: Plex Source connection Serializer
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User Plex Source Connection.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedPlexSourceConnectionRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PlexSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: sources_user_connections_plex_destroy
      description: Plex Source connection Serializer
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User Plex Source Connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/plex/{id}/used_by/:
    get:
      operationId: sources_user_connections_plex_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User Plex Source Connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/saml/:
    get:
      operationId: sources_user_connections_saml_list
      description: Source Viewset
      parameters:
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: source__slug
        schema:
          type: string
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedUserSAMLSourceConnectionList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: sources_user_connections_saml_create
      description: Source Viewset
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserSAMLSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/saml/{id}/:
    get:
      operationId: sources_user_connections_saml_retrieve
      description: Source Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User SAML Source Connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserSAMLSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: sources_user_connections_saml_update
      description: Source Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User SAML Source Connection.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserSAMLSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: sources_user_connections_saml_partial_update
      description: Source Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User SAML Source Connection.
        required: true
      tags:
      - sources
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedUserSAMLSourceConnectionRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserSAMLSourceConnection'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: sources_user_connections_saml_destroy
      description: Source Viewset
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User SAML Source Connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /sources/user_connections/saml/{id}/used_by/:
    get:
      operationId: sources_user_connections_saml_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: id
        schema:
          type: integer
        description: A unique integer value identifying this User SAML Source Connection.
        required: true
      tags:
      - sources
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/all/:
    get:
      operationId: stages_all_list
      description: Stage Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/all/{stage_uuid}/:
    get:
      operationId: stages_all_retrieve
      description: Stage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Stage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_all_destroy
      description: Stage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/all/{stage_uuid}/used_by/:
    get:
      operationId: stages_all_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/all/types/:
    get:
      operationId: stages_all_types_list
      description: Get all creatable stage types
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/TypeCreate'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/all/user_settings/:
    get:
      operationId: stages_all_user_settings_list
      description: Get all stages the user can configure
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UserSetting'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/duo/:
    get:
      operationId: stages_authenticator_duo_list
      description: AuthenticatorDuoStage Viewset
      parameters:
      - in: query
        name: api_hostname
        schema:
          type: string
      - in: query
        name: client_id
        schema:
          type: string
      - in: query
        name: configure_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedAuthenticatorDuoStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_authenticator_duo_create
      description: AuthenticatorDuoStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticatorDuoStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorDuoStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/duo/{stage_uuid}/:
    get:
      operationId: stages_authenticator_duo_retrieve
      description: AuthenticatorDuoStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Duo Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorDuoStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_authenticator_duo_update
      description: AuthenticatorDuoStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Duo Authenticator Setup Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticatorDuoStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorDuoStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_authenticator_duo_partial_update
      description: AuthenticatorDuoStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Duo Authenticator Setup Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedAuthenticatorDuoStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorDuoStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_authenticator_duo_destroy
      description: AuthenticatorDuoStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Duo Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/duo/{stage_uuid}/enrollment_status/:
    post:
      operationId: stages_authenticator_duo_enrollment_status_create
      description: Check enrollment status of user details in current session
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Duo Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DuoDeviceEnrollmentStatus'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/duo/{stage_uuid}/import_device_manual/:
    post:
      operationId: stages_authenticator_duo_import_device_manual_create
      description: Import duo devices into authentik
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Duo Authenticator Setup Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticatorDuoStageManualDeviceImportRequest'
        required: true
      security:
      - authentik: []
      responses:
        '204':
          description: Enrollment successful
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/duo/{stage_uuid}/import_devices_automatic/:
    post:
      operationId: stages_authenticator_duo_import_devices_automatic_create
      description: Import duo devices into authentik
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Duo Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorDuoStageDeviceImportResponse'
          description: ''
        '400':
          description: Bad request
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/duo/{stage_uuid}/used_by/:
    get:
      operationId: stages_authenticator_duo_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Duo Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/sms/:
    get:
      operationId: stages_authenticator_sms_list
      description: AuthenticatorSMSStage Viewset
      parameters:
      - in: query
        name: account_sid
        schema:
          type: string
      - in: query
        name: auth
        schema:
          type: string
      - in: query
        name: auth_password
        schema:
          type: string
      - in: query
        name: auth_type
        schema:
          type: string
          enum:
          - basic
          - bearer
        description: |-
          * `basic` - Basic
          * `bearer` - Bearer
      - in: query
        name: configure_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: friendly_name
        schema:
          type: string
      - in: query
        name: from_number
        schema:
          type: string
      - in: query
        name: mapping
        schema:
          type: string
          format: uuid
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: provider
        schema:
          type: string
          enum:
          - generic
          - twilio
        description: |-
          * `twilio` - Twilio
          * `generic` - Generic
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: verify_only
        schema:
          type: boolean
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedAuthenticatorSMSStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_authenticator_sms_create
      description: AuthenticatorSMSStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticatorSMSStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorSMSStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/sms/{stage_uuid}/:
    get:
      operationId: stages_authenticator_sms_retrieve
      description: AuthenticatorSMSStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SMS Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorSMSStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_authenticator_sms_update
      description: AuthenticatorSMSStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SMS Authenticator Setup Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticatorSMSStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorSMSStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_authenticator_sms_partial_update
      description: AuthenticatorSMSStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SMS Authenticator Setup Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedAuthenticatorSMSStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorSMSStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_authenticator_sms_destroy
      description: AuthenticatorSMSStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SMS Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/sms/{stage_uuid}/used_by/:
    get:
      operationId: stages_authenticator_sms_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this SMS Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/static/:
    get:
      operationId: stages_authenticator_static_list
      description: AuthenticatorStaticStage Viewset
      parameters:
      - in: query
        name: configure_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: friendly_name
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: token_count
        schema:
          type: integer
      - in: query
        name: token_length
        schema:
          type: integer
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedAuthenticatorStaticStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_authenticator_static_create
      description: AuthenticatorStaticStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticatorStaticStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorStaticStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/static/{stage_uuid}/:
    get:
      operationId: stages_authenticator_static_retrieve
      description: AuthenticatorStaticStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Static Authenticator Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorStaticStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_authenticator_static_update
      description: AuthenticatorStaticStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Static Authenticator Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticatorStaticStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorStaticStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_authenticator_static_partial_update
      description: AuthenticatorStaticStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Static Authenticator Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorStaticStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_authenticator_static_destroy
      description: AuthenticatorStaticStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Static Authenticator Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/static/{stage_uuid}/used_by/:
    get:
      operationId: stages_authenticator_static_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Static Authenticator Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/totp/:
    get:
      operationId: stages_authenticator_totp_list
      description: AuthenticatorTOTPStage Viewset
      parameters:
      - in: query
        name: configure_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: digits
        schema:
          type: integer
          enum:
          - 6
          - 8
        description: |-
          * `6` - 6 digits, widely compatible
          * `8` - 8 digits, not compatible with apps like Google Authenticator
      - in: query
        name: friendly_name
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_authenticator_totp_create
      description: AuthenticatorTOTPStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorTOTPStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/totp/{stage_uuid}/:
    get:
      operationId: stages_authenticator_totp_retrieve
      description: AuthenticatorTOTPStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this TOTP Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorTOTPStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_authenticator_totp_update
      description: AuthenticatorTOTPStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this TOTP Authenticator Setup Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorTOTPStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_authenticator_totp_partial_update
      description: AuthenticatorTOTPStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this TOTP Authenticator Setup Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorTOTPStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_authenticator_totp_destroy
      description: AuthenticatorTOTPStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this TOTP Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/totp/{stage_uuid}/used_by/:
    get:
      operationId: stages_authenticator_totp_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this TOTP Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/validate/:
    get:
      operationId: stages_authenticator_validate_list
      description: AuthenticatorValidateStage Viewset
      parameters:
      - in: query
        name: configuration_stages
        schema:
          type: array
          items:
            type: string
            format: uuid
        explode: true
        style: form
      - in: query
        name: name
        schema:
          type: string
      - in: query
        name: not_configured_action
        schema:
          type: string
          enum:
          - configure
          - deny
          - skip
        description: |-
          * `skip` - Skip
          * `deny` - Deny
          * `configure` - Configure
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_authenticator_validate_create
      description: AuthenticatorValidateStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticatorValidateStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorValidateStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/validate/{stage_uuid}/:
    get:
      operationId: stages_authenticator_validate_retrieve
      description: AuthenticatorValidateStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Authenticator Validation Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorValidateStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_authenticator_validate_update
      description: AuthenticatorValidateStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Authenticator Validation Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticatorValidateStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorValidateStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_authenticator_validate_partial_update
      description: AuthenticatorValidateStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Authenticator Validation Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticatorValidateStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_authenticator_validate_destroy
      description: AuthenticatorValidateStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Authenticator Validation Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/validate/{stage_uuid}/used_by/:
    get:
      operationId: stages_authenticator_validate_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Authenticator Validation Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/webauthn/:
    get:
      operationId: stages_authenticator_webauthn_list
      description: AuthenticateWebAuthnStage Viewset
      parameters:
      - in: query
        name: authenticator_attachment
        schema:
          type: string
          nullable: true
          enum:
          - cross-platform
          - platform
        description: |-
          * `platform` - Platform
          * `cross-platform` - Cross Platform
      - in: query
        name: configure_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: friendly_name
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: resident_key_requirement
        schema:
          type: string
          enum:
          - discouraged
          - preferred
          - required
        description: |-
          * `discouraged` - Discouraged
          * `preferred` - Preferred
          * `required` - Required
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: user_verification
        schema:
          type: string
          enum:
          - discouraged
          - preferred
          - required
        description: |-
          * `required` - Required
          * `preferred` - Preferred
          * `discouraged` - Discouraged
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedAuthenticateWebAuthnStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_authenticator_webauthn_create
      description: AuthenticateWebAuthnStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/webauthn/{stage_uuid}/:
    get:
      operationId: stages_authenticator_webauthn_retrieve
      description: AuthenticateWebAuthnStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_authenticator_webauthn_update
      description: AuthenticateWebAuthnStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_authenticator_webauthn_partial_update
      description: AuthenticateWebAuthnStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_authenticator_webauthn_destroy
      description: AuthenticateWebAuthnStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/authenticator/webauthn/{stage_uuid}/used_by/:
    get:
      operationId: stages_authenticator_webauthn_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/captcha/:
    get:
      operationId: stages_captcha_list
      description: CaptchaStage Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: public_key
        schema:
          type: string
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedCaptchaStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_captcha_create
      description: CaptchaStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CaptchaStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CaptchaStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/captcha/{stage_uuid}/:
    get:
      operationId: stages_captcha_retrieve
      description: CaptchaStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Captcha Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CaptchaStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_captcha_update
      description: CaptchaStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Captcha Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CaptchaStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CaptchaStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_captcha_partial_update
      description: CaptchaStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Captcha Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedCaptchaStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CaptchaStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_captcha_destroy
      description: CaptchaStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Captcha Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/captcha/{stage_uuid}/used_by/:
    get:
      operationId: stages_captcha_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Captcha Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/consent/:
    get:
      operationId: stages_consent_list
      description: ConsentStage Viewset
      parameters:
      - in: query
        name: consent_expire_in
        schema:
          type: string
      - in: query
        name: mode
        schema:
          type: string
          enum:
          - always_require
          - expiring
          - permanent
        description: |-
          * `always_require` - Always Require
          * `permanent` - Permanent
          * `expiring` - Expiring
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedConsentStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_consent_create
      description: ConsentStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ConsentStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ConsentStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/consent/{stage_uuid}/:
    get:
      operationId: stages_consent_retrieve
      description: ConsentStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Consent Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ConsentStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_consent_update
      description: ConsentStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Consent Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ConsentStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ConsentStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_consent_partial_update
      description: ConsentStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Consent Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedConsentStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ConsentStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_consent_destroy
      description: ConsentStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Consent Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/consent/{stage_uuid}/used_by/:
    get:
      operationId: stages_consent_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Consent Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/deny/:
    get:
      operationId: stages_deny_list
      description: DenyStage Viewset
      parameters:
      - in: query
        name: deny_message
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedDenyStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_deny_create
      description: DenyStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DenyStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DenyStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/deny/{stage_uuid}/:
    get:
      operationId: stages_deny_retrieve
      description: DenyStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Deny Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DenyStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_deny_update
      description: DenyStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Deny Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DenyStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DenyStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_deny_partial_update
      description: DenyStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Deny Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedDenyStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DenyStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_deny_destroy
      description: DenyStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Deny Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/deny/{stage_uuid}/used_by/:
    get:
      operationId: stages_deny_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Deny Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/dummy/:
    get:
      operationId: stages_dummy_list
      description: DummyStage Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: throw_error
        schema:
          type: boolean
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedDummyStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_dummy_create
      description: DummyStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DummyStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DummyStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/dummy/{stage_uuid}/:
    get:
      operationId: stages_dummy_retrieve
      description: DummyStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Dummy Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DummyStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_dummy_update
      description: DummyStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Dummy Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DummyStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DummyStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_dummy_partial_update
      description: DummyStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Dummy Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedDummyStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DummyStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_dummy_destroy
      description: DummyStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Dummy Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/dummy/{stage_uuid}/used_by/:
    get:
      operationId: stages_dummy_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Dummy Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/email/:
    get:
      operationId: stages_email_list
      description: EmailStage Viewset
      parameters:
      - in: query
        name: activate_user_on_success
        schema:
          type: boolean
      - in: query
        name: from_address
        schema:
          type: string
      - in: query
        name: host
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: port
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: subject
        schema:
          type: string
      - in: query
        name: template
        schema:
          type: string
      - in: query
        name: timeout
        schema:
          type: integer
      - in: query
        name: token_expiry
        schema:
          type: integer
      - in: query
        name: use_global_settings
        schema:
          type: boolean
      - in: query
        name: use_ssl
        schema:
          type: boolean
      - in: query
        name: use_tls
        schema:
          type: boolean
      - in: query
        name: username
        schema:
          type: string
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedEmailStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_email_create
      description: EmailStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/EmailStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EmailStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/email/{stage_uuid}/:
    get:
      operationId: stages_email_retrieve
      description: EmailStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Email Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EmailStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_email_update
      description: EmailStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Email Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/EmailStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EmailStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_email_partial_update
      description: EmailStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Email Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedEmailStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EmailStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_email_destroy
      description: EmailStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Email Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/email/{stage_uuid}/used_by/:
    get:
      operationId: stages_email_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Email Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/email/templates/:
    get:
      operationId: stages_email_templates_list
      description: Get all available templates, including custom templates
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/TypeCreate'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/identification/:
    get:
      operationId: stages_identification_list
      description: IdentificationStage Viewset
      parameters:
      - in: query
        name: case_insensitive_matching
        schema:
          type: boolean
      - in: query
        name: enrollment_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: password_stage
        schema:
          type: string
          format: uuid
      - in: query
        name: passwordless_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: recovery_flow
        schema:
          type: string
          format: uuid
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: show_matched_user
        schema:
          type: boolean
      - in: query
        name: show_source_labels
        schema:
          type: boolean
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedIdentificationStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_identification_create
      description: IdentificationStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/IdentificationStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdentificationStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/identification/{stage_uuid}/:
    get:
      operationId: stages_identification_retrieve
      description: IdentificationStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Identification Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdentificationStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_identification_update
      description: IdentificationStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Identification Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/IdentificationStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdentificationStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_identification_partial_update
      description: IdentificationStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Identification Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedIdentificationStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/IdentificationStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_identification_destroy
      description: IdentificationStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Identification Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/identification/{stage_uuid}/used_by/:
    get:
      operationId: stages_identification_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Identification Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/invitation/invitations/:
    get:
      operationId: stages_invitation_invitations_list
      description: Invitation Viewset
      parameters:
      - in: query
        name: created_by__username
        schema:
          type: string
      - in: query
        name: expires
        schema:
          type: string
          format: date-time
      - in: query
        name: flow__slug
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedInvitationList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_invitation_invitations_create
      description: Invitation Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/InvitationRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Invitation'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/invitation/invitations/{invite_uuid}/:
    get:
      operationId: stages_invitation_invitations_retrieve
      description: Invitation Viewset
      parameters:
      - in: path
        name: invite_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Invitation.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Invitation'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_invitation_invitations_update
      description: Invitation Viewset
      parameters:
      - in: path
        name: invite_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Invitation.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/InvitationRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Invitation'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_invitation_invitations_partial_update
      description: Invitation Viewset
      parameters:
      - in: path
        name: invite_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Invitation.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedInvitationRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Invitation'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_invitation_invitations_destroy
      description: Invitation Viewset
      parameters:
      - in: path
        name: invite_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Invitation.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/invitation/invitations/{invite_uuid}/used_by/:
    get:
      operationId: stages_invitation_invitations_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: invite_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Invitation.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/invitation/stages/:
    get:
      operationId: stages_invitation_stages_list
      description: InvitationStage Viewset
      parameters:
      - in: query
        name: continue_flow_without_invitation
        schema:
          type: boolean
      - in: query
        name: name
        schema:
          type: string
      - in: query
        name: no_flows
        schema:
          type: boolean
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedInvitationStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_invitation_stages_create
      description: InvitationStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/InvitationStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InvitationStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/invitation/stages/{stage_uuid}/:
    get:
      operationId: stages_invitation_stages_retrieve
      description: InvitationStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Invitation Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InvitationStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_invitation_stages_update
      description: InvitationStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Invitation Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/InvitationStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InvitationStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_invitation_stages_partial_update
      description: InvitationStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Invitation Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedInvitationStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InvitationStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_invitation_stages_destroy
      description: InvitationStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Invitation Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/invitation/stages/{stage_uuid}/used_by/:
    get:
      operationId: stages_invitation_stages_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Invitation Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/password/:
    get:
      operationId: stages_password_list
      description: PasswordStage Viewset
      parameters:
      - in: query
        name: configure_flow
        schema:
          type: string
          format: uuid
      - in: query
        name: failed_attempts_before_cancel
        schema:
          type: integer
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedPasswordStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_password_create
      description: PasswordStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PasswordStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/password/{stage_uuid}/:
    get:
      operationId: stages_password_retrieve
      description: PasswordStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_password_update
      description: PasswordStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PasswordStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_password_partial_update
      description: PasswordStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedPasswordStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PasswordStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_password_destroy
      description: PasswordStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/password/{stage_uuid}/used_by/:
    get:
      operationId: stages_password_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Password Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/prompt/prompts/:
    get:
      operationId: stages_prompt_prompts_list
      description: Prompt Viewset
      parameters:
      - in: query
        name: field_key
        schema:
          type: string
      - in: query
        name: label
        schema:
          type: string
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: placeholder
        schema:
          type: string
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: type
        schema:
          type: string
          enum:
          - ak-locale
          - checkbox
          - date
          - date-time
          - dropdown
          - email
          - file
          - hidden
          - number
          - password
          - radio-button-group
          - separator
          - static
          - text
          - text_area
          - text_area_read_only
          - text_read_only
          - username
        description: |-
          * `text` - Text: Simple Text input
          * `text_area` - Text area: Multiline Text Input.
          * `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
          * `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
          * `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
          * `email` - Email: Text field with Email type.
          * `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
          * `number` - Number
          * `checkbox` - Checkbox
          * `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
          * `dropdown` - Fixed choice field rendered as a dropdown.
          * `date` - Date
          * `date-time` - Date Time
          * `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
          * `separator` - Separator: Static Separator Line
          * `hidden` - Hidden: Hidden field, can be used to insert data into form.
          * `static` - Static: Static value, displayed as-is.
          * `ak-locale` - authentik: Selection of locales authentik supports
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedPromptList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_prompt_prompts_create
      description: Prompt Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PromptRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Prompt'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/prompt/prompts/{prompt_uuid}/:
    get:
      operationId: stages_prompt_prompts_retrieve
      description: Prompt Viewset
      parameters:
      - in: path
        name: prompt_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Prompt.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Prompt'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_prompt_prompts_update
      description: Prompt Viewset
      parameters:
      - in: path
        name: prompt_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Prompt.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PromptRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Prompt'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_prompt_prompts_partial_update
      description: Prompt Viewset
      parameters:
      - in: path
        name: prompt_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Prompt.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedPromptRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Prompt'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_prompt_prompts_destroy
      description: Prompt Viewset
      parameters:
      - in: path
        name: prompt_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Prompt.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/prompt/prompts/{prompt_uuid}/used_by/:
    get:
      operationId: stages_prompt_prompts_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: prompt_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Prompt.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/prompt/prompts/preview/:
    post:
      operationId: stages_prompt_prompts_preview_create
      description: Preview a prompt as a challenge, just like a flow would receive
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PromptRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PromptChallenge'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/prompt/stages/:
    get:
      operationId: stages_prompt_stages_list
      description: PromptStage Viewset
      parameters:
      - in: query
        name: fields
        schema:
          type: array
          items:
            type: string
            format: uuid
        explode: true
        style: form
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: validation_policies
        schema:
          type: array
          items:
            type: string
            format: uuid
        explode: true
        style: form
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedPromptStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_prompt_stages_create
      description: PromptStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PromptStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PromptStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/prompt/stages/{stage_uuid}/:
    get:
      operationId: stages_prompt_stages_retrieve
      description: PromptStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Prompt Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PromptStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_prompt_stages_update
      description: PromptStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Prompt Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PromptStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PromptStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_prompt_stages_partial_update
      description: PromptStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Prompt Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedPromptStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PromptStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_prompt_stages_destroy
      description: PromptStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Prompt Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/prompt/stages/{stage_uuid}/used_by/:
    get:
      operationId: stages_prompt_stages_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this Prompt Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_delete/:
    get:
      operationId: stages_user_delete_list
      description: UserDeleteStage Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedUserDeleteStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_user_delete_create
      description: UserDeleteStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserDeleteStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserDeleteStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_delete/{stage_uuid}/:
    get:
      operationId: stages_user_delete_retrieve
      description: UserDeleteStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Delete Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserDeleteStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_user_delete_update
      description: UserDeleteStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Delete Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserDeleteStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserDeleteStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_user_delete_partial_update
      description: UserDeleteStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Delete Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedUserDeleteStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserDeleteStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_user_delete_destroy
      description: UserDeleteStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Delete Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_delete/{stage_uuid}/used_by/:
    get:
      operationId: stages_user_delete_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Delete Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_login/:
    get:
      operationId: stages_user_login_list
      description: UserLoginStage Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - in: query
        name: remember_me_offset
        schema:
          type: string
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: session_duration
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: terminate_other_sessions
        schema:
          type: boolean
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedUserLoginStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_user_login_create
      description: UserLoginStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserLoginStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserLoginStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_login/{stage_uuid}/:
    get:
      operationId: stages_user_login_retrieve
      description: UserLoginStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Login Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserLoginStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_user_login_update
      description: UserLoginStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Login Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserLoginStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserLoginStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_user_login_partial_update
      description: UserLoginStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Login Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedUserLoginStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserLoginStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_user_login_destroy
      description: UserLoginStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Login Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_login/{stage_uuid}/used_by/:
    get:
      operationId: stages_user_login_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Login Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_logout/:
    get:
      operationId: stages_user_logout_list
      description: UserLogoutStage Viewset
      parameters:
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedUserLogoutStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_user_logout_create
      description: UserLogoutStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserLogoutStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserLogoutStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_logout/{stage_uuid}/:
    get:
      operationId: stages_user_logout_retrieve
      description: UserLogoutStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Logout Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserLogoutStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_user_logout_update
      description: UserLogoutStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Logout Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserLogoutStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserLogoutStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_user_logout_partial_update
      description: UserLogoutStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Logout Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedUserLogoutStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserLogoutStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_user_logout_destroy
      description: UserLogoutStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Logout Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_logout/{stage_uuid}/used_by/:
    get:
      operationId: stages_user_logout_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Logout Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_write/:
    get:
      operationId: stages_user_write_list
      description: UserWriteStage Viewset
      parameters:
      - in: query
        name: create_users_as_inactive
        schema:
          type: boolean
      - in: query
        name: create_users_group
        schema:
          type: string
          format: uuid
      - in: query
        name: name
        schema:
          type: string
      - name: ordering
        required: false
        in: query
        description: Which field to use when ordering the results.
        schema:
          type: string
      - name: page
        required: false
        in: query
        description: A page number within the paginated result set.
        schema:
          type: integer
      - name: page_size
        required: false
        in: query
        description: Number of results to return per page.
        schema:
          type: integer
      - name: search
        required: false
        in: query
        description: A search term.
        schema:
          type: string
      - in: query
        name: stage_uuid
        schema:
          type: string
          format: uuid
      - in: query
        name: user_creation_mode
        schema:
          type: string
          enum:
          - always_create
          - create_when_required
          - never_create
        description: |-
          * `never_create` - Never Create
          * `create_when_required` - Create When Required
          * `always_create` - Always Create
      - in: query
        name: user_path_template
        schema:
          type: string
      - in: query
        name: user_type
        schema:
          type: string
          enum:
          - external
          - internal
          - internal_service_account
          - service_account
        description: |-
          * `internal` - Internal
          * `external` - External
          * `service_account` - Service Account
          * `internal_service_account` - Internal Service Account
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedUserWriteStageList'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    post:
      operationId: stages_user_write_create
      description: UserWriteStage Viewset
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserWriteStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserWriteStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_write/{stage_uuid}/:
    get:
      operationId: stages_user_write_retrieve
      description: UserWriteStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Write Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserWriteStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    put:
      operationId: stages_user_write_update
      description: UserWriteStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Write Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UserWriteStageRequest'
        required: true
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserWriteStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    patch:
      operationId: stages_user_write_partial_update
      description: UserWriteStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Write Stage.
        required: true
      tags:
      - stages
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchedUserWriteStageRequest'
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserWriteStage'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
    delete:
      operationId: stages_user_write_destroy
      description: UserWriteStage Viewset
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Write Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '204':
          description: No response body
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
  /stages/user_write/{stage_uuid}/used_by/:
    get:
      operationId: stages_user_write_used_by_list
      description: Get a list of all objects that use this object
      parameters:
      - in: path
        name: stage_uuid
        schema:
          type: string
          format: uuid
        description: A UUID string identifying this User Write Stage.
        required: true
      tags:
      - stages
      security:
      - authentik: []
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/UsedBy'
          description: ''
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
          description: ''
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
components:
  schemas:
    AccessDeniedChallenge:
      type: object
      description: Challenge when a flow's active stage calls `stage_invalid()`.
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-access-denied
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        pending_user:
          type: string
        pending_user_avatar:
          type: string
        error_message:
          type: string
      required:
      - pending_user
      - pending_user_avatar
      - type
    App:
      type: object
      description: Serialize Application info
      properties:
        name:
          type: string
        label:
          type: string
      required:
      - label
      - name
    AppEnum:
      enum:
      - authentik.admin
      - authentik.api
      - authentik.crypto
      - authentik.events
      - authentik.flows
      - authentik.outposts
      - authentik.policies.dummy
      - authentik.policies.event_matcher
      - authentik.policies.expiry
      - authentik.policies.expression
      - authentik.policies.password
      - authentik.policies.reputation
      - authentik.policies
      - authentik.providers.ldap
      - authentik.providers.oauth2
      - authentik.providers.proxy
      - authentik.providers.radius
      - authentik.providers.saml
      - authentik.providers.scim
      - authentik.rbac
      - authentik.recovery
      - authentik.sources.ldap
      - authentik.sources.oauth
      - authentik.sources.plex
      - authentik.sources.saml
      - authentik.stages.authenticator
      - authentik.stages.authenticator_duo
      - authentik.stages.authenticator_sms
      - authentik.stages.authenticator_static
      - authentik.stages.authenticator_totp
      - authentik.stages.authenticator_validate
      - authentik.stages.authenticator_webauthn
      - authentik.stages.captcha
      - authentik.stages.consent
      - authentik.stages.deny
      - authentik.stages.dummy
      - authentik.stages.email
      - authentik.stages.identification
      - authentik.stages.invitation
      - authentik.stages.password
      - authentik.stages.prompt
      - authentik.stages.user_delete
      - authentik.stages.user_login
      - authentik.stages.user_logout
      - authentik.stages.user_write
      - authentik.tenants
      - authentik.blueprints
      - authentik.core
      - authentik.enterprise
      type: string
      description: |-
        * `authentik.admin` - authentik Admin
        * `authentik.api` - authentik API
        * `authentik.crypto` - authentik Crypto
        * `authentik.events` - authentik Events
        * `authentik.flows` - authentik Flows
        * `authentik.outposts` - authentik Outpost
        * `authentik.policies.dummy` - authentik Policies.Dummy
        * `authentik.policies.event_matcher` - authentik Policies.Event Matcher
        * `authentik.policies.expiry` - authentik Policies.Expiry
        * `authentik.policies.expression` - authentik Policies.Expression
        * `authentik.policies.password` - authentik Policies.Password
        * `authentik.policies.reputation` - authentik Policies.Reputation
        * `authentik.policies` - authentik Policies
        * `authentik.providers.ldap` - authentik Providers.LDAP
        * `authentik.providers.oauth2` - authentik Providers.OAuth2
        * `authentik.providers.proxy` - authentik Providers.Proxy
        * `authentik.providers.radius` - authentik Providers.Radius
        * `authentik.providers.saml` - authentik Providers.SAML
        * `authentik.providers.scim` - authentik Providers.SCIM
        * `authentik.rbac` - authentik RBAC
        * `authentik.recovery` - authentik Recovery
        * `authentik.sources.ldap` - authentik Sources.LDAP
        * `authentik.sources.oauth` - authentik Sources.OAuth
        * `authentik.sources.plex` - authentik Sources.Plex
        * `authentik.sources.saml` - authentik Sources.SAML
        * `authentik.stages.authenticator` - authentik Stages.Authenticator
        * `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
        * `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
        * `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
        * `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
        * `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
        * `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
        * `authentik.stages.captcha` - authentik Stages.Captcha
        * `authentik.stages.consent` - authentik Stages.Consent
        * `authentik.stages.deny` - authentik Stages.Deny
        * `authentik.stages.dummy` - authentik Stages.Dummy
        * `authentik.stages.email` - authentik Stages.Email
        * `authentik.stages.identification` - authentik Stages.Identification
        * `authentik.stages.invitation` - authentik Stages.User Invitation
        * `authentik.stages.password` - authentik Stages.Password
        * `authentik.stages.prompt` - authentik Stages.Prompt
        * `authentik.stages.user_delete` - authentik Stages.User Delete
        * `authentik.stages.user_login` - authentik Stages.User Login
        * `authentik.stages.user_logout` - authentik Stages.User Logout
        * `authentik.stages.user_write` - authentik Stages.User Write
        * `authentik.tenants` - authentik Tenants
        * `authentik.blueprints` - authentik Blueprints
        * `authentik.core` - authentik Core
        * `authentik.enterprise` - authentik Enterprise
    AppleChallengeResponseRequest:
      type: object
      description: Pseudo class for plex response
      properties:
        component:
          type: string
          minLength: 1
          default: ak-source-oauth-apple
    AppleLoginChallenge:
      type: object
      description: Special challenge for apple-native authentication flow, which happens
        on the client.
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-source-oauth-apple
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        client_id:
          type: string
        scope:
          type: string
        redirect_uri:
          type: string
        state:
          type: string
      required:
      - client_id
      - redirect_uri
      - scope
      - state
      - type
    Application:
      type: object
      description: Application Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pbm uuid
        name:
          type: string
          description: Application's display Name.
        slug:
          type: string
          description: Internal application name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        provider:
          type: integer
          nullable: true
        provider_obj:
          allOf:
          - $ref: '#/components/schemas/Provider'
          readOnly: true
        backchannel_providers:
          type: array
          items:
            type: integer
        backchannel_providers_obj:
          type: array
          items:
            $ref: '#/components/schemas/Provider'
          readOnly: true
        launch_url:
          type: string
          nullable: true
          description: Allow formatting of launch URL
          readOnly: true
        open_in_new_tab:
          type: boolean
          description: Open launch URL in a new browser tab or window.
        meta_launch_url:
          type: string
          format: uri
        meta_icon:
          type: string
          nullable: true
          description: |-
            Get the URL to the App Icon image. If the name is /static or starts with http
            it is returned as-is
          readOnly: true
        meta_description:
          type: string
        meta_publisher:
          type: string
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        group:
          type: string
      required:
      - backchannel_providers_obj
      - launch_url
      - meta_icon
      - name
      - pk
      - provider_obj
      - slug
    ApplicationRequest:
      type: object
      description: Application Serializer
      properties:
        name:
          type: string
          minLength: 1
          description: Application's display Name.
        slug:
          type: string
          minLength: 1
          description: Internal application name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        provider:
          type: integer
          nullable: true
        backchannel_providers:
          type: array
          items:
            type: integer
        open_in_new_tab:
          type: boolean
          description: Open launch URL in a new browser tab or window.
        meta_launch_url:
          type: string
          format: uri
        meta_description:
          type: string
        meta_publisher:
          type: string
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        group:
          type: string
      required:
      - name
      - slug
    AuthTypeEnum:
      enum:
      - basic
      - bearer
      type: string
      description: |-
        * `basic` - Basic
        * `bearer` - Bearer
    AuthenticateWebAuthnStage:
      type: object
      description: AuthenticateWebAuthnStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
        user_verification:
          $ref: '#/components/schemas/UserVerificationEnum'
        authenticator_attachment:
          allOf:
          - $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
          nullable: true
        resident_key_requirement:
          $ref: '#/components/schemas/ResidentKeyRequirementEnum'
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    AuthenticateWebAuthnStageRequest:
      type: object
      description: AuthenticateWebAuthnStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
          minLength: 1
        user_verification:
          $ref: '#/components/schemas/UserVerificationEnum'
        authenticator_attachment:
          allOf:
          - $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
          nullable: true
        resident_key_requirement:
          $ref: '#/components/schemas/ResidentKeyRequirementEnum'
      required:
      - name
    AuthenticatedSession:
      type: object
      description: AuthenticatedSession Serializer
      properties:
        uuid:
          type: string
          format: uuid
        current:
          type: boolean
          description: Check if session is currently active session
          readOnly: true
        user_agent:
          type: object
          description: Get parsed user agent
          properties:
            device:
              type: object
              description: User agent device
              properties:
                brand:
                  type: string
                family:
                  type: string
                model:
                  type: string
              required:
              - brand
              - family
              - model
            os:
              type: object
              description: User agent os
              properties:
                family:
                  type: string
                major:
                  type: string
                minor:
                  type: string
                patch:
                  type: string
                patch_minor:
                  type: string
              required:
              - family
              - major
              - minor
              - patch
              - patch_minor
            user_agent:
              type: object
              description: User agent browser
              properties:
                family:
                  type: string
                major:
                  type: string
                minor:
                  type: string
                patch:
                  type: string
              required:
              - family
              - major
              - minor
              - patch
            string:
              type: string
          required:
          - device
          - os
          - string
          - user_agent
          readOnly: true
        geo_ip:
          type: object
          description: Get parsed user agent
          properties:
            continent:
              type: string
            country:
              type: string
            lat:
              type: number
              format: double
            long:
              type: number
              format: double
            city:
              type: string
          required:
          - city
          - continent
          - country
          - lat
          - long
          nullable: true
          readOnly: true
        user:
          type: integer
        last_ip:
          type: string
        last_user_agent:
          type: string
        last_used:
          type: string
          format: date-time
          readOnly: true
        expires:
          type: string
          format: date-time
      required:
      - current
      - geo_ip
      - last_ip
      - last_used
      - user
      - user_agent
    AuthenticationEnum:
      enum:
      - none
      - require_authenticated
      - require_unauthenticated
      - require_superuser
      type: string
      description: |-
        * `none` - None
        * `require_authenticated` - Require Authenticated
        * `require_unauthenticated` - Require Unauthenticated
        * `require_superuser` - Require Superuser
    AuthenticatorAttachmentEnum:
      enum:
      - platform
      - cross-platform
      type: string
      description: |-
        * `platform` - Platform
        * `cross-platform` - Cross Platform
    AuthenticatorDuoChallenge:
      type: object
      description: Duo Challenge
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-authenticator-duo
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        pending_user:
          type: string
        pending_user_avatar:
          type: string
        activation_barcode:
          type: string
        activation_code:
          type: string
        stage_uuid:
          type: string
      required:
      - activation_barcode
      - activation_code
      - pending_user
      - pending_user_avatar
      - stage_uuid
      - type
    AuthenticatorDuoChallengeResponseRequest:
      type: object
      description: Pseudo class for duo response
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-authenticator-duo
    AuthenticatorDuoStage:
      type: object
      description: AuthenticatorDuoStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
        client_id:
          type: string
        api_hostname:
          type: string
        admin_integration_key:
          type: string
      required:
      - api_hostname
      - client_id
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    AuthenticatorDuoStageDeviceImportResponse:
      type: object
      properties:
        count:
          type: integer
          readOnly: true
        error:
          type: string
          readOnly: true
      required:
      - count
      - error
    AuthenticatorDuoStageManualDeviceImportRequest:
      type: object
      properties:
        duo_user_id:
          type: string
          minLength: 1
        username:
          type: string
          minLength: 1
      required:
      - duo_user_id
      - username
    AuthenticatorDuoStageRequest:
      type: object
      description: AuthenticatorDuoStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
          minLength: 1
        client_id:
          type: string
          minLength: 1
        client_secret:
          type: string
          writeOnly: true
          minLength: 1
        api_hostname:
          type: string
          minLength: 1
        admin_integration_key:
          type: string
        admin_secret_key:
          type: string
          writeOnly: true
      required:
      - api_hostname
      - client_id
      - client_secret
      - name
    AuthenticatorSMSChallenge:
      type: object
      description: SMS Setup challenge
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-authenticator-sms
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        pending_user:
          type: string
        pending_user_avatar:
          type: string
        phone_number_required:
          type: boolean
          default: true
      required:
      - pending_user
      - pending_user_avatar
      - type
    AuthenticatorSMSChallengeResponseRequest:
      type: object
      description: SMS Challenge response, device is set by get_response_instance
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-authenticator-sms
        code:
          type: integer
        phone_number:
          type: string
          minLength: 1
    AuthenticatorSMSStage:
      type: object
      description: AuthenticatorSMSStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
        provider:
          $ref: '#/components/schemas/ProviderEnum'
        from_number:
          type: string
        account_sid:
          type: string
        auth:
          type: string
        auth_password:
          type: string
        auth_type:
          $ref: '#/components/schemas/AuthTypeEnum'
        verify_only:
          type: boolean
          description: When enabled, the Phone number is only used during enrollment
            to verify the users authenticity. Only a hash of the phone number is saved
            to ensure it is not reused in the future.
        mapping:
          type: string
          format: uuid
          nullable: true
          description: Optionally modify the payload being sent to custom providers.
      required:
      - account_sid
      - auth
      - component
      - from_number
      - meta_model_name
      - name
      - pk
      - provider
      - verbose_name
      - verbose_name_plural
    AuthenticatorSMSStageRequest:
      type: object
      description: AuthenticatorSMSStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
          minLength: 1
        provider:
          $ref: '#/components/schemas/ProviderEnum'
        from_number:
          type: string
          minLength: 1
        account_sid:
          type: string
          minLength: 1
        auth:
          type: string
          minLength: 1
        auth_password:
          type: string
        auth_type:
          $ref: '#/components/schemas/AuthTypeEnum'
        verify_only:
          type: boolean
          description: When enabled, the Phone number is only used during enrollment
            to verify the users authenticity. Only a hash of the phone number is saved
            to ensure it is not reused in the future.
        mapping:
          type: string
          format: uuid
          nullable: true
          description: Optionally modify the payload being sent to custom providers.
      required:
      - account_sid
      - auth
      - from_number
      - name
      - provider
    AuthenticatorStaticChallenge:
      type: object
      description: Static authenticator challenge
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-authenticator-static
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        pending_user:
          type: string
        pending_user_avatar:
          type: string
        codes:
          type: array
          items:
            type: string
      required:
      - codes
      - pending_user
      - pending_user_avatar
      - type
    AuthenticatorStaticChallengeResponseRequest:
      type: object
      description: Pseudo class for static response
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-authenticator-static
    AuthenticatorStaticStage:
      type: object
      description: AuthenticatorStaticStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
        token_count:
          type: integer
          maximum: 2147483647
          minimum: 0
        token_length:
          type: integer
          maximum: 2147483647
          minimum: 0
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    AuthenticatorStaticStageRequest:
      type: object
      description: AuthenticatorStaticStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
          minLength: 1
        token_count:
          type: integer
          maximum: 2147483647
          minimum: 0
        token_length:
          type: integer
          maximum: 2147483647
          minimum: 0
      required:
      - name
    AuthenticatorTOTPChallenge:
      type: object
      description: TOTP Setup challenge
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-authenticator-totp
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        pending_user:
          type: string
        pending_user_avatar:
          type: string
        config_url:
          type: string
      required:
      - config_url
      - pending_user
      - pending_user_avatar
      - type
    AuthenticatorTOTPChallengeResponseRequest:
      type: object
      description: TOTP Challenge response, device is set by get_response_instance
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-authenticator-totp
        code:
          type: integer
      required:
      - code
    AuthenticatorTOTPStage:
      type: object
      description: AuthenticatorTOTPStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
        digits:
          allOf:
          - $ref: '#/components/schemas/DigitsEnum'
          minimum: -2147483648
          maximum: 2147483647
      required:
      - component
      - digits
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    AuthenticatorTOTPStageRequest:
      type: object
      description: AuthenticatorTOTPStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
          minLength: 1
        digits:
          allOf:
          - $ref: '#/components/schemas/DigitsEnum'
          minimum: -2147483648
          maximum: 2147483647
      required:
      - digits
      - name
    AuthenticatorValidateStage:
      type: object
      description: AuthenticatorValidateStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        not_configured_action:
          $ref: '#/components/schemas/NotConfiguredActionEnum'
        device_classes:
          type: array
          items:
            $ref: '#/components/schemas/DeviceClassesEnum'
          description: Device classes which can be used to authenticate
        configuration_stages:
          type: array
          items:
            type: string
            format: uuid
          description: Stages used to configure Authenticator when user doesn't have
            any compatible devices. After this configuration Stage passes, the user
            is not prompted again.
        last_auth_threshold:
          type: string
          description: If any of the user's device has been used within this threshold,
            this stage will be skipped
        webauthn_user_verification:
          allOf:
          - $ref: '#/components/schemas/UserVerificationEnum'
          description: |-
            Enforce user verification for WebAuthn devices.

            * `required` - Required
            * `preferred` - Preferred
            * `discouraged` - Discouraged
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    AuthenticatorValidateStageRequest:
      type: object
      description: AuthenticatorValidateStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        not_configured_action:
          $ref: '#/components/schemas/NotConfiguredActionEnum'
        device_classes:
          type: array
          items:
            $ref: '#/components/schemas/DeviceClassesEnum'
          description: Device classes which can be used to authenticate
        configuration_stages:
          type: array
          items:
            type: string
            format: uuid
          description: Stages used to configure Authenticator when user doesn't have
            any compatible devices. After this configuration Stage passes, the user
            is not prompted again.
        last_auth_threshold:
          type: string
          minLength: 1
          description: If any of the user's device has been used within this threshold,
            this stage will be skipped
        webauthn_user_verification:
          allOf:
          - $ref: '#/components/schemas/UserVerificationEnum'
          description: |-
            Enforce user verification for WebAuthn devices.

            * `required` - Required
            * `preferred` - Preferred
            * `discouraged` - Discouraged
      required:
      - name
    AuthenticatorValidationChallenge:
      type: object
      description: Authenticator challenge
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-authenticator-validate
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        pending_user:
          type: string
        pending_user_avatar:
          type: string
        device_challenges:
          type: array
          items:
            $ref: '#/components/schemas/DeviceChallenge'
        configuration_stages:
          type: array
          items:
            $ref: '#/components/schemas/SelectableStage'
      required:
      - configuration_stages
      - device_challenges
      - pending_user
      - pending_user_avatar
      - type
    AuthenticatorValidationChallengeResponseRequest:
      type: object
      description: Challenge used for Code-based and WebAuthn authenticators
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-authenticator-validate
        selected_challenge:
          $ref: '#/components/schemas/DeviceChallengeRequest'
        selected_stage:
          type: string
          minLength: 1
        code:
          type: string
          minLength: 1
        webauthn:
          type: object
          additionalProperties: {}
        duo:
          type: integer
    AuthenticatorWebAuthnChallenge:
      type: object
      description: WebAuthn Challenge
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-authenticator-webauthn
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        pending_user:
          type: string
        pending_user_avatar:
          type: string
        registration:
          type: object
          additionalProperties: {}
      required:
      - pending_user
      - pending_user_avatar
      - registration
      - type
    AuthenticatorWebAuthnChallengeResponseRequest:
      type: object
      description: WebAuthn Challenge response
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-authenticator-webauthn
        response:
          type: object
          additionalProperties: {}
      required:
      - response
    AutoSubmitChallengeResponseRequest:
      type: object
      description: Pseudo class for autosubmit response
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-autosubmit
    AutosubmitChallenge:
      type: object
      description: Autosubmit challenge used to send and navigate a POST request
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-autosubmit
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        url:
          type: string
        attrs:
          type: object
          additionalProperties:
            type: string
        title:
          type: string
      required:
      - attrs
      - type
      - url
    BackendsEnum:
      enum:
      - authentik.core.auth.InbuiltBackend
      - authentik.core.auth.TokenBackend
      - authentik.sources.ldap.auth.LDAPBackend
      type: string
      description: |-
        * `authentik.core.auth.InbuiltBackend` - User database + standard password
        * `authentik.core.auth.TokenBackend` - User database + app passwords
        * `authentik.sources.ldap.auth.LDAPBackend` - User database + LDAP password
    BindingTypeEnum:
      enum:
      - REDIRECT
      - POST
      - POST_AUTO
      type: string
      description: |-
        * `REDIRECT` - Redirect Binding
        * `POST` - POST Binding
        * `POST_AUTO` - POST Binding with auto-confirmation
    BlueprintFile:
      type: object
      properties:
        path:
          type: string
        last_m:
          type: string
          format: date-time
        hash:
          type: string
        meta:
          allOf:
          - $ref: '#/components/schemas/Metadata'
          readOnly: true
      required:
      - hash
      - last_m
      - meta
      - path
    BlueprintInstance:
      type: object
      description: Info about a single blueprint instance file
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Instance uuid
        name:
          type: string
        path:
          type: string
          default: ''
        context:
          type: object
          additionalProperties: {}
        last_applied:
          type: string
          format: date-time
          readOnly: true
        last_applied_hash:
          type: string
          readOnly: true
        status:
          allOf:
          - $ref: '#/components/schemas/BlueprintInstanceStatusEnum'
          readOnly: true
        enabled:
          type: boolean
        managed_models:
          type: array
          items:
            type: string
          readOnly: true
        metadata:
          type: object
          additionalProperties: {}
          readOnly: true
        content:
          type: string
      required:
      - last_applied
      - last_applied_hash
      - managed_models
      - metadata
      - name
      - pk
      - status
    BlueprintInstanceRequest:
      type: object
      description: Info about a single blueprint instance file
      properties:
        name:
          type: string
          minLength: 1
        path:
          type: string
          default: ''
        context:
          type: object
          additionalProperties: {}
        enabled:
          type: boolean
        content:
          type: string
      required:
      - name
    BlueprintInstanceStatusEnum:
      enum:
      - successful
      - warning
      - error
      - orphaned
      - unknown
      type: string
      description: |-
        * `successful` - Successful
        * `warning` - Warning
        * `error` - Error
        * `orphaned` - Orphaned
        * `unknown` - Unknown
    Cache:
      type: object
      description: Generic cache stats for an object
      properties:
        count:
          type: integer
          readOnly: true
      required:
      - count
    CapabilitiesEnum:
      enum:
      - can_save_media
      - can_geo_ip
      - can_impersonate
      - can_debug
      - is_enterprise
      type: string
      description: |-
        * `can_save_media` - Can Save Media
        * `can_geo_ip` - Can Geo Ip
        * `can_impersonate` - Can Impersonate
        * `can_debug` - Can Debug
        * `is_enterprise` - Is Enterprise
    CaptchaChallenge:
      type: object
      description: Site public key
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-captcha
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        pending_user:
          type: string
        pending_user_avatar:
          type: string
        site_key:
          type: string
        js_url:
          type: string
      required:
      - js_url
      - pending_user
      - pending_user_avatar
      - site_key
      - type
    CaptchaChallengeResponseRequest:
      type: object
      description: Validate captcha token
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-captcha
        token:
          type: string
          minLength: 1
      required:
      - token
    CaptchaStage:
      type: object
      description: CaptchaStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        public_key:
          type: string
          description: Public key, acquired your captcha Provider.
        js_url:
          type: string
        api_url:
          type: string
      required:
      - component
      - meta_model_name
      - name
      - pk
      - public_key
      - verbose_name
      - verbose_name_plural
    CaptchaStageRequest:
      type: object
      description: CaptchaStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        public_key:
          type: string
          minLength: 1
          description: Public key, acquired your captcha Provider.
        private_key:
          type: string
          writeOnly: true
          minLength: 1
          description: Private key, acquired your captcha Provider.
        js_url:
          type: string
          minLength: 1
        api_url:
          type: string
          minLength: 1
      required:
      - name
      - private_key
      - public_key
    CertificateData:
      type: object
      description: Get CertificateKeyPair's data
      properties:
        data:
          type: string
          readOnly: true
      required:
      - data
    CertificateGenerationRequest:
      type: object
      description: Certificate generation parameters
      properties:
        common_name:
          type: string
          minLength: 1
        subject_alt_name:
          type: string
        validity_days:
          type: integer
      required:
      - common_name
      - validity_days
    CertificateKeyPair:
      type: object
      description: CertificateKeyPair Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Kp uuid
        name:
          type: string
        fingerprint_sha256:
          type: string
          nullable: true
          description: Get certificate Hash (SHA256)
          readOnly: true
        fingerprint_sha1:
          type: string
          nullable: true
          description: Get certificate Hash (SHA1)
          readOnly: true
        cert_expiry:
          type: string
          format: date-time
          nullable: true
          description: Get certificate expiry
          readOnly: true
        cert_subject:
          type: string
          nullable: true
          description: Get certificate subject as full rfc4514
          readOnly: true
        private_key_available:
          type: boolean
          description: Show if this keypair has a private key configured or not
          readOnly: true
        private_key_type:
          type: string
          nullable: true
          description: Get the private key's type, if set
          readOnly: true
        certificate_download_url:
          type: string
          description: Get URL to download certificate
          readOnly: true
        private_key_download_url:
          type: string
          description: Get URL to download private key
          readOnly: true
        managed:
          type: string
          readOnly: true
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
      required:
      - cert_expiry
      - cert_subject
      - certificate_download_url
      - fingerprint_sha1
      - fingerprint_sha256
      - managed
      - name
      - pk
      - private_key_available
      - private_key_download_url
      - private_key_type
    CertificateKeyPairRequest:
      type: object
      description: CertificateKeyPair Serializer
      properties:
        name:
          type: string
          minLength: 1
        certificate_data:
          type: string
          writeOnly: true
          minLength: 1
          description: PEM-encoded Certificate data
        key_data:
          type: string
          writeOnly: true
          description: Optional Private Key. If this is set, you can use this keypair
            for encryption.
      required:
      - certificate_data
      - name
    ChallengeChoices:
      enum:
      - native
      - shell
      - redirect
      type: string
      description: |-
        * `native` - NATIVE
        * `shell` - SHELL
        * `redirect` - REDIRECT
    ChallengeTypes:
      oneOf:
      - $ref: '#/components/schemas/AccessDeniedChallenge'
      - $ref: '#/components/schemas/AppleLoginChallenge'
      - $ref: '#/components/schemas/AuthenticatorDuoChallenge'
      - $ref: '#/components/schemas/AuthenticatorSMSChallenge'
      - $ref: '#/components/schemas/AuthenticatorStaticChallenge'
      - $ref: '#/components/schemas/AuthenticatorTOTPChallenge'
      - $ref: '#/components/schemas/AuthenticatorValidationChallenge'
      - $ref: '#/components/schemas/AuthenticatorWebAuthnChallenge'
      - $ref: '#/components/schemas/AutosubmitChallenge'
      - $ref: '#/components/schemas/CaptchaChallenge'
      - $ref: '#/components/schemas/ConsentChallenge'
      - $ref: '#/components/schemas/DummyChallenge'
      - $ref: '#/components/schemas/EmailChallenge'
      - $ref: '#/components/schemas/FlowErrorChallenge'
      - $ref: '#/components/schemas/IdentificationChallenge'
      - $ref: '#/components/schemas/OAuthDeviceCodeChallenge'
      - $ref: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
      - $ref: '#/components/schemas/PasswordChallenge'
      - $ref: '#/components/schemas/PlexAuthenticationChallenge'
      - $ref: '#/components/schemas/PromptChallenge'
      - $ref: '#/components/schemas/RedirectChallenge'
      - $ref: '#/components/schemas/ShellChallenge'
      - $ref: '#/components/schemas/UserLoginChallenge'
      discriminator:
        propertyName: component
        mapping:
          ak-stage-access-denied: '#/components/schemas/AccessDeniedChallenge'
          ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
          ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallenge'
          ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallenge'
          ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallenge'
          ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallenge'
          ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallenge'
          ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallenge'
          ak-stage-autosubmit: '#/components/schemas/AutosubmitChallenge'
          ak-stage-captcha: '#/components/schemas/CaptchaChallenge'
          ak-stage-consent: '#/components/schemas/ConsentChallenge'
          ak-stage-dummy: '#/components/schemas/DummyChallenge'
          ak-stage-email: '#/components/schemas/EmailChallenge'
          ak-stage-flow-error: '#/components/schemas/FlowErrorChallenge'
          ak-stage-identification: '#/components/schemas/IdentificationChallenge'
          ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallenge'
          ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
          ak-stage-password: '#/components/schemas/PasswordChallenge'
          ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
          ak-stage-prompt: '#/components/schemas/PromptChallenge'
          xak-flow-redirect: '#/components/schemas/RedirectChallenge'
          xak-flow-shell: '#/components/schemas/ShellChallenge'
          ak-stage-user-login: '#/components/schemas/UserLoginChallenge'
    ClientTypeEnum:
      enum:
      - confidential
      - public
      type: string
      description: |-
        * `confidential` - Confidential
        * `public` - Public
    Config:
      type: object
      description: Serialize authentik Config into DRF Object
      properties:
        error_reporting:
          $ref: '#/components/schemas/ErrorReportingConfig'
        capabilities:
          type: array
          items:
            $ref: '#/components/schemas/CapabilitiesEnum'
        cache_timeout:
          type: integer
        cache_timeout_flows:
          type: integer
        cache_timeout_policies:
          type: integer
        cache_timeout_reputation:
          type: integer
      required:
      - cache_timeout
      - cache_timeout_flows
      - cache_timeout_policies
      - cache_timeout_reputation
      - capabilities
      - error_reporting
    ConsentChallenge:
      type: object
      description: Challenge info for consent screens
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-consent
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        pending_user:
          type: string
        pending_user_avatar:
          type: string
        header_text:
          type: string
        permissions:
          type: array
          items:
            $ref: '#/components/schemas/ConsentPermission'
        additional_permissions:
          type: array
          items:
            $ref: '#/components/schemas/ConsentPermission'
        token:
          type: string
      required:
      - additional_permissions
      - pending_user
      - pending_user_avatar
      - permissions
      - token
      - type
    ConsentChallengeResponseRequest:
      type: object
      description: Consent challenge response, any valid response request is valid
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-consent
        token:
          type: string
          minLength: 1
      required:
      - token
    ConsentPermission:
      type: object
      description: Permission used for consent
      properties:
        name:
          type: string
        id:
          type: string
      required:
      - id
      - name
    ConsentStage:
      type: object
      description: ConsentStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        mode:
          $ref: '#/components/schemas/ConsentStageModeEnum'
        consent_expire_in:
          type: string
          title: Consent expires in
          description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    ConsentStageModeEnum:
      enum:
      - always_require
      - permanent
      - expiring
      type: string
      description: |-
        * `always_require` - Always Require
        * `permanent` - Permanent
        * `expiring` - Expiring
    ConsentStageRequest:
      type: object
      description: ConsentStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        mode:
          $ref: '#/components/schemas/ConsentStageModeEnum'
        consent_expire_in:
          type: string
          minLength: 1
          title: Consent expires in
          description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
      required:
      - name
    ContextualFlowInfo:
      type: object
      description: Contextual flow information for a challenge
      properties:
        title:
          type: string
        background:
          type: string
        cancel_url:
          type: string
        layout:
          $ref: '#/components/schemas/LayoutEnum'
      required:
      - cancel_url
      - layout
    Coordinate:
      type: object
      description: Coordinates for diagrams
      properties:
        x_cord:
          type: integer
          readOnly: true
        y_cord:
          type: integer
          readOnly: true
      required:
      - x_cord
      - y_cord
    CurrentTenant:
      type: object
      description: Partial tenant information for styling
      properties:
        matched_domain:
          type: string
        branding_title:
          type: string
        branding_logo:
          type: string
        branding_favicon:
          type: string
        ui_footer_links:
          type: array
          items:
            $ref: '#/components/schemas/FooterLink'
          readOnly: true
          default: []
        ui_theme:
          allOf:
          - $ref: '#/components/schemas/UiThemeEnum'
          readOnly: true
          default: automatic
        flow_authentication:
          type: string
        flow_invalidation:
          type: string
        flow_recovery:
          type: string
        flow_unenrollment:
          type: string
        flow_user_settings:
          type: string
        flow_device_code:
          type: string
        default_locale:
          type: string
          readOnly: true
      required:
      - branding_favicon
      - branding_logo
      - branding_title
      - default_locale
      - matched_domain
      - ui_footer_links
      - ui_theme
    DeniedActionEnum:
      enum:
      - message_continue
      - message
      - continue
      type: string
      description: |-
        * `message_continue` - Message Continue
        * `message` - Message
        * `continue` - Continue
    DenyStage:
      type: object
      description: DenyStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        deny_message:
          type: string
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    DenyStageRequest:
      type: object
      description: DenyStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        deny_message:
          type: string
      required:
      - name
    Device:
      type: object
      description: Serializer for Duo authenticator devices
      properties:
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        pk:
          type: integer
        name:
          type: string
        type:
          type: string
          description: Get type of device
          readOnly: true
        confirmed:
          type: boolean
      required:
      - confirmed
      - meta_model_name
      - name
      - pk
      - type
      - verbose_name
      - verbose_name_plural
    DeviceChallenge:
      type: object
      description: Single device challenge
      properties:
        device_class:
          type: string
        device_uid:
          type: string
        challenge:
          type: object
          additionalProperties: {}
      required:
      - challenge
      - device_class
      - device_uid
    DeviceChallengeRequest:
      type: object
      description: Single device challenge
      properties:
        device_class:
          type: string
          minLength: 1
        device_uid:
          type: string
          minLength: 1
        challenge:
          type: object
          additionalProperties: {}
      required:
      - challenge
      - device_class
      - device_uid
    DeviceClassesEnum:
      enum:
      - static
      - totp
      - webauthn
      - duo
      - sms
      type: string
      description: |-
        * `static` - Static
        * `totp` - TOTP
        * `webauthn` - WebAuthn
        * `duo` - Duo
        * `sms` - SMS
    DigestAlgorithmEnum:
      enum:
      - http://www.w3.org/2000/09/xmldsig#sha1
      - http://www.w3.org/2001/04/xmlenc#sha256
      - http://www.w3.org/2001/04/xmldsig-more#sha384
      - http://www.w3.org/2001/04/xmlenc#sha512
      type: string
      description: |-
        * `http://www.w3.org/2000/09/xmldsig#sha1` - SHA1
        * `http://www.w3.org/2001/04/xmlenc#sha256` - SHA256
        * `http://www.w3.org/2001/04/xmldsig-more#sha384` - SHA384
        * `http://www.w3.org/2001/04/xmlenc#sha512` - SHA512
    DigitsEnum:
      enum:
      - 6
      - 8
      type: integer
      description: |-
        * `6` - 6 digits, widely compatible
        * `8` - 8 digits, not compatible with apps like Google Authenticator
    DockerServiceConnection:
      type: object
      description: DockerServiceConnection Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Uuid
        name:
          type: string
        local:
          type: boolean
          description: If enabled, use the local connection. Required Docker socket/Kubernetes
            Integration
        component:
          type: string
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        url:
          type: string
          description: Can be in the format of 'unix://<path>' when connecting to
            a local docker daemon, or 'https://<hostname>:2376' when connecting to
            a remote system.
        tls_verification:
          type: string
          format: uuid
          nullable: true
          description: CA which the endpoint's Certificate is verified against. Can
            be left empty for no validation.
        tls_authentication:
          type: string
          format: uuid
          nullable: true
          description: Certificate/Key used for authentication. Can be left empty
            for no authentication.
      required:
      - component
      - meta_model_name
      - name
      - pk
      - url
      - verbose_name
      - verbose_name_plural
    DockerServiceConnectionRequest:
      type: object
      description: DockerServiceConnection Serializer
      properties:
        name:
          type: string
          minLength: 1
        local:
          type: boolean
          description: If enabled, use the local connection. Required Docker socket/Kubernetes
            Integration
        url:
          type: string
          minLength: 1
          description: Can be in the format of 'unix://<path>' when connecting to
            a local docker daemon, or 'https://<hostname>:2376' when connecting to
            a remote system.
        tls_verification:
          type: string
          format: uuid
          nullable: true
          description: CA which the endpoint's Certificate is verified against. Can
            be left empty for no validation.
        tls_authentication:
          type: string
          format: uuid
          nullable: true
          description: Certificate/Key used for authentication. Can be left empty
            for no authentication.
      required:
      - name
      - url
    DummyChallenge:
      type: object
      description: Dummy challenge
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-dummy
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
      required:
      - type
    DummyChallengeResponseRequest:
      type: object
      description: Dummy challenge response
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-dummy
    DummyPolicy:
      type: object
      description: Dummy Policy Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Policy uuid
        name:
          type: string
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        bound_to:
          type: integer
          description: Return objects policy is bound to
          readOnly: true
        result:
          type: boolean
        wait_min:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        wait_max:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
      required:
      - bound_to
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    DummyPolicyRequest:
      type: object
      description: Dummy Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        result:
          type: boolean
        wait_min:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        wait_max:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
      required:
      - name
    DummyStage:
      type: object
      description: DummyStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        throw_error:
          type: boolean
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    DummyStageRequest:
      type: object
      description: DummyStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        throw_error:
          type: boolean
      required:
      - name
    DuoDevice:
      type: object
      description: Serializer for Duo authenticator devices
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
          description: The human-readable name of this device.
          maxLength: 64
      required:
      - name
      - pk
    DuoDeviceEnrollmentStatus:
      type: object
      properties:
        duo_response:
          $ref: '#/components/schemas/DuoResponseEnum'
      required:
      - duo_response
    DuoDeviceRequest:
      type: object
      description: Serializer for Duo authenticator devices
      properties:
        name:
          type: string
          minLength: 1
          description: The human-readable name of this device.
          maxLength: 64
      required:
      - name
    DuoResponseEnum:
      enum:
      - success
      - waiting
      - invalid
      type: string
      description: |-
        * `success` - Success
        * `waiting` - Waiting
        * `invalid` - Invalid
    EmailChallenge:
      type: object
      description: Email challenge
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-email
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
      required:
      - type
    EmailChallengeResponseRequest:
      type: object
      description: |-
        Email challenge resposen. No fields. This challenge is
        always declared invalid to give the user a chance to retry
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-email
    EmailStage:
      type: object
      description: EmailStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        use_global_settings:
          type: boolean
          description: When enabled, global Email connection settings will be used
            and connection settings below will be ignored.
        host:
          type: string
        port:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        username:
          type: string
        use_tls:
          type: boolean
        use_ssl:
          type: boolean
        timeout:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        from_address:
          type: string
          format: email
          maxLength: 254
        token_expiry:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: Time in minutes the token sent is valid.
        subject:
          type: string
        template:
          type: string
        activate_user_on_success:
          type: boolean
          description: Activate users upon completion of stage.
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    EmailStageRequest:
      type: object
      description: EmailStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        use_global_settings:
          type: boolean
          description: When enabled, global Email connection settings will be used
            and connection settings below will be ignored.
        host:
          type: string
          minLength: 1
        port:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        username:
          type: string
        password:
          type: string
          writeOnly: true
        use_tls:
          type: boolean
        use_ssl:
          type: boolean
        timeout:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        from_address:
          type: string
          format: email
          minLength: 1
          maxLength: 254
        token_expiry:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: Time in minutes the token sent is valid.
        subject:
          type: string
          minLength: 1
        template:
          type: string
          minLength: 1
        activate_user_on_success:
          type: boolean
          description: Activate users upon completion of stage.
      required:
      - name
    ErrorDetail:
      type: object
      description: Serializer for rest_framework's error messages
      properties:
        string:
          type: string
        code:
          type: string
      required:
      - code
      - string
    ErrorReportingConfig:
      type: object
      description: Config for error reporting
      properties:
        enabled:
          type: boolean
          readOnly: true
        sentry_dsn:
          type: string
          readOnly: true
        environment:
          type: string
          readOnly: true
        send_pii:
          type: boolean
          readOnly: true
        traces_sample_rate:
          type: number
          format: double
          readOnly: true
      required:
      - enabled
      - environment
      - send_pii
      - sentry_dsn
      - traces_sample_rate
    Event:
      type: object
      description: Event Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Event uuid
        user:
          type: object
          additionalProperties: {}
        action:
          $ref: '#/components/schemas/EventActions'
        app:
          type: string
        context:
          type: object
          additionalProperties: {}
        client_ip:
          type: string
          nullable: true
        created:
          type: string
          format: date-time
          readOnly: true
        expires:
          type: string
          format: date-time
        tenant:
          type: object
          additionalProperties: {}
      required:
      - action
      - app
      - created
      - pk
    EventActions:
      enum:
      - login
      - login_failed
      - logout
      - user_write
      - suspicious_request
      - password_set
      - secret_view
      - secret_rotate
      - invitation_used
      - authorize_application
      - source_linked
      - impersonation_started
      - impersonation_ended
      - flow_execution
      - policy_execution
      - policy_exception
      - property_mapping_exception
      - system_task_execution
      - system_task_exception
      - system_exception
      - configuration_error
      - model_created
      - model_updated
      - model_deleted
      - email_sent
      - update_available
      - custom_
      type: string
      description: |-
        * `login` - Login
        * `login_failed` - Login Failed
        * `logout` - Logout
        * `user_write` - User Write
        * `suspicious_request` - Suspicious Request
        * `password_set` - Password Set
        * `secret_view` - Secret View
        * `secret_rotate` - Secret Rotate
        * `invitation_used` - Invite Used
        * `authorize_application` - Authorize Application
        * `source_linked` - Source Linked
        * `impersonation_started` - Impersonation Started
        * `impersonation_ended` - Impersonation Ended
        * `flow_execution` - Flow Execution
        * `policy_execution` - Policy Execution
        * `policy_exception` - Policy Exception
        * `property_mapping_exception` - Property Mapping Exception
        * `system_task_execution` - System Task Execution
        * `system_task_exception` - System Task Exception
        * `system_exception` - System Exception
        * `configuration_error` - Configuration Error
        * `model_created` - Model Created
        * `model_updated` - Model Updated
        * `model_deleted` - Model Deleted
        * `email_sent` - Email Sent
        * `update_available` - Update Available
        * `custom_` - Custom Prefix
    EventMatcherPolicy:
      type: object
      description: Event Matcher Policy Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Policy uuid
        name:
          type: string
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        bound_to:
          type: integer
          description: Return objects policy is bound to
          readOnly: true
        action:
          allOf:
          - $ref: '#/components/schemas/EventActions'
          nullable: true
          description: |-
            Match created events with this action type. When left empty, all action types will be matched.

            * `login` - Login
            * `login_failed` - Login Failed
            * `logout` - Logout
            * `user_write` - User Write
            * `suspicious_request` - Suspicious Request
            * `password_set` - Password Set
            * `secret_view` - Secret View
            * `secret_rotate` - Secret Rotate
            * `invitation_used` - Invite Used
            * `authorize_application` - Authorize Application
            * `source_linked` - Source Linked
            * `impersonation_started` - Impersonation Started
            * `impersonation_ended` - Impersonation Ended
            * `flow_execution` - Flow Execution
            * `policy_execution` - Policy Execution
            * `policy_exception` - Policy Exception
            * `property_mapping_exception` - Property Mapping Exception
            * `system_task_execution` - System Task Execution
            * `system_task_exception` - System Task Exception
            * `system_exception` - System Exception
            * `configuration_error` - Configuration Error
            * `model_created` - Model Created
            * `model_updated` - Model Updated
            * `model_deleted` - Model Deleted
            * `email_sent` - Email Sent
            * `update_available` - Update Available
            * `custom_` - Custom Prefix
        client_ip:
          type: string
          nullable: true
          description: Matches Event's Client IP (strict matching, for network matching
            use an Expression Policy)
        app:
          allOf:
          - $ref: '#/components/schemas/AppEnum'
          nullable: true
          description: |-
            Match events created by selected application. When left empty, all applications are matched.

            * `authentik.admin` - authentik Admin
            * `authentik.api` - authentik API
            * `authentik.crypto` - authentik Crypto
            * `authentik.events` - authentik Events
            * `authentik.flows` - authentik Flows
            * `authentik.outposts` - authentik Outpost
            * `authentik.policies.dummy` - authentik Policies.Dummy
            * `authentik.policies.event_matcher` - authentik Policies.Event Matcher
            * `authentik.policies.expiry` - authentik Policies.Expiry
            * `authentik.policies.expression` - authentik Policies.Expression
            * `authentik.policies.password` - authentik Policies.Password
            * `authentik.policies.reputation` - authentik Policies.Reputation
            * `authentik.policies` - authentik Policies
            * `authentik.providers.ldap` - authentik Providers.LDAP
            * `authentik.providers.oauth2` - authentik Providers.OAuth2
            * `authentik.providers.proxy` - authentik Providers.Proxy
            * `authentik.providers.radius` - authentik Providers.Radius
            * `authentik.providers.saml` - authentik Providers.SAML
            * `authentik.providers.scim` - authentik Providers.SCIM
            * `authentik.rbac` - authentik RBAC
            * `authentik.recovery` - authentik Recovery
            * `authentik.sources.ldap` - authentik Sources.LDAP
            * `authentik.sources.oauth` - authentik Sources.OAuth
            * `authentik.sources.plex` - authentik Sources.Plex
            * `authentik.sources.saml` - authentik Sources.SAML
            * `authentik.stages.authenticator` - authentik Stages.Authenticator
            * `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
            * `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
            * `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
            * `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
            * `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
            * `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
            * `authentik.stages.captcha` - authentik Stages.Captcha
            * `authentik.stages.consent` - authentik Stages.Consent
            * `authentik.stages.deny` - authentik Stages.Deny
            * `authentik.stages.dummy` - authentik Stages.Dummy
            * `authentik.stages.email` - authentik Stages.Email
            * `authentik.stages.identification` - authentik Stages.Identification
            * `authentik.stages.invitation` - authentik Stages.User Invitation
            * `authentik.stages.password` - authentik Stages.Password
            * `authentik.stages.prompt` - authentik Stages.Prompt
            * `authentik.stages.user_delete` - authentik Stages.User Delete
            * `authentik.stages.user_login` - authentik Stages.User Login
            * `authentik.stages.user_logout` - authentik Stages.User Logout
            * `authentik.stages.user_write` - authentik Stages.User Write
            * `authentik.tenants` - authentik Tenants
            * `authentik.blueprints` - authentik Blueprints
            * `authentik.core` - authentik Core
            * `authentik.enterprise` - authentik Enterprise
        model:
          allOf:
          - $ref: '#/components/schemas/ModelEnum'
          nullable: true
          description: |-
            Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

            * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
            * `authentik_events.event` - Event
            * `authentik_events.notificationtransport` - Notification Transport
            * `authentik_events.notification` - Notification
            * `authentik_events.notificationrule` - Notification Rule
            * `authentik_events.notificationwebhookmapping` - Webhook Mapping
            * `authentik_flows.flow` - Flow
            * `authentik_flows.flowstagebinding` - Flow Stage Binding
            * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
            * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
            * `authentik_outposts.outpost` - Outpost
            * `authentik_policies_dummy.dummypolicy` - Dummy Policy
            * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
            * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
            * `authentik_policies_expression.expressionpolicy` - Expression Policy
            * `authentik_policies_password.passwordpolicy` - Password Policy
            * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
            * `authentik_policies_reputation.reputation` - Reputation Score
            * `authentik_policies.policybinding` - Policy Binding
            * `authentik_providers_ldap.ldapprovider` - LDAP Provider
            * `authentik_providers_oauth2.scopemapping` - Scope Mapping
            * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
            * `authentik_providers_oauth2.authorizationcode` - Authorization Code
            * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
            * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
            * `authentik_providers_proxy.proxyprovider` - Proxy Provider
            * `authentik_providers_radius.radiusprovider` - Radius Provider
            * `authentik_providers_saml.samlprovider` - SAML Provider
            * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
            * `authentik_providers_scim.scimprovider` - SCIM Provider
            * `authentik_providers_scim.scimmapping` - SCIM Mapping
            * `authentik_rbac.role` - Role
            * `authentik_sources_ldap.ldapsource` - LDAP Source
            * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
            * `authentik_sources_oauth.oauthsource` - OAuth Source
            * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
            * `authentik_sources_plex.plexsource` - Plex Source
            * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
            * `authentik_sources_saml.samlsource` - SAML Source
            * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
            * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
            * `authentik_stages_authenticator_duo.duodevice` - Duo Device
            * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
            * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
            * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
            * `authentik_stages_authenticator_static.staticdevice` - Static Device
            * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
            * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
            * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
            * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
            * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
            * `authentik_stages_captcha.captchastage` - Captcha Stage
            * `authentik_stages_consent.consentstage` - Consent Stage
            * `authentik_stages_consent.userconsent` - User Consent
            * `authentik_stages_deny.denystage` - Deny Stage
            * `authentik_stages_dummy.dummystage` - Dummy Stage
            * `authentik_stages_email.emailstage` - Email Stage
            * `authentik_stages_identification.identificationstage` - Identification Stage
            * `authentik_stages_invitation.invitationstage` - Invitation Stage
            * `authentik_stages_invitation.invitation` - Invitation
            * `authentik_stages_password.passwordstage` - Password Stage
            * `authentik_stages_prompt.prompt` - Prompt
            * `authentik_stages_prompt.promptstage` - Prompt Stage
            * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
            * `authentik_stages_user_login.userloginstage` - User Login Stage
            * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
            * `authentik_stages_user_write.userwritestage` - User Write Stage
            * `authentik_tenants.tenant` - Tenant
            * `authentik_blueprints.blueprintinstance` - Blueprint Instance
            * `authentik_core.group` - Group
            * `authentik_core.user` - User
            * `authentik_core.application` - Application
            * `authentik_core.token` - Token
            * `authentik_enterprise.license` - License
      required:
      - bound_to
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    EventMatcherPolicyRequest:
      type: object
      description: Event Matcher Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        action:
          allOf:
          - $ref: '#/components/schemas/EventActions'
          nullable: true
          description: |-
            Match created events with this action type. When left empty, all action types will be matched.

            * `login` - Login
            * `login_failed` - Login Failed
            * `logout` - Logout
            * `user_write` - User Write
            * `suspicious_request` - Suspicious Request
            * `password_set` - Password Set
            * `secret_view` - Secret View
            * `secret_rotate` - Secret Rotate
            * `invitation_used` - Invite Used
            * `authorize_application` - Authorize Application
            * `source_linked` - Source Linked
            * `impersonation_started` - Impersonation Started
            * `impersonation_ended` - Impersonation Ended
            * `flow_execution` - Flow Execution
            * `policy_execution` - Policy Execution
            * `policy_exception` - Policy Exception
            * `property_mapping_exception` - Property Mapping Exception
            * `system_task_execution` - System Task Execution
            * `system_task_exception` - System Task Exception
            * `system_exception` - System Exception
            * `configuration_error` - Configuration Error
            * `model_created` - Model Created
            * `model_updated` - Model Updated
            * `model_deleted` - Model Deleted
            * `email_sent` - Email Sent
            * `update_available` - Update Available
            * `custom_` - Custom Prefix
        client_ip:
          type: string
          nullable: true
          minLength: 1
          description: Matches Event's Client IP (strict matching, for network matching
            use an Expression Policy)
        app:
          allOf:
          - $ref: '#/components/schemas/AppEnum'
          nullable: true
          description: |-
            Match events created by selected application. When left empty, all applications are matched.

            * `authentik.admin` - authentik Admin
            * `authentik.api` - authentik API
            * `authentik.crypto` - authentik Crypto
            * `authentik.events` - authentik Events
            * `authentik.flows` - authentik Flows
            * `authentik.outposts` - authentik Outpost
            * `authentik.policies.dummy` - authentik Policies.Dummy
            * `authentik.policies.event_matcher` - authentik Policies.Event Matcher
            * `authentik.policies.expiry` - authentik Policies.Expiry
            * `authentik.policies.expression` - authentik Policies.Expression
            * `authentik.policies.password` - authentik Policies.Password
            * `authentik.policies.reputation` - authentik Policies.Reputation
            * `authentik.policies` - authentik Policies
            * `authentik.providers.ldap` - authentik Providers.LDAP
            * `authentik.providers.oauth2` - authentik Providers.OAuth2
            * `authentik.providers.proxy` - authentik Providers.Proxy
            * `authentik.providers.radius` - authentik Providers.Radius
            * `authentik.providers.saml` - authentik Providers.SAML
            * `authentik.providers.scim` - authentik Providers.SCIM
            * `authentik.rbac` - authentik RBAC
            * `authentik.recovery` - authentik Recovery
            * `authentik.sources.ldap` - authentik Sources.LDAP
            * `authentik.sources.oauth` - authentik Sources.OAuth
            * `authentik.sources.plex` - authentik Sources.Plex
            * `authentik.sources.saml` - authentik Sources.SAML
            * `authentik.stages.authenticator` - authentik Stages.Authenticator
            * `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
            * `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
            * `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
            * `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
            * `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
            * `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
            * `authentik.stages.captcha` - authentik Stages.Captcha
            * `authentik.stages.consent` - authentik Stages.Consent
            * `authentik.stages.deny` - authentik Stages.Deny
            * `authentik.stages.dummy` - authentik Stages.Dummy
            * `authentik.stages.email` - authentik Stages.Email
            * `authentik.stages.identification` - authentik Stages.Identification
            * `authentik.stages.invitation` - authentik Stages.User Invitation
            * `authentik.stages.password` - authentik Stages.Password
            * `authentik.stages.prompt` - authentik Stages.Prompt
            * `authentik.stages.user_delete` - authentik Stages.User Delete
            * `authentik.stages.user_login` - authentik Stages.User Login
            * `authentik.stages.user_logout` - authentik Stages.User Logout
            * `authentik.stages.user_write` - authentik Stages.User Write
            * `authentik.tenants` - authentik Tenants
            * `authentik.blueprints` - authentik Blueprints
            * `authentik.core` - authentik Core
            * `authentik.enterprise` - authentik Enterprise
        model:
          allOf:
          - $ref: '#/components/schemas/ModelEnum'
          nullable: true
          description: |-
            Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

            * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
            * `authentik_events.event` - Event
            * `authentik_events.notificationtransport` - Notification Transport
            * `authentik_events.notification` - Notification
            * `authentik_events.notificationrule` - Notification Rule
            * `authentik_events.notificationwebhookmapping` - Webhook Mapping
            * `authentik_flows.flow` - Flow
            * `authentik_flows.flowstagebinding` - Flow Stage Binding
            * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
            * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
            * `authentik_outposts.outpost` - Outpost
            * `authentik_policies_dummy.dummypolicy` - Dummy Policy
            * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
            * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
            * `authentik_policies_expression.expressionpolicy` - Expression Policy
            * `authentik_policies_password.passwordpolicy` - Password Policy
            * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
            * `authentik_policies_reputation.reputation` - Reputation Score
            * `authentik_policies.policybinding` - Policy Binding
            * `authentik_providers_ldap.ldapprovider` - LDAP Provider
            * `authentik_providers_oauth2.scopemapping` - Scope Mapping
            * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
            * `authentik_providers_oauth2.authorizationcode` - Authorization Code
            * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
            * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
            * `authentik_providers_proxy.proxyprovider` - Proxy Provider
            * `authentik_providers_radius.radiusprovider` - Radius Provider
            * `authentik_providers_saml.samlprovider` - SAML Provider
            * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
            * `authentik_providers_scim.scimprovider` - SCIM Provider
            * `authentik_providers_scim.scimmapping` - SCIM Mapping
            * `authentik_rbac.role` - Role
            * `authentik_sources_ldap.ldapsource` - LDAP Source
            * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
            * `authentik_sources_oauth.oauthsource` - OAuth Source
            * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
            * `authentik_sources_plex.plexsource` - Plex Source
            * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
            * `authentik_sources_saml.samlsource` - SAML Source
            * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
            * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
            * `authentik_stages_authenticator_duo.duodevice` - Duo Device
            * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
            * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
            * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
            * `authentik_stages_authenticator_static.staticdevice` - Static Device
            * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
            * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
            * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
            * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
            * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
            * `authentik_stages_captcha.captchastage` - Captcha Stage
            * `authentik_stages_consent.consentstage` - Consent Stage
            * `authentik_stages_consent.userconsent` - User Consent
            * `authentik_stages_deny.denystage` - Deny Stage
            * `authentik_stages_dummy.dummystage` - Dummy Stage
            * `authentik_stages_email.emailstage` - Email Stage
            * `authentik_stages_identification.identificationstage` - Identification Stage
            * `authentik_stages_invitation.invitationstage` - Invitation Stage
            * `authentik_stages_invitation.invitation` - Invitation
            * `authentik_stages_password.passwordstage` - Password Stage
            * `authentik_stages_prompt.prompt` - Prompt
            * `authentik_stages_prompt.promptstage` - Prompt Stage
            * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
            * `authentik_stages_user_login.userloginstage` - User Login Stage
            * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
            * `authentik_stages_user_write.userwritestage` - User Write Stage
            * `authentik_tenants.tenant` - Tenant
            * `authentik_blueprints.blueprintinstance` - Blueprint Instance
            * `authentik_core.group` - Group
            * `authentik_core.user` - User
            * `authentik_core.application` - Application
            * `authentik_core.token` - Token
            * `authentik_enterprise.license` - License
      required:
      - name
    EventRequest:
      type: object
      description: Event Serializer
      properties:
        user:
          type: object
          additionalProperties: {}
        action:
          $ref: '#/components/schemas/EventActions'
        app:
          type: string
          minLength: 1
        context:
          type: object
          additionalProperties: {}
        client_ip:
          type: string
          nullable: true
          minLength: 1
        expires:
          type: string
          format: date-time
        tenant:
          type: object
          additionalProperties: {}
      required:
      - action
      - app
    EventTopPerUser:
      type: object
      description: Response object of Event's top_per_user
      properties:
        application:
          type: object
          additionalProperties: {}
        counted_events:
          type: integer
        unique_users:
          type: integer
      required:
      - application
      - counted_events
      - unique_users
    ExpiringBaseGrantModel:
      type: object
      description: Serializer for BaseGrantModel and ExpiringBaseGrant
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        provider:
          $ref: '#/components/schemas/OAuth2Provider'
        user:
          $ref: '#/components/schemas/User'
        is_expired:
          type: boolean
          description: Check if token is expired yet.
          readOnly: true
        expires:
          type: string
          format: date-time
        scope:
          type: array
          items:
            type: string
      required:
      - is_expired
      - pk
      - provider
      - scope
      - user
    ExpressionPolicy:
      type: object
      description: Group Membership Policy Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Policy uuid
        name:
          type: string
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        bound_to:
          type: integer
          description: Return objects policy is bound to
          readOnly: true
        expression:
          type: string
      required:
      - bound_to
      - component
      - expression
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    ExpressionPolicyRequest:
      type: object
      description: Group Membership Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        expression:
          type: string
          minLength: 1
      required:
      - expression
      - name
    ExtraRoleObjectPermission:
      type: object
      description: User permission with additional object-related data
      properties:
        id:
          type: integer
          readOnly: true
        codename:
          type: string
          readOnly: true
        model:
          type: string
          title: Python model class name
          readOnly: true
        app_label:
          type: string
          readOnly: true
        object_pk:
          type: string
          title: Object ID
          readOnly: true
        name:
          type: string
          readOnly: true
        app_label_verbose:
          type: string
          description: Get app label from permission's model
          readOnly: true
        model_verbose:
          type: string
          description: Get model label from permission's model
          readOnly: true
        object_description:
          type: string
          nullable: true
          description: |-
            Get model description from attached model. This operation takes at least
            one additional query, and the description is only shown if the user/role has the
            view_ permission on the object
          readOnly: true
      required:
      - app_label
      - app_label_verbose
      - codename
      - id
      - model
      - model_verbose
      - name
      - object_description
      - object_pk
    ExtraUserObjectPermission:
      type: object
      description: User permission with additional object-related data
      properties:
        id:
          type: integer
          readOnly: true
        codename:
          type: string
          readOnly: true
        model:
          type: string
          title: Python model class name
          readOnly: true
        app_label:
          type: string
          readOnly: true
        object_pk:
          type: string
          title: Object ID
          readOnly: true
        name:
          type: string
          readOnly: true
        app_label_verbose:
          type: string
          description: Get app label from permission's model
          readOnly: true
        model_verbose:
          type: string
          description: Get model label from permission's model
          readOnly: true
        object_description:
          type: string
          nullable: true
          description: |-
            Get model description from attached model. This operation takes at least
            one additional query, and the description is only shown if the user/role has the
            view_ permission on the object
          readOnly: true
      required:
      - app_label
      - app_label_verbose
      - codename
      - id
      - model
      - model_verbose
      - name
      - object_description
      - object_pk
    FilePathRequest:
      type: object
      description: Serializer to upload file
      properties:
        url:
          type: string
          minLength: 1
      required:
      - url
    FileUploadRequest:
      type: object
      description: Serializer to upload file
      properties:
        file:
          type: string
          format: binary
        clear:
          type: boolean
          default: false
    Flow:
      type: object
      description: Flow Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Flow uuid
        policybindingmodel_ptr_id:
          type: string
          format: uuid
          readOnly: true
        name:
          type: string
        slug:
          type: string
          description: Visible in the URL.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        title:
          type: string
          description: Shown as the Title in Flow pages.
        designation:
          allOf:
          - $ref: '#/components/schemas/FlowDesignationEnum'
          description: |-
            Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

            * `authentication` - Authentication
            * `authorization` - Authorization
            * `invalidation` - Invalidation
            * `enrollment` - Enrollment
            * `unenrollment` - Unrenollment
            * `recovery` - Recovery
            * `stage_configuration` - Stage Configuration
        background:
          type: string
          description: |-
            Get the URL to the background image. If the name is /static or starts with http
            it is returned as-is
          readOnly: true
        stages:
          type: array
          items:
            type: string
            format: uuid
          readOnly: true
        policies:
          type: array
          items:
            type: string
            format: uuid
          readOnly: true
        cache_count:
          type: integer
          description: Get count of cached flows
          readOnly: true
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        compatibility_mode:
          type: boolean
          description: Enable compatibility mode, increases compatibility with password
            managers on mobile devices.
        export_url:
          type: string
          description: Get export URL for flow
          readOnly: true
        layout:
          $ref: '#/components/schemas/LayoutEnum'
        denied_action:
          allOf:
          - $ref: '#/components/schemas/DeniedActionEnum'
          description: |-
            Configure what should happen when a flow denies access to a user.

            * `message_continue` - Message Continue
            * `message` - Message
            * `continue` - Continue
        authentication:
          allOf:
          - $ref: '#/components/schemas/AuthenticationEnum'
          description: |-
            Required level of authentication and authorization to access a flow.

            * `none` - None
            * `require_authenticated` - Require Authenticated
            * `require_unauthenticated` - Require Unauthenticated
            * `require_superuser` - Require Superuser
      required:
      - background
      - cache_count
      - designation
      - export_url
      - name
      - pk
      - policies
      - policybindingmodel_ptr_id
      - slug
      - stages
      - title
    FlowChallengeResponseRequest:
      oneOf:
      - $ref: '#/components/schemas/AppleChallengeResponseRequest'
      - $ref: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
      - $ref: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
      - $ref: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
      - $ref: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
      - $ref: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
      - $ref: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
      - $ref: '#/components/schemas/AutoSubmitChallengeResponseRequest'
      - $ref: '#/components/schemas/CaptchaChallengeResponseRequest'
      - $ref: '#/components/schemas/ConsentChallengeResponseRequest'
      - $ref: '#/components/schemas/DummyChallengeResponseRequest'
      - $ref: '#/components/schemas/EmailChallengeResponseRequest'
      - $ref: '#/components/schemas/IdentificationChallengeResponseRequest'
      - $ref: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
      - $ref: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
      - $ref: '#/components/schemas/PasswordChallengeResponseRequest'
      - $ref: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
      - $ref: '#/components/schemas/PromptChallengeResponseRequest'
      - $ref: '#/components/schemas/UserLoginChallengeResponseRequest'
      discriminator:
        propertyName: component
        mapping:
          ak-source-oauth-apple: '#/components/schemas/AppleChallengeResponseRequest'
          ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
          ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
          ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
          ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
          ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
          ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
          ak-stage-autosubmit: '#/components/schemas/AutoSubmitChallengeResponseRequest'
          ak-stage-captcha: '#/components/schemas/CaptchaChallengeResponseRequest'
          ak-stage-consent: '#/components/schemas/ConsentChallengeResponseRequest'
          ak-stage-dummy: '#/components/schemas/DummyChallengeResponseRequest'
          ak-stage-email: '#/components/schemas/EmailChallengeResponseRequest'
          ak-stage-identification: '#/components/schemas/IdentificationChallengeResponseRequest'
          ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
          ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
          ak-stage-password: '#/components/schemas/PasswordChallengeResponseRequest'
          ak-source-plex: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
          ak-stage-prompt: '#/components/schemas/PromptChallengeResponseRequest'
          ak-stage-user-login: '#/components/schemas/UserLoginChallengeResponseRequest'
    FlowDesignationEnum:
      enum:
      - authentication
      - authorization
      - invalidation
      - enrollment
      - unenrollment
      - recovery
      - stage_configuration
      type: string
      description: |-
        * `authentication` - Authentication
        * `authorization` - Authorization
        * `invalidation` - Invalidation
        * `enrollment` - Enrollment
        * `unenrollment` - Unrenollment
        * `recovery` - Recovery
        * `stage_configuration` - Stage Configuration
    FlowDiagram:
      type: object
      description: response of the flow's diagram action
      properties:
        diagram:
          type: string
          readOnly: true
      required:
      - diagram
    FlowErrorChallenge:
      type: object
      description: |-
        Challenge class when an unhandled error occurs during a stage. Normal users
        are shown an error message, superusers are shown a full stacktrace.
      properties:
        type:
          type: string
          default: native
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-flow-error
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        request_id:
          type: string
        error:
          type: string
        traceback:
          type: string
      required:
      - request_id
    FlowImportResult:
      type: object
      description: Logs of an attempted flow import
      properties:
        logs:
          type: array
          items:
            type: object
            additionalProperties: {}
          readOnly: true
        success:
          type: boolean
          readOnly: true
      required:
      - logs
      - success
    FlowInspection:
      type: object
      description: Serializer for inspect endpoint
      properties:
        plans:
          type: array
          items:
            $ref: '#/components/schemas/FlowInspectorPlan'
        current_plan:
          $ref: '#/components/schemas/FlowInspectorPlan'
        is_completed:
          type: boolean
      required:
      - is_completed
      - plans
    FlowInspectorPlan:
      type: object
      description: Serializer for an active FlowPlan
      properties:
        current_stage:
          allOf:
          - $ref: '#/components/schemas/FlowStageBinding'
          readOnly: true
        next_planned_stage:
          allOf:
          - $ref: '#/components/schemas/FlowStageBinding'
          readOnly: true
        plan_context:
          type: object
          additionalProperties: {}
          description: Get the plan's context, sanitized
          readOnly: true
        session_id:
          type: string
          description: Get a unique session ID
          readOnly: true
      required:
      - current_stage
      - next_planned_stage
      - plan_context
      - session_id
    FlowRequest:
      type: object
      description: Flow Serializer
      properties:
        name:
          type: string
          minLength: 1
        slug:
          type: string
          minLength: 1
          description: Visible in the URL.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        title:
          type: string
          minLength: 1
          description: Shown as the Title in Flow pages.
        designation:
          allOf:
          - $ref: '#/components/schemas/FlowDesignationEnum'
          description: |-
            Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

            * `authentication` - Authentication
            * `authorization` - Authorization
            * `invalidation` - Invalidation
            * `enrollment` - Enrollment
            * `unenrollment` - Unrenollment
            * `recovery` - Recovery
            * `stage_configuration` - Stage Configuration
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        compatibility_mode:
          type: boolean
          description: Enable compatibility mode, increases compatibility with password
            managers on mobile devices.
        layout:
          $ref: '#/components/schemas/LayoutEnum'
        denied_action:
          allOf:
          - $ref: '#/components/schemas/DeniedActionEnum'
          description: |-
            Configure what should happen when a flow denies access to a user.

            * `message_continue` - Message Continue
            * `message` - Message
            * `continue` - Continue
        authentication:
          allOf:
          - $ref: '#/components/schemas/AuthenticationEnum'
          description: |-
            Required level of authentication and authorization to access a flow.

            * `none` - None
            * `require_authenticated` - Require Authenticated
            * `require_unauthenticated` - Require Unauthenticated
            * `require_superuser` - Require Superuser
      required:
      - designation
      - name
      - slug
      - title
    FlowSet:
      type: object
      description: Stripped down flow serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Flow uuid
        policybindingmodel_ptr_id:
          type: string
          format: uuid
          readOnly: true
        name:
          type: string
        slug:
          type: string
          description: Visible in the URL.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        title:
          type: string
          description: Shown as the Title in Flow pages.
        designation:
          allOf:
          - $ref: '#/components/schemas/FlowDesignationEnum'
          description: |-
            Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

            * `authentication` - Authentication
            * `authorization` - Authorization
            * `invalidation` - Invalidation
            * `enrollment` - Enrollment
            * `unenrollment` - Unrenollment
            * `recovery` - Recovery
            * `stage_configuration` - Stage Configuration
        background:
          type: string
          description: |-
            Get the URL to the background image. If the name is /static or starts with http
            it is returned as-is
          readOnly: true
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        compatibility_mode:
          type: boolean
          description: Enable compatibility mode, increases compatibility with password
            managers on mobile devices.
        export_url:
          type: string
          description: Get export URL for flow
          readOnly: true
        layout:
          $ref: '#/components/schemas/LayoutEnum'
        denied_action:
          allOf:
          - $ref: '#/components/schemas/DeniedActionEnum'
          description: |-
            Configure what should happen when a flow denies access to a user.

            * `message_continue` - Message Continue
            * `message` - Message
            * `continue` - Continue
      required:
      - background
      - designation
      - export_url
      - name
      - pk
      - policybindingmodel_ptr_id
      - slug
      - title
    FlowSetRequest:
      type: object
      description: Stripped down flow serializer
      properties:
        name:
          type: string
          minLength: 1
        slug:
          type: string
          minLength: 1
          description: Visible in the URL.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        title:
          type: string
          minLength: 1
          description: Shown as the Title in Flow pages.
        designation:
          allOf:
          - $ref: '#/components/schemas/FlowDesignationEnum'
          description: |-
            Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

            * `authentication` - Authentication
            * `authorization` - Authorization
            * `invalidation` - Invalidation
            * `enrollment` - Enrollment
            * `unenrollment` - Unrenollment
            * `recovery` - Recovery
            * `stage_configuration` - Stage Configuration
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        compatibility_mode:
          type: boolean
          description: Enable compatibility mode, increases compatibility with password
            managers on mobile devices.
        layout:
          $ref: '#/components/schemas/LayoutEnum'
        denied_action:
          allOf:
          - $ref: '#/components/schemas/DeniedActionEnum'
          description: |-
            Configure what should happen when a flow denies access to a user.

            * `message_continue` - Message Continue
            * `message` - Message
            * `continue` - Continue
      required:
      - designation
      - name
      - slug
      - title
    FlowStageBinding:
      type: object
      description: FlowStageBinding Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Fsb uuid
        policybindingmodel_ptr_id:
          type: string
          format: uuid
          readOnly: true
        target:
          type: string
          format: uuid
        stage:
          type: string
          format: uuid
        stage_obj:
          allOf:
          - $ref: '#/components/schemas/Stage'
          readOnly: true
        evaluate_on_plan:
          type: boolean
          description: Evaluate policies during the Flow planning process.
        re_evaluate_policies:
          type: boolean
          description: Evaluate policies when the Stage is present to the user.
        order:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        invalid_response_action:
          allOf:
          - $ref: '#/components/schemas/InvalidResponseActionEnum'
          description: |-
            Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

            * `retry` - Retry
            * `restart` - Restart
            * `restart_with_context` - Restart With Context
      required:
      - order
      - pk
      - policybindingmodel_ptr_id
      - stage
      - stage_obj
      - target
    FlowStageBindingRequest:
      type: object
      description: FlowStageBinding Serializer
      properties:
        target:
          type: string
          format: uuid
        stage:
          type: string
          format: uuid
        evaluate_on_plan:
          type: boolean
          description: Evaluate policies during the Flow planning process.
        re_evaluate_policies:
          type: boolean
          description: Evaluate policies when the Stage is present to the user.
        order:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        invalid_response_action:
          allOf:
          - $ref: '#/components/schemas/InvalidResponseActionEnum'
          description: |-
            Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

            * `retry` - Retry
            * `restart` - Restart
            * `restart_with_context` - Restart With Context
      required:
      - order
      - stage
      - target
    FooterLink:
      type: object
      description: Links returned in Config API
      properties:
        href:
          type: string
          readOnly: true
        name:
          type: string
          readOnly: true
      required:
      - href
      - name
    GenericError:
      type: object
      description: Generic API Error
      properties:
        detail:
          type: string
        code:
          type: string
      required:
      - detail
    Group:
      type: object
      description: Group Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Group uuid
        num_pk:
          type: integer
          readOnly: true
        name:
          type: string
          maxLength: 80
        is_superuser:
          type: boolean
          description: Users added to this group will be superusers.
        parent:
          type: string
          format: uuid
          nullable: true
        parent_name:
          type: string
          readOnly: true
          nullable: true
        users:
          type: array
          items:
            type: integer
        users_obj:
          type: array
          items:
            $ref: '#/components/schemas/GroupMember'
          readOnly: true
        attributes:
          type: object
          additionalProperties: {}
        roles:
          type: array
          items:
            type: string
            format: uuid
        roles_obj:
          type: array
          items:
            $ref: '#/components/schemas/Role'
          readOnly: true
      required:
      - name
      - num_pk
      - parent_name
      - pk
      - roles_obj
      - users_obj
    GroupMember:
      type: object
      description: Stripped down user serializer to show relevant users for groups
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        username:
          type: string
          description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
            only.
          pattern: ^[\w.@+-]+$
          maxLength: 150
        name:
          type: string
          description: User's display name.
        is_active:
          type: boolean
          title: Active
          description: Designates whether this user should be treated as active. Unselect
            this instead of deleting accounts.
        last_login:
          type: string
          format: date-time
          nullable: true
        email:
          type: string
          format: email
          title: Email address
          maxLength: 254
        attributes:
          type: object
          additionalProperties: {}
        uid:
          type: string
          readOnly: true
      required:
      - name
      - pk
      - uid
      - username
    GroupMemberRequest:
      type: object
      description: Stripped down user serializer to show relevant users for groups
      properties:
        username:
          type: string
          minLength: 1
          description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
            only.
          pattern: ^[\w.@+-]+$
          maxLength: 150
        name:
          type: string
          minLength: 1
          description: User's display name.
        is_active:
          type: boolean
          title: Active
          description: Designates whether this user should be treated as active. Unselect
            this instead of deleting accounts.
        last_login:
          type: string
          format: date-time
          nullable: true
        email:
          type: string
          format: email
          title: Email address
          maxLength: 254
        attributes:
          type: object
          additionalProperties: {}
      required:
      - name
      - username
    GroupRequest:
      type: object
      description: Group Serializer
      properties:
        name:
          type: string
          minLength: 1
          maxLength: 80
        is_superuser:
          type: boolean
          description: Users added to this group will be superusers.
        parent:
          type: string
          format: uuid
          nullable: true
        users:
          type: array
          items:
            type: integer
        attributes:
          type: object
          additionalProperties: {}
        roles:
          type: array
          items:
            type: string
            format: uuid
      required:
      - name
    IdentificationChallenge:
      type: object
      description: Identification challenges with all UI elements
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-identification
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        user_fields:
          type: array
          items:
            type: string
          nullable: true
        password_fields:
          type: boolean
        application_pre:
          type: string
        enroll_url:
          type: string
        recovery_url:
          type: string
        passwordless_url:
          type: string
        primary_action:
          type: string
        sources:
          type: array
          items:
            $ref: '#/components/schemas/LoginSource'
        show_source_labels:
          type: boolean
      required:
      - password_fields
      - primary_action
      - show_source_labels
      - type
      - user_fields
    IdentificationChallengeResponseRequest:
      type: object
      description: Identification challenge
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-identification
        uid_field:
          type: string
          minLength: 1
        password:
          type: string
          nullable: true
      required:
      - uid_field
    IdentificationStage:
      type: object
      description: IdentificationStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        user_fields:
          type: array
          items:
            $ref: '#/components/schemas/UserFieldsEnum'
          description: Fields of the user object to match against. (Hold shift to
            select multiple options)
        password_stage:
          type: string
          format: uuid
          nullable: true
          description: When set, shows a password field, instead of showing the password
            field as seaprate step.
        case_insensitive_matching:
          type: boolean
          description: When enabled, user fields are matched regardless of their casing.
        show_matched_user:
          type: boolean
          description: When a valid username/email has been entered, and this option
            is enabled, the user's username and avatar will be shown. Otherwise, the
            text that the user entered will be shown
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Optional enrollment flow, which is linked at the bottom of
            the page.
        recovery_flow:
          type: string
          format: uuid
          nullable: true
          description: Optional recovery flow, which is linked at the bottom of the
            page.
        passwordless_flow:
          type: string
          format: uuid
          nullable: true
          description: Optional passwordless flow, which is linked at the bottom of
            the page.
        sources:
          type: array
          items:
            type: string
            format: uuid
          description: Specify which sources should be shown.
        show_source_labels:
          type: boolean
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    IdentificationStageRequest:
      type: object
      description: IdentificationStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        user_fields:
          type: array
          items:
            $ref: '#/components/schemas/UserFieldsEnum'
          description: Fields of the user object to match against. (Hold shift to
            select multiple options)
        password_stage:
          type: string
          format: uuid
          nullable: true
          description: When set, shows a password field, instead of showing the password
            field as seaprate step.
        case_insensitive_matching:
          type: boolean
          description: When enabled, user fields are matched regardless of their casing.
        show_matched_user:
          type: boolean
          description: When a valid username/email has been entered, and this option
            is enabled, the user's username and avatar will be shown. Otherwise, the
            text that the user entered will be shown
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Optional enrollment flow, which is linked at the bottom of
            the page.
        recovery_flow:
          type: string
          format: uuid
          nullable: true
          description: Optional recovery flow, which is linked at the bottom of the
            page.
        passwordless_flow:
          type: string
          format: uuid
          nullable: true
          description: Optional passwordless flow, which is linked at the bottom of
            the page.
        sources:
          type: array
          items:
            type: string
            format: uuid
          description: Specify which sources should be shown.
        show_source_labels:
          type: boolean
      required:
      - name
    InstallID:
      type: object
      properties:
        install_id:
          type: string
      required:
      - install_id
    IntentEnum:
      enum:
      - verification
      - api
      - recovery
      - app_password
      type: string
      description: |-
        * `verification` - Intent Verification
        * `api` - Intent Api
        * `recovery` - Intent Recovery
        * `app_password` - Intent App Password
    InvalidResponseActionEnum:
      enum:
      - retry
      - restart
      - restart_with_context
      type: string
      description: |-
        * `retry` - Retry
        * `restart` - Restart
        * `restart_with_context` - Restart With Context
    Invitation:
      type: object
      description: Invitation Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Invite uuid
        name:
          type: string
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        expires:
          type: string
          format: date-time
        fixed_data:
          type: object
          additionalProperties: {}
        created_by:
          allOf:
          - $ref: '#/components/schemas/GroupMember'
          readOnly: true
        single_use:
          type: boolean
          description: When enabled, the invitation will be deleted after usage.
        flow:
          type: string
          format: uuid
          nullable: true
          description: When set, only the configured flow can use this invitation.
        flow_obj:
          allOf:
          - $ref: '#/components/schemas/Flow'
          readOnly: true
      required:
      - created_by
      - flow_obj
      - name
      - pk
    InvitationRequest:
      type: object
      description: Invitation Serializer
      properties:
        name:
          type: string
          minLength: 1
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        expires:
          type: string
          format: date-time
        fixed_data:
          type: object
          additionalProperties: {}
        single_use:
          type: boolean
          description: When enabled, the invitation will be deleted after usage.
        flow:
          type: string
          format: uuid
          nullable: true
          description: When set, only the configured flow can use this invitation.
      required:
      - name
    InvitationStage:
      type: object
      description: InvitationStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        continue_flow_without_invitation:
          type: boolean
          description: If this flag is set, this Stage will jump to the next Stage
            when no Invitation is given. By default this Stage will cancel the Flow
            when no invitation is given.
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    InvitationStageRequest:
      type: object
      description: InvitationStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        continue_flow_without_invitation:
          type: boolean
          description: If this flag is set, this Stage will jump to the next Stage
            when no Invitation is given. By default this Stage will cancel the Flow
            when no invitation is given.
      required:
      - name
    IssuerModeEnum:
      enum:
      - global
      - per_provider
      type: string
      description: |-
        * `global` - Same identifier is used for all providers
        * `per_provider` - Each provider has a different issuer, based on the application slug.
    KubernetesServiceConnection:
      type: object
      description: KubernetesServiceConnection Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Uuid
        name:
          type: string
        local:
          type: boolean
          description: If enabled, use the local connection. Required Docker socket/Kubernetes
            Integration
        component:
          type: string
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        kubeconfig:
          type: object
          additionalProperties: {}
          description: Paste your kubeconfig here. authentik will automatically use
            the currently selected context.
        verify_ssl:
          type: boolean
          description: Verify SSL Certificates of the Kubernetes API endpoint
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    KubernetesServiceConnectionRequest:
      type: object
      description: KubernetesServiceConnection Serializer
      properties:
        name:
          type: string
          minLength: 1
        local:
          type: boolean
          description: If enabled, use the local connection. Required Docker socket/Kubernetes
            Integration
        kubeconfig:
          type: object
          additionalProperties: {}
          description: Paste your kubeconfig here. authentik will automatically use
            the currently selected context.
        verify_ssl:
          type: boolean
          description: Verify SSL Certificates of the Kubernetes API endpoint
      required:
      - name
    LDAPAPIAccessMode:
      enum:
      - direct
      - cached
      type: string
      description: |-
        * `direct` - Direct
        * `cached` - Cached
    LDAPDebug:
      type: object
      properties:
        user:
          type: array
          items:
            type: object
            additionalProperties: {}
          readOnly: true
        group:
          type: array
          items:
            type: object
            additionalProperties: {}
          readOnly: true
        membership:
          type: array
          items:
            type: object
            additionalProperties: {}
          readOnly: true
      required:
      - group
      - membership
      - user
    LDAPOutpostConfig:
      type: object
      description: LDAPProvider Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
        base_dn:
          type: string
          description: DN under which objects are accessible.
        bind_flow_slug:
          type: string
        application_slug:
          type: string
          description: Prioritise backchannel slug over direct application slug
          readOnly: true
        search_group:
          type: string
          format: uuid
          nullable: true
          description: Users in this group can do search queries. If not set, every
            user can execute search queries.
        certificate:
          type: string
          format: uuid
          nullable: true
        tls_server_name:
          type: string
        uid_start_number:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: The start for uidNumbers, this number is added to the user.pk
            to make sure that the numbers aren't too low for POSIX users. Default
            is 2000 to ensure that we don't collide with local users uidNumber
        gid_start_number:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: The start for gidNumbers, this number is added to a number
            generated from the group.pk to make sure that the numbers aren't too low
            for POSIX groups. Default is 4000 to ensure that we don't collide with
            local groups or users primary groups gidNumber
        search_mode:
          $ref: '#/components/schemas/LDAPAPIAccessMode'
        bind_mode:
          $ref: '#/components/schemas/LDAPAPIAccessMode'
        mfa_support:
          type: boolean
          description: When enabled, code-based multi-factor authentication can be
            used by appending a semicolon and the TOTP code to the password. This
            should only be enabled if all users that will bind to this provider have
            a TOTP device configured, as otherwise a password may incorrectly be rejected
            if it contains a semicolon.
      required:
      - application_slug
      - bind_flow_slug
      - name
      - pk
    LDAPPropertyMapping:
      type: object
      description: LDAP PropertyMapping Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pm uuid
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
        expression:
          type: string
        component:
          type: string
          description: Get object's component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        object_field:
          type: string
      required:
      - component
      - expression
      - meta_model_name
      - name
      - object_field
      - pk
      - verbose_name
      - verbose_name_plural
    LDAPPropertyMappingRequest:
      type: object
      description: LDAP PropertyMapping Serializer
      properties:
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
          minLength: 1
        expression:
          type: string
          minLength: 1
        object_field:
          type: string
          minLength: 1
      required:
      - expression
      - name
      - object_field
    LDAPProvider:
      type: object
      description: LDAPProvider Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        assigned_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        assigned_backchannel_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_backchannel_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        base_dn:
          type: string
          description: DN under which objects are accessible.
        search_group:
          type: string
          format: uuid
          nullable: true
          description: Users in this group can do search queries. If not set, every
            user can execute search queries.
        certificate:
          type: string
          format: uuid
          nullable: true
        tls_server_name:
          type: string
        uid_start_number:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: The start for uidNumbers, this number is added to the user.pk
            to make sure that the numbers aren't too low for POSIX users. Default
            is 2000 to ensure that we don't collide with local users uidNumber
        gid_start_number:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: The start for gidNumbers, this number is added to a number
            generated from the group.pk to make sure that the numbers aren't too low
            for POSIX groups. Default is 4000 to ensure that we don't collide with
            local groups or users primary groups gidNumber
        outpost_set:
          type: array
          items:
            type: string
          readOnly: true
        search_mode:
          $ref: '#/components/schemas/LDAPAPIAccessMode'
        bind_mode:
          $ref: '#/components/schemas/LDAPAPIAccessMode'
        mfa_support:
          type: boolean
          description: When enabled, code-based multi-factor authentication can be
            used by appending a semicolon and the TOTP code to the password. This
            should only be enabled if all users that will bind to this provider have
            a TOTP device configured, as otherwise a password may incorrectly be rejected
            if it contains a semicolon.
      required:
      - assigned_application_name
      - assigned_application_slug
      - assigned_backchannel_application_name
      - assigned_backchannel_application_slug
      - authorization_flow
      - component
      - meta_model_name
      - name
      - outpost_set
      - pk
      - verbose_name
      - verbose_name_plural
    LDAPProviderRequest:
      type: object
      description: LDAPProvider Serializer
      properties:
        name:
          type: string
          minLength: 1
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        base_dn:
          type: string
          minLength: 1
          description: DN under which objects are accessible.
        search_group:
          type: string
          format: uuid
          nullable: true
          description: Users in this group can do search queries. If not set, every
            user can execute search queries.
        certificate:
          type: string
          format: uuid
          nullable: true
        tls_server_name:
          type: string
        uid_start_number:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: The start for uidNumbers, this number is added to the user.pk
            to make sure that the numbers aren't too low for POSIX users. Default
            is 2000 to ensure that we don't collide with local users uidNumber
        gid_start_number:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: The start for gidNumbers, this number is added to a number
            generated from the group.pk to make sure that the numbers aren't too low
            for POSIX groups. Default is 4000 to ensure that we don't collide with
            local groups or users primary groups gidNumber
        search_mode:
          $ref: '#/components/schemas/LDAPAPIAccessMode'
        bind_mode:
          $ref: '#/components/schemas/LDAPAPIAccessMode'
        mfa_support:
          type: boolean
          description: When enabled, code-based multi-factor authentication can be
            used by appending a semicolon and the TOTP code to the password. This
            should only be enabled if all users that will bind to this provider have
            a TOTP device configured, as otherwise a password may incorrectly be rejected
            if it contains a semicolon.
      required:
      - authorization_flow
      - name
    LDAPSource:
      type: object
      description: LDAP Source Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pbm uuid
        name:
          type: string
          description: Source's display Name.
        slug:
          type: string
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
          readOnly: true
        user_path_template:
          type: string
        icon:
          type: string
          nullable: true
          description: |-
            Get the URL to the Icon. If the name is /static or
            starts with http it is returned as-is
          readOnly: true
        server_uri:
          type: string
          format: uri
        peer_certificate:
          type: string
          format: uuid
          nullable: true
          description: Optionally verify the LDAP Server's Certificate against the
            CA Chain in this keypair.
        client_certificate:
          type: string
          format: uuid
          nullable: true
          description: Client certificate to authenticate against the LDAP Server's
            Certificate.
        bind_cn:
          type: string
        start_tls:
          type: boolean
          title: Enable Start TLS
        sni:
          type: boolean
          title: Use Server URI for SNI verification
        base_dn:
          type: string
        additional_user_dn:
          type: string
          title: Addition User DN
          description: Prepended to Base DN for User-queries.
        additional_group_dn:
          type: string
          title: Addition Group DN
          description: Prepended to Base DN for Group-queries.
        user_object_filter:
          type: string
          description: Consider Objects matching this filter to be Users.
        group_object_filter:
          type: string
          description: Consider Objects matching this filter to be Groups.
        group_membership_field:
          type: string
          description: Field which contains members of a group.
        object_uniqueness_field:
          type: string
          description: Field which contains a unique Identifier.
        sync_users:
          type: boolean
        sync_users_password:
          type: boolean
          description: When a user changes their password, sync it back to LDAP. This
            can only be enabled on a single LDAP source.
        sync_groups:
          type: boolean
        sync_parent_group:
          type: string
          format: uuid
          nullable: true
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        property_mappings_group:
          type: array
          items:
            type: string
            format: uuid
          description: Property mappings used for group creation/updating.
      required:
      - base_dn
      - component
      - icon
      - managed
      - meta_model_name
      - name
      - pk
      - server_uri
      - slug
      - verbose_name
      - verbose_name_plural
    LDAPSourceRequest:
      type: object
      description: LDAP Source Serializer
      properties:
        name:
          type: string
          minLength: 1
          description: Source's display Name.
        slug:
          type: string
          minLength: 1
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        user_path_template:
          type: string
          minLength: 1
        server_uri:
          type: string
          minLength: 1
          format: uri
        peer_certificate:
          type: string
          format: uuid
          nullable: true
          description: Optionally verify the LDAP Server's Certificate against the
            CA Chain in this keypair.
        client_certificate:
          type: string
          format: uuid
          nullable: true
          description: Client certificate to authenticate against the LDAP Server's
            Certificate.
        bind_cn:
          type: string
        bind_password:
          type: string
          writeOnly: true
        start_tls:
          type: boolean
          title: Enable Start TLS
        sni:
          type: boolean
          title: Use Server URI for SNI verification
        base_dn:
          type: string
          minLength: 1
        additional_user_dn:
          type: string
          title: Addition User DN
          description: Prepended to Base DN for User-queries.
        additional_group_dn:
          type: string
          title: Addition Group DN
          description: Prepended to Base DN for Group-queries.
        user_object_filter:
          type: string
          minLength: 1
          description: Consider Objects matching this filter to be Users.
        group_object_filter:
          type: string
          minLength: 1
          description: Consider Objects matching this filter to be Groups.
        group_membership_field:
          type: string
          minLength: 1
          description: Field which contains members of a group.
        object_uniqueness_field:
          type: string
          minLength: 1
          description: Field which contains a unique Identifier.
        sync_users:
          type: boolean
        sync_users_password:
          type: boolean
          description: When a user changes their password, sync it back to LDAP. This
            can only be enabled on a single LDAP source.
        sync_groups:
          type: boolean
        sync_parent_group:
          type: string
          format: uuid
          nullable: true
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        property_mappings_group:
          type: array
          items:
            type: string
            format: uuid
          description: Property mappings used for group creation/updating.
      required:
      - base_dn
      - name
      - server_uri
      - slug
    LayoutEnum:
      enum:
      - stacked
      - content_left
      - content_right
      - sidebar_left
      - sidebar_right
      type: string
      description: |-
        * `stacked` - STACKED
        * `content_left` - CONTENT_LEFT
        * `content_right` - CONTENT_RIGHT
        * `sidebar_left` - SIDEBAR_LEFT
        * `sidebar_right` - SIDEBAR_RIGHT
    License:
      type: object
      description: License Serializer
      properties:
        license_uuid:
          type: string
          format: uuid
          readOnly: true
        name:
          type: string
          readOnly: true
        key:
          type: string
        expiry:
          type: string
          format: date-time
          readOnly: true
        internal_users:
          type: integer
          readOnly: true
        external_users:
          type: integer
          readOnly: true
      required:
      - expiry
      - external_users
      - internal_users
      - key
      - license_uuid
      - name
    LicenseForecast:
      type: object
      description: Serializer for license forecast
      properties:
        internal_users:
          type: integer
        external_users:
          type: integer
        forecasted_internal_users:
          type: integer
        forecasted_external_users:
          type: integer
      required:
      - external_users
      - forecasted_external_users
      - forecasted_internal_users
      - internal_users
    LicenseRequest:
      type: object
      description: License Serializer
      properties:
        key:
          type: string
          minLength: 1
      required:
      - key
    LicenseSummary:
      type: object
      description: Serializer for license status
      properties:
        internal_users:
          type: integer
        external_users:
          type: integer
        valid:
          type: boolean
        show_admin_warning:
          type: boolean
        show_user_warning:
          type: boolean
        read_only:
          type: boolean
        latest_valid:
          type: string
          format: date-time
        has_license:
          type: boolean
      required:
      - external_users
      - has_license
      - internal_users
      - latest_valid
      - read_only
      - show_admin_warning
      - show_user_warning
      - valid
    Link:
      type: object
      description: Returns a single link
      properties:
        link:
          type: string
      required:
      - link
    LoginChallengeTypes:
      oneOf:
      - $ref: '#/components/schemas/RedirectChallenge'
      - $ref: '#/components/schemas/PlexAuthenticationChallenge'
      - $ref: '#/components/schemas/AppleLoginChallenge'
      discriminator:
        propertyName: component
        mapping:
          xak-flow-redirect: '#/components/schemas/RedirectChallenge'
          ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
          ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
    LoginMetrics:
      type: object
      description: Login Metrics per 1h
      properties:
        logins:
          type: array
          items:
            $ref: '#/components/schemas/Coordinate'
          readOnly: true
        logins_failed:
          type: array
          items:
            $ref: '#/components/schemas/Coordinate'
          readOnly: true
        authorizations:
          type: array
          items:
            $ref: '#/components/schemas/Coordinate'
          readOnly: true
      required:
      - authorizations
      - logins
      - logins_failed
    LoginSource:
      type: object
      description: Serializer for Login buttons of sources
      properties:
        name:
          type: string
        icon_url:
          type: string
          nullable: true
        challenge:
          $ref: '#/components/schemas/LoginChallengeTypes'
      required:
      - challenge
      - name
    Metadata:
      type: object
      description: Serializer for blueprint metadata
      properties:
        name:
          type: string
        labels:
          type: object
          additionalProperties: {}
      required:
      - labels
      - name
    ModelEnum:
      enum:
      - authentik_crypto.certificatekeypair
      - authentik_events.event
      - authentik_events.notificationtransport
      - authentik_events.notification
      - authentik_events.notificationrule
      - authentik_events.notificationwebhookmapping
      - authentik_flows.flow
      - authentik_flows.flowstagebinding
      - authentik_outposts.dockerserviceconnection
      - authentik_outposts.kubernetesserviceconnection
      - authentik_outposts.outpost
      - authentik_policies_dummy.dummypolicy
      - authentik_policies_event_matcher.eventmatcherpolicy
      - authentik_policies_expiry.passwordexpirypolicy
      - authentik_policies_expression.expressionpolicy
      - authentik_policies_password.passwordpolicy
      - authentik_policies_reputation.reputationpolicy
      - authentik_policies_reputation.reputation
      - authentik_policies.policybinding
      - authentik_providers_ldap.ldapprovider
      - authentik_providers_oauth2.scopemapping
      - authentik_providers_oauth2.oauth2provider
      - authentik_providers_oauth2.authorizationcode
      - authentik_providers_oauth2.accesstoken
      - authentik_providers_oauth2.refreshtoken
      - authentik_providers_proxy.proxyprovider
      - authentik_providers_radius.radiusprovider
      - authentik_providers_saml.samlprovider
      - authentik_providers_saml.samlpropertymapping
      - authentik_providers_scim.scimprovider
      - authentik_providers_scim.scimmapping
      - authentik_rbac.role
      - authentik_sources_ldap.ldapsource
      - authentik_sources_ldap.ldappropertymapping
      - authentik_sources_oauth.oauthsource
      - authentik_sources_oauth.useroauthsourceconnection
      - authentik_sources_plex.plexsource
      - authentik_sources_plex.plexsourceconnection
      - authentik_sources_saml.samlsource
      - authentik_sources_saml.usersamlsourceconnection
      - authentik_stages_authenticator_duo.authenticatorduostage
      - authentik_stages_authenticator_duo.duodevice
      - authentik_stages_authenticator_sms.authenticatorsmsstage
      - authentik_stages_authenticator_sms.smsdevice
      - authentik_stages_authenticator_static.authenticatorstaticstage
      - authentik_stages_authenticator_static.staticdevice
      - authentik_stages_authenticator_totp.authenticatortotpstage
      - authentik_stages_authenticator_totp.totpdevice
      - authentik_stages_authenticator_validate.authenticatorvalidatestage
      - authentik_stages_authenticator_webauthn.authenticatewebauthnstage
      - authentik_stages_authenticator_webauthn.webauthndevice
      - authentik_stages_captcha.captchastage
      - authentik_stages_consent.consentstage
      - authentik_stages_consent.userconsent
      - authentik_stages_deny.denystage
      - authentik_stages_dummy.dummystage
      - authentik_stages_email.emailstage
      - authentik_stages_identification.identificationstage
      - authentik_stages_invitation.invitationstage
      - authentik_stages_invitation.invitation
      - authentik_stages_password.passwordstage
      - authentik_stages_prompt.prompt
      - authentik_stages_prompt.promptstage
      - authentik_stages_user_delete.userdeletestage
      - authentik_stages_user_login.userloginstage
      - authentik_stages_user_logout.userlogoutstage
      - authentik_stages_user_write.userwritestage
      - authentik_tenants.tenant
      - authentik_blueprints.blueprintinstance
      - authentik_core.group
      - authentik_core.user
      - authentik_core.application
      - authentik_core.token
      - authentik_enterprise.license
      type: string
      description: |-
        * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
        * `authentik_events.event` - Event
        * `authentik_events.notificationtransport` - Notification Transport
        * `authentik_events.notification` - Notification
        * `authentik_events.notificationrule` - Notification Rule
        * `authentik_events.notificationwebhookmapping` - Webhook Mapping
        * `authentik_flows.flow` - Flow
        * `authentik_flows.flowstagebinding` - Flow Stage Binding
        * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
        * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
        * `authentik_outposts.outpost` - Outpost
        * `authentik_policies_dummy.dummypolicy` - Dummy Policy
        * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
        * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
        * `authentik_policies_expression.expressionpolicy` - Expression Policy
        * `authentik_policies_password.passwordpolicy` - Password Policy
        * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
        * `authentik_policies_reputation.reputation` - Reputation Score
        * `authentik_policies.policybinding` - Policy Binding
        * `authentik_providers_ldap.ldapprovider` - LDAP Provider
        * `authentik_providers_oauth2.scopemapping` - Scope Mapping
        * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
        * `authentik_providers_oauth2.authorizationcode` - Authorization Code
        * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
        * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
        * `authentik_providers_proxy.proxyprovider` - Proxy Provider
        * `authentik_providers_radius.radiusprovider` - Radius Provider
        * `authentik_providers_saml.samlprovider` - SAML Provider
        * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
        * `authentik_providers_scim.scimprovider` - SCIM Provider
        * `authentik_providers_scim.scimmapping` - SCIM Mapping
        * `authentik_rbac.role` - Role
        * `authentik_sources_ldap.ldapsource` - LDAP Source
        * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
        * `authentik_sources_oauth.oauthsource` - OAuth Source
        * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
        * `authentik_sources_plex.plexsource` - Plex Source
        * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
        * `authentik_sources_saml.samlsource` - SAML Source
        * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
        * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
        * `authentik_stages_authenticator_duo.duodevice` - Duo Device
        * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
        * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
        * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
        * `authentik_stages_authenticator_static.staticdevice` - Static Device
        * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
        * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
        * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
        * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
        * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
        * `authentik_stages_captcha.captchastage` - Captcha Stage
        * `authentik_stages_consent.consentstage` - Consent Stage
        * `authentik_stages_consent.userconsent` - User Consent
        * `authentik_stages_deny.denystage` - Deny Stage
        * `authentik_stages_dummy.dummystage` - Dummy Stage
        * `authentik_stages_email.emailstage` - Email Stage
        * `authentik_stages_identification.identificationstage` - Identification Stage
        * `authentik_stages_invitation.invitationstage` - Invitation Stage
        * `authentik_stages_invitation.invitation` - Invitation
        * `authentik_stages_password.passwordstage` - Password Stage
        * `authentik_stages_prompt.prompt` - Prompt
        * `authentik_stages_prompt.promptstage` - Prompt Stage
        * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
        * `authentik_stages_user_login.userloginstage` - User Login Stage
        * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
        * `authentik_stages_user_write.userwritestage` - User Write Stage
        * `authentik_tenants.tenant` - Tenant
        * `authentik_blueprints.blueprintinstance` - Blueprint Instance
        * `authentik_core.group` - Group
        * `authentik_core.user` - User
        * `authentik_core.application` - Application
        * `authentik_core.token` - Token
        * `authentik_enterprise.license` - License
    NameIdPolicyEnum:
      enum:
      - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
      - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
      - urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName
      - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
      - urn:oasis:names:tc:SAML:2.0:nameid-format:transient
      type: string
      description: |-
        * `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
        * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
        * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
        * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
        * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
    NotConfiguredActionEnum:
      enum:
      - skip
      - deny
      - configure
      type: string
      description: |-
        * `skip` - Skip
        * `deny` - Deny
        * `configure` - Configure
    Notification:
      type: object
      description: Notification Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Uuid
        severity:
          allOf:
          - $ref: '#/components/schemas/SeverityEnum'
          readOnly: true
        body:
          type: string
          readOnly: true
        created:
          type: string
          format: date-time
          readOnly: true
        event:
          $ref: '#/components/schemas/Event'
        seen:
          type: boolean
      required:
      - body
      - created
      - pk
      - severity
    NotificationRequest:
      type: object
      description: Notification Serializer
      properties:
        event:
          $ref: '#/components/schemas/EventRequest'
        seen:
          type: boolean
    NotificationRule:
      type: object
      description: NotificationRule Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pbm uuid
        name:
          type: string
        transports:
          type: array
          items:
            type: string
            format: uuid
          description: Select which transports should be used to notify the user.
            If none are selected, the notification will only be shown in the authentik
            UI.
        severity:
          allOf:
          - $ref: '#/components/schemas/SeverityEnum'
          description: |-
            Controls which severity level the created notifications will have.

            * `notice` - Notice
            * `warning` - Warning
            * `alert` - Alert
        group:
          type: string
          format: uuid
          nullable: true
          description: Define which group of users this notification should be sent
            and shown to. If left empty, Notification won't ben sent.
        group_obj:
          allOf:
          - $ref: '#/components/schemas/Group'
          readOnly: true
      required:
      - group_obj
      - name
      - pk
    NotificationRuleRequest:
      type: object
      description: NotificationRule Serializer
      properties:
        name:
          type: string
          minLength: 1
        transports:
          type: array
          items:
            type: string
            format: uuid
          description: Select which transports should be used to notify the user.
            If none are selected, the notification will only be shown in the authentik
            UI.
        severity:
          allOf:
          - $ref: '#/components/schemas/SeverityEnum'
          description: |-
            Controls which severity level the created notifications will have.

            * `notice` - Notice
            * `warning` - Warning
            * `alert` - Alert
        group:
          type: string
          format: uuid
          nullable: true
          description: Define which group of users this notification should be sent
            and shown to. If left empty, Notification won't ben sent.
      required:
      - name
    NotificationTransport:
      type: object
      description: NotificationTransport Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Uuid
        name:
          type: string
        mode:
          $ref: '#/components/schemas/NotificationTransportModeEnum'
        mode_verbose:
          type: string
          description: Return selected mode with a UI Label
          readOnly: true
        webhook_url:
          type: string
          format: uri
        webhook_mapping:
          type: string
          format: uuid
          nullable: true
        send_once:
          type: boolean
          description: Only send notification once, for example when sending a webhook
            into a chat channel.
      required:
      - mode_verbose
      - name
      - pk
    NotificationTransportModeEnum:
      enum:
      - local
      - webhook
      - webhook_slack
      - email
      type: string
      description: |-
        * `local` - authentik inbuilt notifications
        * `webhook` - Generic Webhook
        * `webhook_slack` - Slack Webhook (Slack/Discord)
        * `email` - Email
    NotificationTransportRequest:
      type: object
      description: NotificationTransport Serializer
      properties:
        name:
          type: string
          minLength: 1
        mode:
          $ref: '#/components/schemas/NotificationTransportModeEnum'
        webhook_url:
          type: string
          format: uri
        webhook_mapping:
          type: string
          format: uuid
          nullable: true
        send_once:
          type: boolean
          description: Only send notification once, for example when sending a webhook
            into a chat channel.
      required:
      - name
    NotificationTransportTest:
      type: object
      description: Notification test serializer
      properties:
        messages:
          type: array
          items:
            type: string
      required:
      - messages
    NotificationWebhookMapping:
      type: object
      description: NotificationWebhookMapping Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pm uuid
        name:
          type: string
        expression:
          type: string
      required:
      - expression
      - name
      - pk
    NotificationWebhookMappingRequest:
      type: object
      description: NotificationWebhookMapping Serializer
      properties:
        name:
          type: string
          minLength: 1
        expression:
          type: string
          minLength: 1
      required:
      - expression
      - name
    OAuth2Provider:
      type: object
      description: OAuth2Provider Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        assigned_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        assigned_backchannel_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_backchannel_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        client_type:
          allOf:
          - $ref: '#/components/schemas/ClientTypeEnum'
          description: |-
            Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

            * `confidential` - Confidential
            * `public` - Public
        client_id:
          type: string
          maxLength: 255
        client_secret:
          type: string
          maxLength: 255
        access_code_validity:
          type: string
          description: 'Access codes not valid on or after current time + this value
            (Format: hours=1;minutes=2;seconds=3).'
        access_token_validity:
          type: string
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        refresh_token_validity:
          type: string
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        include_claims_in_id_token:
          type: boolean
          description: Include User claims from scopes in the id_token, for applications
            that don't access the userinfo endpoint.
        signing_key:
          type: string
          format: uuid
          nullable: true
          description: Key used to sign the tokens. Only required when JWT Algorithm
            is set to RS256.
        redirect_uris:
          type: string
          description: Enter each URI on a new line.
        sub_mode:
          allOf:
          - $ref: '#/components/schemas/SubModeEnum'
          description: |-
            Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

            * `hashed_user_id` - Based on the Hashed User ID
            * `user_id` - Based on user ID
            * `user_uuid` - Based on user UUID
            * `user_username` - Based on the username
            * `user_email` - Based on the User's Email. This is recommended over the UPN method.
            * `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
        issuer_mode:
          allOf:
          - $ref: '#/components/schemas/IssuerModeEnum'
          description: |-
            Configure how the issuer field of the ID Token should be filled.

            * `global` - Same identifier is used for all providers
            * `per_provider` - Each provider has a different issuer, based on the application slug.
        jwks_sources:
          type: array
          items:
            type: string
            format: uuid
            title: Any JWT signed by the JWK of the selected source can be used to
              authenticate.
          title: Any JWT signed by the JWK of the selected source can be used to authenticate.
      required:
      - assigned_application_name
      - assigned_application_slug
      - assigned_backchannel_application_name
      - assigned_backchannel_application_slug
      - authorization_flow
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    OAuth2ProviderRequest:
      type: object
      description: OAuth2Provider Serializer
      properties:
        name:
          type: string
          minLength: 1
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        client_type:
          allOf:
          - $ref: '#/components/schemas/ClientTypeEnum'
          description: |-
            Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

            * `confidential` - Confidential
            * `public` - Public
        client_id:
          type: string
          minLength: 1
          maxLength: 255
        client_secret:
          type: string
          maxLength: 255
        access_code_validity:
          type: string
          minLength: 1
          description: 'Access codes not valid on or after current time + this value
            (Format: hours=1;minutes=2;seconds=3).'
        access_token_validity:
          type: string
          minLength: 1
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        refresh_token_validity:
          type: string
          minLength: 1
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        include_claims_in_id_token:
          type: boolean
          description: Include User claims from scopes in the id_token, for applications
            that don't access the userinfo endpoint.
        signing_key:
          type: string
          format: uuid
          nullable: true
          description: Key used to sign the tokens. Only required when JWT Algorithm
            is set to RS256.
        redirect_uris:
          type: string
          description: Enter each URI on a new line.
        sub_mode:
          allOf:
          - $ref: '#/components/schemas/SubModeEnum'
          description: |-
            Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

            * `hashed_user_id` - Based on the Hashed User ID
            * `user_id` - Based on user ID
            * `user_uuid` - Based on user UUID
            * `user_username` - Based on the username
            * `user_email` - Based on the User's Email. This is recommended over the UPN method.
            * `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
        issuer_mode:
          allOf:
          - $ref: '#/components/schemas/IssuerModeEnum'
          description: |-
            Configure how the issuer field of the ID Token should be filled.

            * `global` - Same identifier is used for all providers
            * `per_provider` - Each provider has a different issuer, based on the application slug.
        jwks_sources:
          type: array
          items:
            type: string
            format: uuid
            title: Any JWT signed by the JWK of the selected source can be used to
              authenticate.
          title: Any JWT signed by the JWK of the selected source can be used to authenticate.
      required:
      - authorization_flow
      - name
    OAuth2ProviderSetupURLs:
      type: object
      description: OAuth2 Provider Metadata serializer
      properties:
        issuer:
          type: string
          readOnly: true
        authorize:
          type: string
          readOnly: true
        token:
          type: string
          readOnly: true
        user_info:
          type: string
          readOnly: true
        provider_info:
          type: string
          readOnly: true
        logout:
          type: string
          readOnly: true
        jwks:
          type: string
          readOnly: true
      required:
      - authorize
      - issuer
      - jwks
      - logout
      - provider_info
      - token
      - user_info
    OAuthDeviceCodeChallenge:
      type: object
      description: OAuth Device code challenge
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-provider-oauth2-device-code
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
      required:
      - type
    OAuthDeviceCodeChallengeResponseRequest:
      type: object
      description: Response that includes the user-entered device code
      properties:
        component:
          type: string
          minLength: 1
          default: ak-provider-oauth2-device-code
        code:
          type: integer
      required:
      - code
    OAuthDeviceCodeFinishChallenge:
      type: object
      description: Final challenge after user enters their code
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-provider-oauth2-device-code-finish
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
      required:
      - type
    OAuthDeviceCodeFinishChallengeResponseRequest:
      type: object
      description: Response that device has been authenticated and tab can be closed
      properties:
        component:
          type: string
          minLength: 1
          default: ak-provider-oauth2-device-code-finish
    OAuthSource:
      type: object
      description: OAuth Source Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pbm uuid
        name:
          type: string
          description: Source's display Name.
        slug:
          type: string
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
          readOnly: true
        user_path_template:
          type: string
        icon:
          type: string
          nullable: true
          description: |-
            Get the URL to the Icon. If the name is /static or
            starts with http it is returned as-is
          readOnly: true
        provider_type:
          $ref: '#/components/schemas/ProviderTypeEnum'
        request_token_url:
          type: string
          nullable: true
          description: URL used to request the initial token. This URL is only required
            for OAuth 1.
          maxLength: 255
        authorization_url:
          type: string
          nullable: true
          description: URL the user is redirect to to conest the flow.
          maxLength: 255
        access_token_url:
          type: string
          nullable: true
          description: URL used by authentik to retrieve tokens.
          maxLength: 255
        profile_url:
          type: string
          nullable: true
          description: URL used by authentik to get user information.
          maxLength: 255
        consumer_key:
          type: string
        callback_url:
          type: string
          description: Get OAuth Callback URL
          readOnly: true
        additional_scopes:
          type: string
        type:
          allOf:
          - $ref: '#/components/schemas/SourceType'
          readOnly: true
        oidc_well_known_url:
          type: string
        oidc_jwks_url:
          type: string
        oidc_jwks:
          type: object
          additionalProperties: {}
      required:
      - callback_url
      - component
      - consumer_key
      - icon
      - managed
      - meta_model_name
      - name
      - pk
      - provider_type
      - slug
      - type
      - verbose_name
      - verbose_name_plural
    OAuthSourceRequest:
      type: object
      description: OAuth Source Serializer
      properties:
        name:
          type: string
          minLength: 1
          description: Source's display Name.
        slug:
          type: string
          minLength: 1
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        user_path_template:
          type: string
          minLength: 1
        provider_type:
          $ref: '#/components/schemas/ProviderTypeEnum'
        request_token_url:
          type: string
          nullable: true
          minLength: 1
          description: URL used to request the initial token. This URL is only required
            for OAuth 1.
          maxLength: 255
        authorization_url:
          type: string
          nullable: true
          minLength: 1
          description: URL the user is redirect to to conest the flow.
          maxLength: 255
        access_token_url:
          type: string
          nullable: true
          minLength: 1
          description: URL used by authentik to retrieve tokens.
          maxLength: 255
        profile_url:
          type: string
          nullable: true
          minLength: 1
          description: URL used by authentik to get user information.
          maxLength: 255
        consumer_key:
          type: string
          minLength: 1
        consumer_secret:
          type: string
          writeOnly: true
          minLength: 1
        additional_scopes:
          type: string
        oidc_well_known_url:
          type: string
        oidc_jwks_url:
          type: string
        oidc_jwks:
          type: object
          additionalProperties: {}
      required:
      - consumer_key
      - consumer_secret
      - name
      - provider_type
      - slug
    OpenIDConnectConfiguration:
      type: object
      description: rest_framework Serializer for OIDC Configuration
      properties:
        issuer:
          type: string
        authorization_endpoint:
          type: string
        token_endpoint:
          type: string
        userinfo_endpoint:
          type: string
        end_session_endpoint:
          type: string
        introspection_endpoint:
          type: string
        jwks_uri:
          type: string
        response_types_supported:
          type: array
          items:
            type: string
        id_token_signing_alg_values_supported:
          type: array
          items:
            type: string
        subject_types_supported:
          type: array
          items:
            type: string
        token_endpoint_auth_methods_supported:
          type: array
          items:
            type: string
      required:
      - authorization_endpoint
      - end_session_endpoint
      - id_token_signing_alg_values_supported
      - introspection_endpoint
      - issuer
      - jwks_uri
      - response_types_supported
      - subject_types_supported
      - token_endpoint
      - token_endpoint_auth_methods_supported
      - userinfo_endpoint
    Outpost:
      type: object
      description: Outpost Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Uuid
        name:
          type: string
        type:
          $ref: '#/components/schemas/OutpostTypeEnum'
        providers:
          type: array
          items:
            type: integer
        providers_obj:
          type: array
          items:
            $ref: '#/components/schemas/Provider'
          readOnly: true
        service_connection:
          type: string
          format: uuid
          nullable: true
          description: Select Service-Connection authentik should use to manage this
            outpost. Leave empty if authentik should not handle the deployment.
        service_connection_obj:
          allOf:
          - $ref: '#/components/schemas/ServiceConnection'
          readOnly: true
        token_identifier:
          type: string
          description: Get Token identifier
          readOnly: true
        config:
          type: object
          additionalProperties: {}
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
      required:
      - config
      - name
      - pk
      - providers
      - providers_obj
      - service_connection_obj
      - token_identifier
      - type
    OutpostDefaultConfig:
      type: object
      description: Global default outpost config
      properties:
        config:
          type: object
          additionalProperties: {}
          readOnly: true
      required:
      - config
    OutpostHealth:
      type: object
      description: Outpost health status
      properties:
        uid:
          type: string
          readOnly: true
        last_seen:
          type: string
          format: date-time
          readOnly: true
        version:
          type: string
          readOnly: true
        version_should:
          type: string
          readOnly: true
        version_outdated:
          type: boolean
          readOnly: true
        build_hash:
          type: string
          readOnly: true
        build_hash_should:
          type: string
          readOnly: true
        hostname:
          type: string
          readOnly: true
      required:
      - build_hash
      - build_hash_should
      - hostname
      - last_seen
      - uid
      - version
      - version_outdated
      - version_should
    OutpostRequest:
      type: object
      description: Outpost Serializer
      properties:
        name:
          type: string
          minLength: 1
        type:
          $ref: '#/components/schemas/OutpostTypeEnum'
        providers:
          type: array
          items:
            type: integer
        service_connection:
          type: string
          format: uuid
          nullable: true
          description: Select Service-Connection authentik should use to manage this
            outpost. Leave empty if authentik should not handle the deployment.
        config:
          type: object
          additionalProperties: {}
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
      required:
      - config
      - name
      - providers
      - type
    OutpostTypeEnum:
      enum:
      - proxy
      - ldap
      - radius
      type: string
      description: |-
        * `proxy` - Proxy
        * `ldap` - Ldap
        * `radius` - Radius
    PaginatedApplicationList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Application'
      required:
      - pagination
      - results
    PaginatedAuthenticateWebAuthnStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/AuthenticateWebAuthnStage'
      required:
      - pagination
      - results
    PaginatedAuthenticatedSessionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/AuthenticatedSession'
      required:
      - pagination
      - results
    PaginatedAuthenticatorDuoStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/AuthenticatorDuoStage'
      required:
      - pagination
      - results
    PaginatedAuthenticatorSMSStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/AuthenticatorSMSStage'
      required:
      - pagination
      - results
    PaginatedAuthenticatorStaticStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/AuthenticatorStaticStage'
      required:
      - pagination
      - results
    PaginatedAuthenticatorTOTPStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/AuthenticatorTOTPStage'
      required:
      - pagination
      - results
    PaginatedAuthenticatorValidateStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/AuthenticatorValidateStage'
      required:
      - pagination
      - results
    PaginatedBlueprintInstanceList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/BlueprintInstance'
      required:
      - pagination
      - results
    PaginatedCaptchaStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/CaptchaStage'
      required:
      - pagination
      - results
    PaginatedCertificateKeyPairList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/CertificateKeyPair'
      required:
      - pagination
      - results
    PaginatedConsentStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/ConsentStage'
      required:
      - pagination
      - results
    PaginatedDenyStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/DenyStage'
      required:
      - pagination
      - results
    PaginatedDockerServiceConnectionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/DockerServiceConnection'
      required:
      - pagination
      - results
    PaginatedDummyPolicyList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/DummyPolicy'
      required:
      - pagination
      - results
    PaginatedDummyStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/DummyStage'
      required:
      - pagination
      - results
    PaginatedDuoDeviceList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/DuoDevice'
      required:
      - pagination
      - results
    PaginatedEmailStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/EmailStage'
      required:
      - pagination
      - results
    PaginatedEventList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Event'
      required:
      - pagination
      - results
    PaginatedEventMatcherPolicyList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/EventMatcherPolicy'
      required:
      - pagination
      - results
    PaginatedExpiringBaseGrantModelList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/ExpiringBaseGrantModel'
      required:
      - pagination
      - results
    PaginatedExpressionPolicyList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/ExpressionPolicy'
      required:
      - pagination
      - results
    PaginatedExtraRoleObjectPermissionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/ExtraRoleObjectPermission'
      required:
      - pagination
      - results
    PaginatedExtraUserObjectPermissionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/ExtraUserObjectPermission'
      required:
      - pagination
      - results
    PaginatedFlowList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Flow'
      required:
      - pagination
      - results
    PaginatedFlowStageBindingList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/FlowStageBinding'
      required:
      - pagination
      - results
    PaginatedGroupList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Group'
      required:
      - pagination
      - results
    PaginatedIdentificationStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/IdentificationStage'
      required:
      - pagination
      - results
    PaginatedInvitationList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Invitation'
      required:
      - pagination
      - results
    PaginatedInvitationStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/InvitationStage'
      required:
      - pagination
      - results
    PaginatedKubernetesServiceConnectionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/KubernetesServiceConnection'
      required:
      - pagination
      - results
    PaginatedLDAPOutpostConfigList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/LDAPOutpostConfig'
      required:
      - pagination
      - results
    PaginatedLDAPPropertyMappingList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/LDAPPropertyMapping'
      required:
      - pagination
      - results
    PaginatedLDAPProviderList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/LDAPProvider'
      required:
      - pagination
      - results
    PaginatedLDAPSourceList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/LDAPSource'
      required:
      - pagination
      - results
    PaginatedLicenseList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/License'
      required:
      - pagination
      - results
    PaginatedNotificationList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Notification'
      required:
      - pagination
      - results
    PaginatedNotificationRuleList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/NotificationRule'
      required:
      - pagination
      - results
    PaginatedNotificationTransportList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/NotificationTransport'
      required:
      - pagination
      - results
    PaginatedNotificationWebhookMappingList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/NotificationWebhookMapping'
      required:
      - pagination
      - results
    PaginatedOAuth2ProviderList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/OAuth2Provider'
      required:
      - pagination
      - results
    PaginatedOAuthSourceList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/OAuthSource'
      required:
      - pagination
      - results
    PaginatedOutpostList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Outpost'
      required:
      - pagination
      - results
    PaginatedPasswordExpiryPolicyList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/PasswordExpiryPolicy'
      required:
      - pagination
      - results
    PaginatedPasswordPolicyList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/PasswordPolicy'
      required:
      - pagination
      - results
    PaginatedPasswordStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/PasswordStage'
      required:
      - pagination
      - results
    PaginatedPermissionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Permission'
      required:
      - pagination
      - results
    PaginatedPlexSourceConnectionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/PlexSourceConnection'
      required:
      - pagination
      - results
    PaginatedPlexSourceList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/PlexSource'
      required:
      - pagination
      - results
    PaginatedPolicyBindingList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/PolicyBinding'
      required:
      - pagination
      - results
    PaginatedPolicyList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Policy'
      required:
      - pagination
      - results
    PaginatedPromptList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Prompt'
      required:
      - pagination
      - results
    PaginatedPromptStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/PromptStage'
      required:
      - pagination
      - results
    PaginatedPropertyMappingList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/PropertyMapping'
      required:
      - pagination
      - results
    PaginatedProviderList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Provider'
      required:
      - pagination
      - results
    PaginatedProxyOutpostConfigList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/ProxyOutpostConfig'
      required:
      - pagination
      - results
    PaginatedProxyProviderList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/ProxyProvider'
      required:
      - pagination
      - results
    PaginatedRadiusOutpostConfigList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/RadiusOutpostConfig'
      required:
      - pagination
      - results
    PaginatedRadiusProviderList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/RadiusProvider'
      required:
      - pagination
      - results
    PaginatedReputationList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Reputation'
      required:
      - pagination
      - results
    PaginatedReputationPolicyList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/ReputationPolicy'
      required:
      - pagination
      - results
    PaginatedRoleAssignedObjectPermissionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/RoleAssignedObjectPermission'
      required:
      - pagination
      - results
    PaginatedRoleList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Role'
      required:
      - pagination
      - results
    PaginatedSAMLPropertyMappingList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/SAMLPropertyMapping'
      required:
      - pagination
      - results
    PaginatedSAMLProviderList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/SAMLProvider'
      required:
      - pagination
      - results
    PaginatedSAMLSourceList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/SAMLSource'
      required:
      - pagination
      - results
    PaginatedSCIMMappingList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/SCIMMapping'
      required:
      - pagination
      - results
    PaginatedSCIMProviderList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/SCIMProvider'
      required:
      - pagination
      - results
    PaginatedSMSDeviceList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/SMSDevice'
      required:
      - pagination
      - results
    PaginatedScopeMappingList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/ScopeMapping'
      required:
      - pagination
      - results
    PaginatedServiceConnectionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/ServiceConnection'
      required:
      - pagination
      - results
    PaginatedSourceList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Source'
      required:
      - pagination
      - results
    PaginatedStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Stage'
      required:
      - pagination
      - results
    PaginatedStaticDeviceList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/StaticDevice'
      required:
      - pagination
      - results
    PaginatedTOTPDeviceList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/TOTPDevice'
      required:
      - pagination
      - results
    PaginatedTenantList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Tenant'
      required:
      - pagination
      - results
    PaginatedTokenList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/Token'
      required:
      - pagination
      - results
    PaginatedTokenModelList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/TokenModel'
      required:
      - pagination
      - results
    PaginatedUserAssignedObjectPermissionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/UserAssignedObjectPermission'
      required:
      - pagination
      - results
    PaginatedUserConsentList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/UserConsent'
      required:
      - pagination
      - results
    PaginatedUserDeleteStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/UserDeleteStage'
      required:
      - pagination
      - results
    PaginatedUserList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/User'
      required:
      - pagination
      - results
    PaginatedUserLoginStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/UserLoginStage'
      required:
      - pagination
      - results
    PaginatedUserLogoutStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/UserLogoutStage'
      required:
      - pagination
      - results
    PaginatedUserOAuthSourceConnectionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/UserOAuthSourceConnection'
      required:
      - pagination
      - results
    PaginatedUserSAMLSourceConnectionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/UserSAMLSourceConnection'
      required:
      - pagination
      - results
    PaginatedUserSourceConnectionList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/UserSourceConnection'
      required:
      - pagination
      - results
    PaginatedUserWriteStageList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/UserWriteStage'
      required:
      - pagination
      - results
    PaginatedWebAuthnDeviceList:
      type: object
      properties:
        pagination:
          $ref: '#/components/schemas/Pagination'
        results:
          type: array
          items:
            $ref: '#/components/schemas/WebAuthnDevice'
      required:
      - pagination
      - results
    Pagination:
      type: object
      properties:
        next:
          type: number
        previous:
          type: number
        count:
          type: number
        current:
          type: number
        total_pages:
          type: number
        start_index:
          type: number
        end_index:
          type: number
      required:
      - next
      - previous
      - count
      - current
      - total_pages
      - start_index
      - end_index
    PasswordChallenge:
      type: object
      description: Password challenge UI fields
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-password
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        pending_user:
          type: string
        pending_user_avatar:
          type: string
        recovery_url:
          type: string
      required:
      - pending_user
      - pending_user_avatar
      - type
    PasswordChallengeResponseRequest:
      type: object
      description: Password challenge response
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-password
        password:
          type: string
          minLength: 1
      required:
      - password
    PasswordExpiryPolicy:
      type: object
      description: Password Expiry Policy Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Policy uuid
        name:
          type: string
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        bound_to:
          type: integer
          description: Return objects policy is bound to
          readOnly: true
        days:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        deny_only:
          type: boolean
      required:
      - bound_to
      - component
      - days
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    PasswordExpiryPolicyRequest:
      type: object
      description: Password Expiry Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        days:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        deny_only:
          type: boolean
      required:
      - days
      - name
    PasswordPolicy:
      type: object
      description: Password Policy Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Policy uuid
        name:
          type: string
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        bound_to:
          type: integer
          description: Return objects policy is bound to
          readOnly: true
        password_field:
          type: string
          description: Field key to check, field keys defined in Prompt stages are
            available.
        amount_digits:
          type: integer
          maximum: 2147483647
          minimum: 0
        amount_uppercase:
          type: integer
          maximum: 2147483647
          minimum: 0
        amount_lowercase:
          type: integer
          maximum: 2147483647
          minimum: 0
        amount_symbols:
          type: integer
          maximum: 2147483647
          minimum: 0
        length_min:
          type: integer
          maximum: 2147483647
          minimum: 0
        symbol_charset:
          type: string
        error_message:
          type: string
        check_static_rules:
          type: boolean
        check_have_i_been_pwned:
          type: boolean
        check_zxcvbn:
          type: boolean
        hibp_allowed_count:
          type: integer
          maximum: 2147483647
          minimum: 0
          description: How many times the password hash is allowed to be on haveibeenpwned
        zxcvbn_score_threshold:
          type: integer
          maximum: 2147483647
          minimum: 0
          description: If the zxcvbn score is equal or less than this value, the policy
            will fail.
      required:
      - bound_to
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    PasswordPolicyRequest:
      type: object
      description: Password Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        password_field:
          type: string
          minLength: 1
          description: Field key to check, field keys defined in Prompt stages are
            available.
        amount_digits:
          type: integer
          maximum: 2147483647
          minimum: 0
        amount_uppercase:
          type: integer
          maximum: 2147483647
          minimum: 0
        amount_lowercase:
          type: integer
          maximum: 2147483647
          minimum: 0
        amount_symbols:
          type: integer
          maximum: 2147483647
          minimum: 0
        length_min:
          type: integer
          maximum: 2147483647
          minimum: 0
        symbol_charset:
          type: string
          minLength: 1
        error_message:
          type: string
        check_static_rules:
          type: boolean
        check_have_i_been_pwned:
          type: boolean
        check_zxcvbn:
          type: boolean
        hibp_allowed_count:
          type: integer
          maximum: 2147483647
          minimum: 0
          description: How many times the password hash is allowed to be on haveibeenpwned
        zxcvbn_score_threshold:
          type: integer
          maximum: 2147483647
          minimum: 0
          description: If the zxcvbn score is equal or less than this value, the policy
            will fail.
      required:
      - name
    PasswordStage:
      type: object
      description: PasswordStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        backends:
          type: array
          items:
            $ref: '#/components/schemas/BackendsEnum'
          description: Selection of backends to test the password against.
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        failed_attempts_before_cancel:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: How many attempts a user has before the flow is canceled. To
            lock the user out, use a reputation policy and a user_write stage.
      required:
      - backends
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    PasswordStageRequest:
      type: object
      description: PasswordStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        backends:
          type: array
          items:
            $ref: '#/components/schemas/BackendsEnum'
          description: Selection of backends to test the password against.
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        failed_attempts_before_cancel:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: How many attempts a user has before the flow is canceled. To
            lock the user out, use a reputation policy and a user_write stage.
      required:
      - backends
      - name
    PatchedApplicationRequest:
      type: object
      description: Application Serializer
      properties:
        name:
          type: string
          minLength: 1
          description: Application's display Name.
        slug:
          type: string
          minLength: 1
          description: Internal application name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        provider:
          type: integer
          nullable: true
        backchannel_providers:
          type: array
          items:
            type: integer
        open_in_new_tab:
          type: boolean
          description: Open launch URL in a new browser tab or window.
        meta_launch_url:
          type: string
          format: uri
        meta_description:
          type: string
        meta_publisher:
          type: string
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        group:
          type: string
    PatchedAuthenticateWebAuthnStageRequest:
      type: object
      description: AuthenticateWebAuthnStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
          minLength: 1
        user_verification:
          $ref: '#/components/schemas/UserVerificationEnum'
        authenticator_attachment:
          allOf:
          - $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
          nullable: true
        resident_key_requirement:
          $ref: '#/components/schemas/ResidentKeyRequirementEnum'
    PatchedAuthenticatorDuoStageRequest:
      type: object
      description: AuthenticatorDuoStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
          minLength: 1
        client_id:
          type: string
          minLength: 1
        client_secret:
          type: string
          writeOnly: true
          minLength: 1
        api_hostname:
          type: string
          minLength: 1
        admin_integration_key:
          type: string
        admin_secret_key:
          type: string
          writeOnly: true
    PatchedAuthenticatorSMSStageRequest:
      type: object
      description: AuthenticatorSMSStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
          minLength: 1
        provider:
          $ref: '#/components/schemas/ProviderEnum'
        from_number:
          type: string
          minLength: 1
        account_sid:
          type: string
          minLength: 1
        auth:
          type: string
          minLength: 1
        auth_password:
          type: string
        auth_type:
          $ref: '#/components/schemas/AuthTypeEnum'
        verify_only:
          type: boolean
          description: When enabled, the Phone number is only used during enrollment
            to verify the users authenticity. Only a hash of the phone number is saved
            to ensure it is not reused in the future.
        mapping:
          type: string
          format: uuid
          nullable: true
          description: Optionally modify the payload being sent to custom providers.
    PatchedAuthenticatorStaticStageRequest:
      type: object
      description: AuthenticatorStaticStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
          minLength: 1
        token_count:
          type: integer
          maximum: 2147483647
          minimum: 0
        token_length:
          type: integer
          maximum: 2147483647
          minimum: 0
    PatchedAuthenticatorTOTPStageRequest:
      type: object
      description: AuthenticatorTOTPStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        friendly_name:
          type: string
          nullable: true
          minLength: 1
        digits:
          allOf:
          - $ref: '#/components/schemas/DigitsEnum'
          minimum: -2147483648
          maximum: 2147483647
    PatchedAuthenticatorValidateStageRequest:
      type: object
      description: AuthenticatorValidateStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        not_configured_action:
          $ref: '#/components/schemas/NotConfiguredActionEnum'
        device_classes:
          type: array
          items:
            $ref: '#/components/schemas/DeviceClassesEnum'
          description: Device classes which can be used to authenticate
        configuration_stages:
          type: array
          items:
            type: string
            format: uuid
          description: Stages used to configure Authenticator when user doesn't have
            any compatible devices. After this configuration Stage passes, the user
            is not prompted again.
        last_auth_threshold:
          type: string
          minLength: 1
          description: If any of the user's device has been used within this threshold,
            this stage will be skipped
        webauthn_user_verification:
          allOf:
          - $ref: '#/components/schemas/UserVerificationEnum'
          description: |-
            Enforce user verification for WebAuthn devices.

            * `required` - Required
            * `preferred` - Preferred
            * `discouraged` - Discouraged
    PatchedBlueprintInstanceRequest:
      type: object
      description: Info about a single blueprint instance file
      properties:
        name:
          type: string
          minLength: 1
        path:
          type: string
          default: ''
        context:
          type: object
          additionalProperties: {}
        enabled:
          type: boolean
        content:
          type: string
    PatchedCaptchaStageRequest:
      type: object
      description: CaptchaStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        public_key:
          type: string
          minLength: 1
          description: Public key, acquired your captcha Provider.
        private_key:
          type: string
          writeOnly: true
          minLength: 1
          description: Private key, acquired your captcha Provider.
        js_url:
          type: string
          minLength: 1
        api_url:
          type: string
          minLength: 1
    PatchedCertificateKeyPairRequest:
      type: object
      description: CertificateKeyPair Serializer
      properties:
        name:
          type: string
          minLength: 1
        certificate_data:
          type: string
          writeOnly: true
          minLength: 1
          description: PEM-encoded Certificate data
        key_data:
          type: string
          writeOnly: true
          description: Optional Private Key. If this is set, you can use this keypair
            for encryption.
    PatchedConsentStageRequest:
      type: object
      description: ConsentStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        mode:
          $ref: '#/components/schemas/ConsentStageModeEnum'
        consent_expire_in:
          type: string
          minLength: 1
          title: Consent expires in
          description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
    PatchedDenyStageRequest:
      type: object
      description: DenyStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        deny_message:
          type: string
    PatchedDockerServiceConnectionRequest:
      type: object
      description: DockerServiceConnection Serializer
      properties:
        name:
          type: string
          minLength: 1
        local:
          type: boolean
          description: If enabled, use the local connection. Required Docker socket/Kubernetes
            Integration
        url:
          type: string
          minLength: 1
          description: Can be in the format of 'unix://<path>' when connecting to
            a local docker daemon, or 'https://<hostname>:2376' when connecting to
            a remote system.
        tls_verification:
          type: string
          format: uuid
          nullable: true
          description: CA which the endpoint's Certificate is verified against. Can
            be left empty for no validation.
        tls_authentication:
          type: string
          format: uuid
          nullable: true
          description: Certificate/Key used for authentication. Can be left empty
            for no authentication.
    PatchedDummyPolicyRequest:
      type: object
      description: Dummy Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        result:
          type: boolean
        wait_min:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        wait_max:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
    PatchedDummyStageRequest:
      type: object
      description: DummyStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        throw_error:
          type: boolean
    PatchedDuoDeviceRequest:
      type: object
      description: Serializer for Duo authenticator devices
      properties:
        name:
          type: string
          minLength: 1
          description: The human-readable name of this device.
          maxLength: 64
    PatchedEmailStageRequest:
      type: object
      description: EmailStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        use_global_settings:
          type: boolean
          description: When enabled, global Email connection settings will be used
            and connection settings below will be ignored.
        host:
          type: string
          minLength: 1
        port:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        username:
          type: string
        password:
          type: string
          writeOnly: true
        use_tls:
          type: boolean
        use_ssl:
          type: boolean
        timeout:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        from_address:
          type: string
          format: email
          minLength: 1
          maxLength: 254
        token_expiry:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: Time in minutes the token sent is valid.
        subject:
          type: string
          minLength: 1
        template:
          type: string
          minLength: 1
        activate_user_on_success:
          type: boolean
          description: Activate users upon completion of stage.
    PatchedEventMatcherPolicyRequest:
      type: object
      description: Event Matcher Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        action:
          allOf:
          - $ref: '#/components/schemas/EventActions'
          nullable: true
          description: |-
            Match created events with this action type. When left empty, all action types will be matched.

            * `login` - Login
            * `login_failed` - Login Failed
            * `logout` - Logout
            * `user_write` - User Write
            * `suspicious_request` - Suspicious Request
            * `password_set` - Password Set
            * `secret_view` - Secret View
            * `secret_rotate` - Secret Rotate
            * `invitation_used` - Invite Used
            * `authorize_application` - Authorize Application
            * `source_linked` - Source Linked
            * `impersonation_started` - Impersonation Started
            * `impersonation_ended` - Impersonation Ended
            * `flow_execution` - Flow Execution
            * `policy_execution` - Policy Execution
            * `policy_exception` - Policy Exception
            * `property_mapping_exception` - Property Mapping Exception
            * `system_task_execution` - System Task Execution
            * `system_task_exception` - System Task Exception
            * `system_exception` - System Exception
            * `configuration_error` - Configuration Error
            * `model_created` - Model Created
            * `model_updated` - Model Updated
            * `model_deleted` - Model Deleted
            * `email_sent` - Email Sent
            * `update_available` - Update Available
            * `custom_` - Custom Prefix
        client_ip:
          type: string
          nullable: true
          minLength: 1
          description: Matches Event's Client IP (strict matching, for network matching
            use an Expression Policy)
        app:
          allOf:
          - $ref: '#/components/schemas/AppEnum'
          nullable: true
          description: |-
            Match events created by selected application. When left empty, all applications are matched.

            * `authentik.admin` - authentik Admin
            * `authentik.api` - authentik API
            * `authentik.crypto` - authentik Crypto
            * `authentik.events` - authentik Events
            * `authentik.flows` - authentik Flows
            * `authentik.outposts` - authentik Outpost
            * `authentik.policies.dummy` - authentik Policies.Dummy
            * `authentik.policies.event_matcher` - authentik Policies.Event Matcher
            * `authentik.policies.expiry` - authentik Policies.Expiry
            * `authentik.policies.expression` - authentik Policies.Expression
            * `authentik.policies.password` - authentik Policies.Password
            * `authentik.policies.reputation` - authentik Policies.Reputation
            * `authentik.policies` - authentik Policies
            * `authentik.providers.ldap` - authentik Providers.LDAP
            * `authentik.providers.oauth2` - authentik Providers.OAuth2
            * `authentik.providers.proxy` - authentik Providers.Proxy
            * `authentik.providers.radius` - authentik Providers.Radius
            * `authentik.providers.saml` - authentik Providers.SAML
            * `authentik.providers.scim` - authentik Providers.SCIM
            * `authentik.rbac` - authentik RBAC
            * `authentik.recovery` - authentik Recovery
            * `authentik.sources.ldap` - authentik Sources.LDAP
            * `authentik.sources.oauth` - authentik Sources.OAuth
            * `authentik.sources.plex` - authentik Sources.Plex
            * `authentik.sources.saml` - authentik Sources.SAML
            * `authentik.stages.authenticator` - authentik Stages.Authenticator
            * `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
            * `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
            * `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
            * `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
            * `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
            * `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
            * `authentik.stages.captcha` - authentik Stages.Captcha
            * `authentik.stages.consent` - authentik Stages.Consent
            * `authentik.stages.deny` - authentik Stages.Deny
            * `authentik.stages.dummy` - authentik Stages.Dummy
            * `authentik.stages.email` - authentik Stages.Email
            * `authentik.stages.identification` - authentik Stages.Identification
            * `authentik.stages.invitation` - authentik Stages.User Invitation
            * `authentik.stages.password` - authentik Stages.Password
            * `authentik.stages.prompt` - authentik Stages.Prompt
            * `authentik.stages.user_delete` - authentik Stages.User Delete
            * `authentik.stages.user_login` - authentik Stages.User Login
            * `authentik.stages.user_logout` - authentik Stages.User Logout
            * `authentik.stages.user_write` - authentik Stages.User Write
            * `authentik.tenants` - authentik Tenants
            * `authentik.blueprints` - authentik Blueprints
            * `authentik.core` - authentik Core
            * `authentik.enterprise` - authentik Enterprise
        model:
          allOf:
          - $ref: '#/components/schemas/ModelEnum'
          nullable: true
          description: |-
            Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

            * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
            * `authentik_events.event` - Event
            * `authentik_events.notificationtransport` - Notification Transport
            * `authentik_events.notification` - Notification
            * `authentik_events.notificationrule` - Notification Rule
            * `authentik_events.notificationwebhookmapping` - Webhook Mapping
            * `authentik_flows.flow` - Flow
            * `authentik_flows.flowstagebinding` - Flow Stage Binding
            * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
            * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
            * `authentik_outposts.outpost` - Outpost
            * `authentik_policies_dummy.dummypolicy` - Dummy Policy
            * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
            * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
            * `authentik_policies_expression.expressionpolicy` - Expression Policy
            * `authentik_policies_password.passwordpolicy` - Password Policy
            * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
            * `authentik_policies_reputation.reputation` - Reputation Score
            * `authentik_policies.policybinding` - Policy Binding
            * `authentik_providers_ldap.ldapprovider` - LDAP Provider
            * `authentik_providers_oauth2.scopemapping` - Scope Mapping
            * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
            * `authentik_providers_oauth2.authorizationcode` - Authorization Code
            * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
            * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
            * `authentik_providers_proxy.proxyprovider` - Proxy Provider
            * `authentik_providers_radius.radiusprovider` - Radius Provider
            * `authentik_providers_saml.samlprovider` - SAML Provider
            * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
            * `authentik_providers_scim.scimprovider` - SCIM Provider
            * `authentik_providers_scim.scimmapping` - SCIM Mapping
            * `authentik_rbac.role` - Role
            * `authentik_sources_ldap.ldapsource` - LDAP Source
            * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
            * `authentik_sources_oauth.oauthsource` - OAuth Source
            * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
            * `authentik_sources_plex.plexsource` - Plex Source
            * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
            * `authentik_sources_saml.samlsource` - SAML Source
            * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
            * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
            * `authentik_stages_authenticator_duo.duodevice` - Duo Device
            * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
            * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
            * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
            * `authentik_stages_authenticator_static.staticdevice` - Static Device
            * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
            * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
            * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
            * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
            * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
            * `authentik_stages_captcha.captchastage` - Captcha Stage
            * `authentik_stages_consent.consentstage` - Consent Stage
            * `authentik_stages_consent.userconsent` - User Consent
            * `authentik_stages_deny.denystage` - Deny Stage
            * `authentik_stages_dummy.dummystage` - Dummy Stage
            * `authentik_stages_email.emailstage` - Email Stage
            * `authentik_stages_identification.identificationstage` - Identification Stage
            * `authentik_stages_invitation.invitationstage` - Invitation Stage
            * `authentik_stages_invitation.invitation` - Invitation
            * `authentik_stages_password.passwordstage` - Password Stage
            * `authentik_stages_prompt.prompt` - Prompt
            * `authentik_stages_prompt.promptstage` - Prompt Stage
            * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
            * `authentik_stages_user_login.userloginstage` - User Login Stage
            * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
            * `authentik_stages_user_write.userwritestage` - User Write Stage
            * `authentik_tenants.tenant` - Tenant
            * `authentik_blueprints.blueprintinstance` - Blueprint Instance
            * `authentik_core.group` - Group
            * `authentik_core.user` - User
            * `authentik_core.application` - Application
            * `authentik_core.token` - Token
            * `authentik_enterprise.license` - License
    PatchedEventRequest:
      type: object
      description: Event Serializer
      properties:
        user:
          type: object
          additionalProperties: {}
        action:
          $ref: '#/components/schemas/EventActions'
        app:
          type: string
          minLength: 1
        context:
          type: object
          additionalProperties: {}
        client_ip:
          type: string
          nullable: true
          minLength: 1
        expires:
          type: string
          format: date-time
        tenant:
          type: object
          additionalProperties: {}
    PatchedExpressionPolicyRequest:
      type: object
      description: Group Membership Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        expression:
          type: string
          minLength: 1
    PatchedFlowRequest:
      type: object
      description: Flow Serializer
      properties:
        name:
          type: string
          minLength: 1
        slug:
          type: string
          minLength: 1
          description: Visible in the URL.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        title:
          type: string
          minLength: 1
          description: Shown as the Title in Flow pages.
        designation:
          allOf:
          - $ref: '#/components/schemas/FlowDesignationEnum'
          description: |-
            Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

            * `authentication` - Authentication
            * `authorization` - Authorization
            * `invalidation` - Invalidation
            * `enrollment` - Enrollment
            * `unenrollment` - Unrenollment
            * `recovery` - Recovery
            * `stage_configuration` - Stage Configuration
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        compatibility_mode:
          type: boolean
          description: Enable compatibility mode, increases compatibility with password
            managers on mobile devices.
        layout:
          $ref: '#/components/schemas/LayoutEnum'
        denied_action:
          allOf:
          - $ref: '#/components/schemas/DeniedActionEnum'
          description: |-
            Configure what should happen when a flow denies access to a user.

            * `message_continue` - Message Continue
            * `message` - Message
            * `continue` - Continue
        authentication:
          allOf:
          - $ref: '#/components/schemas/AuthenticationEnum'
          description: |-
            Required level of authentication and authorization to access a flow.

            * `none` - None
            * `require_authenticated` - Require Authenticated
            * `require_unauthenticated` - Require Unauthenticated
            * `require_superuser` - Require Superuser
    PatchedFlowStageBindingRequest:
      type: object
      description: FlowStageBinding Serializer
      properties:
        target:
          type: string
          format: uuid
        stage:
          type: string
          format: uuid
        evaluate_on_plan:
          type: boolean
          description: Evaluate policies during the Flow planning process.
        re_evaluate_policies:
          type: boolean
          description: Evaluate policies when the Stage is present to the user.
        order:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        invalid_response_action:
          allOf:
          - $ref: '#/components/schemas/InvalidResponseActionEnum'
          description: |-
            Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

            * `retry` - Retry
            * `restart` - Restart
            * `restart_with_context` - Restart With Context
    PatchedGroupRequest:
      type: object
      description: Group Serializer
      properties:
        name:
          type: string
          minLength: 1
          maxLength: 80
        is_superuser:
          type: boolean
          description: Users added to this group will be superusers.
        parent:
          type: string
          format: uuid
          nullable: true
        users:
          type: array
          items:
            type: integer
        attributes:
          type: object
          additionalProperties: {}
        roles:
          type: array
          items:
            type: string
            format: uuid
    PatchedIdentificationStageRequest:
      type: object
      description: IdentificationStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        user_fields:
          type: array
          items:
            $ref: '#/components/schemas/UserFieldsEnum'
          description: Fields of the user object to match against. (Hold shift to
            select multiple options)
        password_stage:
          type: string
          format: uuid
          nullable: true
          description: When set, shows a password field, instead of showing the password
            field as seaprate step.
        case_insensitive_matching:
          type: boolean
          description: When enabled, user fields are matched regardless of their casing.
        show_matched_user:
          type: boolean
          description: When a valid username/email has been entered, and this option
            is enabled, the user's username and avatar will be shown. Otherwise, the
            text that the user entered will be shown
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Optional enrollment flow, which is linked at the bottom of
            the page.
        recovery_flow:
          type: string
          format: uuid
          nullable: true
          description: Optional recovery flow, which is linked at the bottom of the
            page.
        passwordless_flow:
          type: string
          format: uuid
          nullable: true
          description: Optional passwordless flow, which is linked at the bottom of
            the page.
        sources:
          type: array
          items:
            type: string
            format: uuid
          description: Specify which sources should be shown.
        show_source_labels:
          type: boolean
    PatchedInvitationRequest:
      type: object
      description: Invitation Serializer
      properties:
        name:
          type: string
          minLength: 1
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        expires:
          type: string
          format: date-time
        fixed_data:
          type: object
          additionalProperties: {}
        single_use:
          type: boolean
          description: When enabled, the invitation will be deleted after usage.
        flow:
          type: string
          format: uuid
          nullable: true
          description: When set, only the configured flow can use this invitation.
    PatchedInvitationStageRequest:
      type: object
      description: InvitationStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        continue_flow_without_invitation:
          type: boolean
          description: If this flag is set, this Stage will jump to the next Stage
            when no Invitation is given. By default this Stage will cancel the Flow
            when no invitation is given.
    PatchedKubernetesServiceConnectionRequest:
      type: object
      description: KubernetesServiceConnection Serializer
      properties:
        name:
          type: string
          minLength: 1
        local:
          type: boolean
          description: If enabled, use the local connection. Required Docker socket/Kubernetes
            Integration
        kubeconfig:
          type: object
          additionalProperties: {}
          description: Paste your kubeconfig here. authentik will automatically use
            the currently selected context.
        verify_ssl:
          type: boolean
          description: Verify SSL Certificates of the Kubernetes API endpoint
    PatchedLDAPPropertyMappingRequest:
      type: object
      description: LDAP PropertyMapping Serializer
      properties:
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
          minLength: 1
        expression:
          type: string
          minLength: 1
        object_field:
          type: string
          minLength: 1
    PatchedLDAPProviderRequest:
      type: object
      description: LDAPProvider Serializer
      properties:
        name:
          type: string
          minLength: 1
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        base_dn:
          type: string
          minLength: 1
          description: DN under which objects are accessible.
        search_group:
          type: string
          format: uuid
          nullable: true
          description: Users in this group can do search queries. If not set, every
            user can execute search queries.
        certificate:
          type: string
          format: uuid
          nullable: true
        tls_server_name:
          type: string
        uid_start_number:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: The start for uidNumbers, this number is added to the user.pk
            to make sure that the numbers aren't too low for POSIX users. Default
            is 2000 to ensure that we don't collide with local users uidNumber
        gid_start_number:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: The start for gidNumbers, this number is added to a number
            generated from the group.pk to make sure that the numbers aren't too low
            for POSIX groups. Default is 4000 to ensure that we don't collide with
            local groups or users primary groups gidNumber
        search_mode:
          $ref: '#/components/schemas/LDAPAPIAccessMode'
        bind_mode:
          $ref: '#/components/schemas/LDAPAPIAccessMode'
        mfa_support:
          type: boolean
          description: When enabled, code-based multi-factor authentication can be
            used by appending a semicolon and the TOTP code to the password. This
            should only be enabled if all users that will bind to this provider have
            a TOTP device configured, as otherwise a password may incorrectly be rejected
            if it contains a semicolon.
    PatchedLDAPSourceRequest:
      type: object
      description: LDAP Source Serializer
      properties:
        name:
          type: string
          minLength: 1
          description: Source's display Name.
        slug:
          type: string
          minLength: 1
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        user_path_template:
          type: string
          minLength: 1
        server_uri:
          type: string
          minLength: 1
          format: uri
        peer_certificate:
          type: string
          format: uuid
          nullable: true
          description: Optionally verify the LDAP Server's Certificate against the
            CA Chain in this keypair.
        client_certificate:
          type: string
          format: uuid
          nullable: true
          description: Client certificate to authenticate against the LDAP Server's
            Certificate.
        bind_cn:
          type: string
        bind_password:
          type: string
          writeOnly: true
        start_tls:
          type: boolean
          title: Enable Start TLS
        sni:
          type: boolean
          title: Use Server URI for SNI verification
        base_dn:
          type: string
          minLength: 1
        additional_user_dn:
          type: string
          title: Addition User DN
          description: Prepended to Base DN for User-queries.
        additional_group_dn:
          type: string
          title: Addition Group DN
          description: Prepended to Base DN for Group-queries.
        user_object_filter:
          type: string
          minLength: 1
          description: Consider Objects matching this filter to be Users.
        group_object_filter:
          type: string
          minLength: 1
          description: Consider Objects matching this filter to be Groups.
        group_membership_field:
          type: string
          minLength: 1
          description: Field which contains members of a group.
        object_uniqueness_field:
          type: string
          minLength: 1
          description: Field which contains a unique Identifier.
        sync_users:
          type: boolean
        sync_users_password:
          type: boolean
          description: When a user changes their password, sync it back to LDAP. This
            can only be enabled on a single LDAP source.
        sync_groups:
          type: boolean
        sync_parent_group:
          type: string
          format: uuid
          nullable: true
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        property_mappings_group:
          type: array
          items:
            type: string
            format: uuid
          description: Property mappings used for group creation/updating.
    PatchedLicenseRequest:
      type: object
      description: License Serializer
      properties:
        key:
          type: string
          minLength: 1
    PatchedNotificationRequest:
      type: object
      description: Notification Serializer
      properties:
        event:
          $ref: '#/components/schemas/EventRequest'
        seen:
          type: boolean
    PatchedNotificationRuleRequest:
      type: object
      description: NotificationRule Serializer
      properties:
        name:
          type: string
          minLength: 1
        transports:
          type: array
          items:
            type: string
            format: uuid
          description: Select which transports should be used to notify the user.
            If none are selected, the notification will only be shown in the authentik
            UI.
        severity:
          allOf:
          - $ref: '#/components/schemas/SeverityEnum'
          description: |-
            Controls which severity level the created notifications will have.

            * `notice` - Notice
            * `warning` - Warning
            * `alert` - Alert
        group:
          type: string
          format: uuid
          nullable: true
          description: Define which group of users this notification should be sent
            and shown to. If left empty, Notification won't ben sent.
    PatchedNotificationTransportRequest:
      type: object
      description: NotificationTransport Serializer
      properties:
        name:
          type: string
          minLength: 1
        mode:
          $ref: '#/components/schemas/NotificationTransportModeEnum'
        webhook_url:
          type: string
          format: uri
        webhook_mapping:
          type: string
          format: uuid
          nullable: true
        send_once:
          type: boolean
          description: Only send notification once, for example when sending a webhook
            into a chat channel.
    PatchedNotificationWebhookMappingRequest:
      type: object
      description: NotificationWebhookMapping Serializer
      properties:
        name:
          type: string
          minLength: 1
        expression:
          type: string
          minLength: 1
    PatchedOAuth2ProviderRequest:
      type: object
      description: OAuth2Provider Serializer
      properties:
        name:
          type: string
          minLength: 1
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        client_type:
          allOf:
          - $ref: '#/components/schemas/ClientTypeEnum'
          description: |-
            Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

            * `confidential` - Confidential
            * `public` - Public
        client_id:
          type: string
          minLength: 1
          maxLength: 255
        client_secret:
          type: string
          maxLength: 255
        access_code_validity:
          type: string
          minLength: 1
          description: 'Access codes not valid on or after current time + this value
            (Format: hours=1;minutes=2;seconds=3).'
        access_token_validity:
          type: string
          minLength: 1
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        refresh_token_validity:
          type: string
          minLength: 1
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        include_claims_in_id_token:
          type: boolean
          description: Include User claims from scopes in the id_token, for applications
            that don't access the userinfo endpoint.
        signing_key:
          type: string
          format: uuid
          nullable: true
          description: Key used to sign the tokens. Only required when JWT Algorithm
            is set to RS256.
        redirect_uris:
          type: string
          description: Enter each URI on a new line.
        sub_mode:
          allOf:
          - $ref: '#/components/schemas/SubModeEnum'
          description: |-
            Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

            * `hashed_user_id` - Based on the Hashed User ID
            * `user_id` - Based on user ID
            * `user_uuid` - Based on user UUID
            * `user_username` - Based on the username
            * `user_email` - Based on the User's Email. This is recommended over the UPN method.
            * `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
        issuer_mode:
          allOf:
          - $ref: '#/components/schemas/IssuerModeEnum'
          description: |-
            Configure how the issuer field of the ID Token should be filled.

            * `global` - Same identifier is used for all providers
            * `per_provider` - Each provider has a different issuer, based on the application slug.
        jwks_sources:
          type: array
          items:
            type: string
            format: uuid
            title: Any JWT signed by the JWK of the selected source can be used to
              authenticate.
          title: Any JWT signed by the JWK of the selected source can be used to authenticate.
    PatchedOAuthSourceRequest:
      type: object
      description: OAuth Source Serializer
      properties:
        name:
          type: string
          minLength: 1
          description: Source's display Name.
        slug:
          type: string
          minLength: 1
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        user_path_template:
          type: string
          minLength: 1
        provider_type:
          $ref: '#/components/schemas/ProviderTypeEnum'
        request_token_url:
          type: string
          nullable: true
          minLength: 1
          description: URL used to request the initial token. This URL is only required
            for OAuth 1.
          maxLength: 255
        authorization_url:
          type: string
          nullable: true
          minLength: 1
          description: URL the user is redirect to to conest the flow.
          maxLength: 255
        access_token_url:
          type: string
          nullable: true
          minLength: 1
          description: URL used by authentik to retrieve tokens.
          maxLength: 255
        profile_url:
          type: string
          nullable: true
          minLength: 1
          description: URL used by authentik to get user information.
          maxLength: 255
        consumer_key:
          type: string
          minLength: 1
        consumer_secret:
          type: string
          writeOnly: true
          minLength: 1
        additional_scopes:
          type: string
        oidc_well_known_url:
          type: string
        oidc_jwks_url:
          type: string
        oidc_jwks:
          type: object
          additionalProperties: {}
    PatchedOutpostRequest:
      type: object
      description: Outpost Serializer
      properties:
        name:
          type: string
          minLength: 1
        type:
          $ref: '#/components/schemas/OutpostTypeEnum'
        providers:
          type: array
          items:
            type: integer
        service_connection:
          type: string
          format: uuid
          nullable: true
          description: Select Service-Connection authentik should use to manage this
            outpost. Leave empty if authentik should not handle the deployment.
        config:
          type: object
          additionalProperties: {}
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
    PatchedPasswordExpiryPolicyRequest:
      type: object
      description: Password Expiry Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        days:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        deny_only:
          type: boolean
    PatchedPasswordPolicyRequest:
      type: object
      description: Password Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        password_field:
          type: string
          minLength: 1
          description: Field key to check, field keys defined in Prompt stages are
            available.
        amount_digits:
          type: integer
          maximum: 2147483647
          minimum: 0
        amount_uppercase:
          type: integer
          maximum: 2147483647
          minimum: 0
        amount_lowercase:
          type: integer
          maximum: 2147483647
          minimum: 0
        amount_symbols:
          type: integer
          maximum: 2147483647
          minimum: 0
        length_min:
          type: integer
          maximum: 2147483647
          minimum: 0
        symbol_charset:
          type: string
          minLength: 1
        error_message:
          type: string
        check_static_rules:
          type: boolean
        check_have_i_been_pwned:
          type: boolean
        check_zxcvbn:
          type: boolean
        hibp_allowed_count:
          type: integer
          maximum: 2147483647
          minimum: 0
          description: How many times the password hash is allowed to be on haveibeenpwned
        zxcvbn_score_threshold:
          type: integer
          maximum: 2147483647
          minimum: 0
          description: If the zxcvbn score is equal or less than this value, the policy
            will fail.
    PatchedPasswordStageRequest:
      type: object
      description: PasswordStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        backends:
          type: array
          items:
            $ref: '#/components/schemas/BackendsEnum'
          description: Selection of backends to test the password against.
        configure_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used by an authenticated user to configure this Stage.
            If empty, user will not be able to configure this stage.
        failed_attempts_before_cancel:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
          description: How many attempts a user has before the flow is canceled. To
            lock the user out, use a reputation policy and a user_write stage.
    PatchedPermissionAssignRequest:
      type: object
      description: Request to assign a new permission
      properties:
        permissions:
          type: array
          items:
            type: string
            minLength: 1
        model:
          $ref: '#/components/schemas/ModelEnum'
        object_pk:
          type: string
          minLength: 1
    PatchedPlexSourceConnectionRequest:
      type: object
      description: Plex Source connection Serializer
      properties:
        identifier:
          type: string
          minLength: 1
        plex_token:
          type: string
          minLength: 1
    PatchedPlexSourceRequest:
      type: object
      description: Plex Source Serializer
      properties:
        name:
          type: string
          minLength: 1
          description: Source's display Name.
        slug:
          type: string
          minLength: 1
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        user_path_template:
          type: string
          minLength: 1
        client_id:
          type: string
          minLength: 1
          description: Client identifier used to talk to Plex.
        allowed_servers:
          type: array
          items:
            type: string
            minLength: 1
          description: Which servers a user has to be a member of to be granted access.
            Empty list allows every server.
        allow_friends:
          type: boolean
          description: Allow friends to authenticate, even if you don't share a server.
        plex_token:
          type: string
          minLength: 1
          description: Plex token used to check friends
    PatchedPolicyBindingRequest:
      type: object
      description: PolicyBinding Serializer
      properties:
        policy:
          type: string
          format: uuid
          nullable: true
        group:
          type: string
          format: uuid
          nullable: true
        user:
          type: integer
          nullable: true
        target:
          type: string
          format: uuid
        negate:
          type: boolean
          description: Negates the outcome of the policy. Messages are unaffected.
        enabled:
          type: boolean
        order:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        timeout:
          type: integer
          maximum: 2147483647
          minimum: 0
          description: Timeout after which Policy execution is terminated.
        failure_result:
          type: boolean
          description: Result if the Policy execution fails.
    PatchedPromptRequest:
      type: object
      description: Prompt Serializer
      properties:
        name:
          type: string
          minLength: 1
        field_key:
          type: string
          minLength: 1
          description: Name of the form field, also used to store the value
        label:
          type: string
          minLength: 1
        type:
          $ref: '#/components/schemas/PromptTypeEnum'
        required:
          type: boolean
        placeholder:
          type: string
          description: Optionally provide a short hint that describes the expected
            input value. When creating a fixed choice field, enable interpreting as
            expression and return a list to return multiple choices.
        initial_value:
          type: string
          description: Optionally pre-fill the input with an initial value. When creating
            a fixed choice field, enable interpreting as expression and return a list
            to return multiple default choices.
        order:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        promptstage_set:
          type: array
          items:
            $ref: '#/components/schemas/StageRequest'
        sub_text:
          type: string
        placeholder_expression:
          type: boolean
        initial_value_expression:
          type: boolean
    PatchedPromptStageRequest:
      type: object
      description: PromptStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        fields:
          type: array
          items:
            type: string
            format: uuid
        validation_policies:
          type: array
          items:
            type: string
            format: uuid
    PatchedProxyProviderRequest:
      type: object
      description: ProxyProvider Serializer
      properties:
        name:
          type: string
          minLength: 1
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        internal_host:
          type: string
          format: uri
        external_host:
          type: string
          minLength: 1
          format: uri
        internal_host_ssl_validation:
          type: boolean
          description: Validate SSL Certificates of upstream servers
        certificate:
          type: string
          format: uuid
          nullable: true
        skip_path_regex:
          type: string
          description: Regular expressions for which authentication is not required.
            Each new line is interpreted as a new Regular Expression.
        basic_auth_enabled:
          type: boolean
          title: Set HTTP-Basic Authentication
          description: Set a custom HTTP-Basic Authentication header based on values
            from authentik.
        basic_auth_password_attribute:
          type: string
          title: HTTP-Basic Password Key
          description: User/Group Attribute used for the password part of the HTTP-Basic
            Header.
        basic_auth_user_attribute:
          type: string
          title: HTTP-Basic Username Key
          description: User/Group Attribute used for the user part of the HTTP-Basic
            Header. If not set, the user's Email address is used.
        mode:
          allOf:
          - $ref: '#/components/schemas/ProxyMode'
          description: |-
            Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

            * `proxy` - Proxy
            * `forward_single` - Forward Single
            * `forward_domain` - Forward Domain
        intercept_header_auth:
          type: boolean
          description: When enabled, this provider will intercept the authorization
            header and authenticate requests based on its value.
        cookie_domain:
          type: string
        jwks_sources:
          type: array
          items:
            type: string
            format: uuid
            title: Any JWT signed by the JWK of the selected source can be used to
              authenticate.
          title: Any JWT signed by the JWK of the selected source can be used to authenticate.
        access_token_validity:
          type: string
          minLength: 1
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        refresh_token_validity:
          type: string
          minLength: 1
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
    PatchedRadiusProviderRequest:
      type: object
      description: RadiusProvider Serializer
      properties:
        name:
          type: string
          minLength: 1
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        client_networks:
          type: string
          minLength: 1
          description: List of CIDRs (comma-separated) that clients can connect from.
            A more specific CIDR will match before a looser one. Clients connecting
            from a non-specified CIDR will be dropped.
        shared_secret:
          type: string
          minLength: 1
          description: Shared secret between clients and server to hash packets.
        mfa_support:
          type: boolean
          description: When enabled, code-based multi-factor authentication can be
            used by appending a semicolon and the TOTP code to the password. This
            should only be enabled if all users that will bind to this provider have
            a TOTP device configured, as otherwise a password may incorrectly be rejected
            if it contains a semicolon.
    PatchedReputationPolicyRequest:
      type: object
      description: Reputation Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        check_ip:
          type: boolean
        check_username:
          type: boolean
        threshold:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
    PatchedRoleRequest:
      type: object
      description: Role serializer
      properties:
        name:
          type: string
          minLength: 1
          maxLength: 150
    PatchedSAMLPropertyMappingRequest:
      type: object
      description: SAMLPropertyMapping Serializer
      properties:
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
          minLength: 1
        expression:
          type: string
          minLength: 1
        saml_name:
          type: string
          minLength: 1
        friendly_name:
          type: string
          nullable: true
    PatchedSAMLProviderRequest:
      type: object
      description: SAMLProvider Serializer
      properties:
        name:
          type: string
          minLength: 1
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        acs_url:
          type: string
          format: uri
          minLength: 1
          maxLength: 200
        audience:
          type: string
          description: Value of the audience restriction field of the assertion. When
            left empty, no audience restriction will be added.
        issuer:
          type: string
          minLength: 1
          description: Also known as EntityID
        assertion_valid_not_before:
          type: string
          minLength: 1
          description: 'Assertion valid not before current time + this value (Format:
            hours=-1;minutes=-2;seconds=-3).'
        assertion_valid_not_on_or_after:
          type: string
          minLength: 1
          description: 'Assertion not valid on or after current time + this value
            (Format: hours=1;minutes=2;seconds=3).'
        session_valid_not_on_or_after:
          type: string
          minLength: 1
          description: 'Session not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        name_id_mapping:
          type: string
          format: uuid
          nullable: true
          title: NameID Property Mapping
          description: Configure how the NameID value will be created. When left empty,
            the NameIDPolicy of the incoming request will be considered
        digest_algorithm:
          $ref: '#/components/schemas/DigestAlgorithmEnum'
        signature_algorithm:
          $ref: '#/components/schemas/SignatureAlgorithmEnum'
        signing_kp:
          type: string
          format: uuid
          nullable: true
          title: Signing Keypair
          description: Keypair used to sign outgoing Responses going to the Service
            Provider.
        verification_kp:
          type: string
          format: uuid
          nullable: true
          title: Verification Certificate
          description: When selected, incoming assertion's Signatures will be validated
            against this certificate. To allow unsigned Requests, leave on default.
        sp_binding:
          allOf:
          - $ref: '#/components/schemas/SpBindingEnum'
          title: Service Provider Binding
          description: |-
            This determines how authentik sends the response back to the Service Provider.

            * `redirect` - Redirect
            * `post` - Post
        default_relay_state:
          type: string
          description: Default relay_state value for IDP-initiated logins
    PatchedSAMLSourceRequest:
      type: object
      description: SAMLSource Serializer
      properties:
        name:
          type: string
          minLength: 1
          description: Source's display Name.
        slug:
          type: string
          minLength: 1
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        user_path_template:
          type: string
          minLength: 1
        pre_authentication_flow:
          type: string
          format: uuid
          description: Flow used before authentication.
        issuer:
          type: string
          description: Also known as Entity ID. Defaults the Metadata URL.
        sso_url:
          type: string
          format: uri
          minLength: 1
          description: URL that the initial Login request is sent to.
          maxLength: 200
        slo_url:
          type: string
          format: uri
          nullable: true
          description: Optional URL if your IDP supports Single-Logout.
          maxLength: 200
        allow_idp_initiated:
          type: boolean
          description: Allows authentication flows initiated by the IdP. This can
            be a security risk, as no validation of the request ID is done.
        name_id_policy:
          allOf:
          - $ref: '#/components/schemas/NameIdPolicyEnum'
          description: |-
            NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

            * `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
        binding_type:
          $ref: '#/components/schemas/BindingTypeEnum'
        verification_kp:
          type: string
          format: uuid
          nullable: true
          title: Verification Certificate
          description: When selected, incoming assertion's Signatures will be validated
            against this certificate. To allow unsigned Requests, leave on default.
        signing_kp:
          type: string
          format: uuid
          nullable: true
          title: Signing Keypair
          description: Keypair used to sign outgoing Responses going to the Identity
            Provider.
        digest_algorithm:
          $ref: '#/components/schemas/DigestAlgorithmEnum'
        signature_algorithm:
          $ref: '#/components/schemas/SignatureAlgorithmEnum'
        temporary_user_delete_after:
          type: string
          minLength: 1
          title: Delete temporary users after
          description: 'Time offset when temporary users should be deleted. This only
            applies if your IDP uses the NameID Format ''transient'', and the user
            doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
    PatchedSCIMMappingRequest:
      type: object
      description: SCIMMapping Serializer
      properties:
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
          minLength: 1
        expression:
          type: string
          minLength: 1
    PatchedSCIMProviderRequest:
      type: object
      description: SCIMProvider Serializer
      properties:
        name:
          type: string
          minLength: 1
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        property_mappings_group:
          type: array
          items:
            type: string
            format: uuid
          description: Property mappings used for group creation/updating.
        url:
          type: string
          minLength: 1
          description: Base URL to SCIM requests, usually ends in /v2
        token:
          type: string
          minLength: 1
          description: Authentication token
        exclude_users_service_account:
          type: boolean
        filter_group:
          type: string
          format: uuid
          nullable: true
    PatchedSMSDeviceRequest:
      type: object
      description: Serializer for sms authenticator devices
      properties:
        name:
          type: string
          minLength: 1
          description: The human-readable name of this device.
          maxLength: 64
    PatchedScopeMappingRequest:
      type: object
      description: ScopeMapping Serializer
      properties:
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
          minLength: 1
        expression:
          type: string
          minLength: 1
        scope_name:
          type: string
          minLength: 1
          description: Scope name requested by the client
        description:
          type: string
          description: Description shown to the user when consenting. If left empty,
            the user won't be informed.
    PatchedStaticDeviceRequest:
      type: object
      description: Serializer for static authenticator devices
      properties:
        name:
          type: string
          minLength: 1
          description: The human-readable name of this device.
          maxLength: 64
    PatchedTOTPDeviceRequest:
      type: object
      description: Serializer for totp authenticator devices
      properties:
        name:
          type: string
          minLength: 1
          description: The human-readable name of this device.
          maxLength: 64
    PatchedTenantRequest:
      type: object
      description: Tenant Serializer
      properties:
        domain:
          type: string
          minLength: 1
          description: Domain that activates this tenant. Can be a superset, i.e.
            `a.b` for `aa.b` and `ba.b`
        default:
          type: boolean
        branding_title:
          type: string
          minLength: 1
        branding_logo:
          type: string
          minLength: 1
        branding_favicon:
          type: string
          minLength: 1
        flow_authentication:
          type: string
          format: uuid
          nullable: true
        flow_invalidation:
          type: string
          format: uuid
          nullable: true
        flow_recovery:
          type: string
          format: uuid
          nullable: true
        flow_unenrollment:
          type: string
          format: uuid
          nullable: true
        flow_user_settings:
          type: string
          format: uuid
          nullable: true
        flow_device_code:
          type: string
          format: uuid
          nullable: true
        event_retention:
          type: string
          minLength: 1
          description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
        web_certificate:
          type: string
          format: uuid
          nullable: true
          description: Web Certificate used by the authentik Core webserver.
        attributes:
          type: object
          additionalProperties: {}
    PatchedTokenRequest:
      type: object
      description: Token Serializer
      properties:
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        identifier:
          type: string
          minLength: 1
          maxLength: 255
          pattern: ^[-a-zA-Z0-9_]+$
        intent:
          $ref: '#/components/schemas/IntentEnum'
        user:
          type: integer
        description:
          type: string
        expires:
          type: string
          format: date-time
        expiring:
          type: boolean
    PatchedUserDeleteStageRequest:
      type: object
      description: UserDeleteStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
    PatchedUserLoginStageRequest:
      type: object
      description: UserLoginStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        session_duration:
          type: string
          minLength: 1
          description: 'Determines how long a session lasts. Default of 0 means that
            the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
        terminate_other_sessions:
          type: boolean
          description: Terminate all other sessions of the user logging in.
        remember_me_offset:
          type: string
          minLength: 1
          description: 'Offset the session will be extended by when the user picks
            the remember me option. Default of 0 means that the remember me option
            will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
    PatchedUserLogoutStageRequest:
      type: object
      description: UserLogoutStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
    PatchedUserOAuthSourceConnectionRequest:
      type: object
      description: OAuth Source Serializer
      properties:
        user:
          type: integer
        identifier:
          type: string
          minLength: 1
          maxLength: 255
        access_token:
          type: string
          writeOnly: true
          nullable: true
    PatchedUserRequest:
      type: object
      description: User Serializer
      properties:
        username:
          type: string
          minLength: 1
          maxLength: 150
        name:
          type: string
          description: User's display name.
        is_active:
          type: boolean
          title: Active
          description: Designates whether this user should be treated as active. Unselect
            this instead of deleting accounts.
        last_login:
          type: string
          format: date-time
          nullable: true
        groups:
          type: array
          items:
            type: string
            format: uuid
        email:
          type: string
          format: email
          title: Email address
          maxLength: 254
        attributes:
          type: object
          additionalProperties: {}
        path:
          type: string
          minLength: 1
        type:
          $ref: '#/components/schemas/UserTypeEnum'
    PatchedUserSAMLSourceConnectionRequest:
      type: object
      description: SAML Source Serializer
      properties:
        user:
          type: integer
        identifier:
          type: string
          minLength: 1
    PatchedUserWriteStageRequest:
      type: object
      description: UserWriteStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        user_creation_mode:
          $ref: '#/components/schemas/UserCreationModeEnum'
        create_users_as_inactive:
          type: boolean
          description: When set, newly created users are inactive and cannot login.
        create_users_group:
          type: string
          format: uuid
          nullable: true
          description: Optionally add newly created users to this group.
        user_type:
          $ref: '#/components/schemas/UserTypeEnum'
        user_path_template:
          type: string
    PatchedWebAuthnDeviceRequest:
      type: object
      description: Serializer for WebAuthn authenticator devices
      properties:
        name:
          type: string
          minLength: 1
          maxLength: 200
    Permission:
      type: object
      description: Global permission
      properties:
        id:
          type: integer
          readOnly: true
        name:
          type: string
          maxLength: 255
        codename:
          type: string
          maxLength: 100
        model:
          type: string
          title: Python model class name
          readOnly: true
        app_label:
          type: string
          readOnly: true
        app_label_verbose:
          type: string
          description: Human-readable app label
          readOnly: true
        model_verbose:
          type: string
          description: Human-readable model name
          readOnly: true
      required:
      - app_label
      - app_label_verbose
      - codename
      - id
      - model
      - model_verbose
      - name
    PermissionAssignRequest:
      type: object
      description: Request to assign a new permission
      properties:
        permissions:
          type: array
          items:
            type: string
            minLength: 1
        model:
          $ref: '#/components/schemas/ModelEnum'
        object_pk:
          type: string
          minLength: 1
      required:
      - permissions
    PlexAuthenticationChallenge:
      type: object
      description: Challenge shown to the user in identification stage
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-source-plex
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        client_id:
          type: string
        slug:
          type: string
      required:
      - client_id
      - slug
      - type
    PlexAuthenticationChallengeResponseRequest:
      type: object
      description: Pseudo class for plex response
      properties:
        component:
          type: string
          minLength: 1
          default: ak-source-plex
    PlexSource:
      type: object
      description: Plex Source Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pbm uuid
        name:
          type: string
          description: Source's display Name.
        slug:
          type: string
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
          readOnly: true
        user_path_template:
          type: string
        icon:
          type: string
          nullable: true
          description: |-
            Get the URL to the Icon. If the name is /static or
            starts with http it is returned as-is
          readOnly: true
        client_id:
          type: string
          description: Client identifier used to talk to Plex.
        allowed_servers:
          type: array
          items:
            type: string
          description: Which servers a user has to be a member of to be granted access.
            Empty list allows every server.
        allow_friends:
          type: boolean
          description: Allow friends to authenticate, even if you don't share a server.
        plex_token:
          type: string
          description: Plex token used to check friends
      required:
      - component
      - icon
      - managed
      - meta_model_name
      - name
      - pk
      - plex_token
      - slug
      - verbose_name
      - verbose_name_plural
    PlexSourceConnection:
      type: object
      description: Plex Source connection Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        user:
          type: integer
          readOnly: true
        source:
          allOf:
          - $ref: '#/components/schemas/Source'
          readOnly: true
        identifier:
          type: string
        plex_token:
          type: string
      required:
      - identifier
      - pk
      - plex_token
      - source
      - user
    PlexSourceConnectionRequest:
      type: object
      description: Plex Source connection Serializer
      properties:
        identifier:
          type: string
          minLength: 1
        plex_token:
          type: string
          minLength: 1
      required:
      - identifier
      - plex_token
    PlexSourceRequest:
      type: object
      description: Plex Source Serializer
      properties:
        name:
          type: string
          minLength: 1
          description: Source's display Name.
        slug:
          type: string
          minLength: 1
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        user_path_template:
          type: string
          minLength: 1
        client_id:
          type: string
          minLength: 1
          description: Client identifier used to talk to Plex.
        allowed_servers:
          type: array
          items:
            type: string
            minLength: 1
          description: Which servers a user has to be a member of to be granted access.
            Empty list allows every server.
        allow_friends:
          type: boolean
          description: Allow friends to authenticate, even if you don't share a server.
        plex_token:
          type: string
          minLength: 1
          description: Plex token used to check friends
      required:
      - name
      - plex_token
      - slug
    PlexTokenRedeemRequest:
      type: object
      description: Serializer to redeem a plex token
      properties:
        plex_token:
          type: string
          minLength: 1
      required:
      - plex_token
    Policy:
      type: object
      description: Policy Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Policy uuid
        name:
          type: string
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        bound_to:
          type: integer
          description: Return objects policy is bound to
          readOnly: true
      required:
      - bound_to
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    PolicyBinding:
      type: object
      description: PolicyBinding Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Policy binding uuid
        policy:
          type: string
          format: uuid
          nullable: true
        group:
          type: string
          format: uuid
          nullable: true
        user:
          type: integer
          nullable: true
        policy_obj:
          allOf:
          - $ref: '#/components/schemas/Policy'
          readOnly: true
        group_obj:
          allOf:
          - $ref: '#/components/schemas/Group'
          readOnly: true
        user_obj:
          allOf:
          - $ref: '#/components/schemas/User'
          readOnly: true
        target:
          type: string
          format: uuid
        negate:
          type: boolean
          description: Negates the outcome of the policy. Messages are unaffected.
        enabled:
          type: boolean
        order:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        timeout:
          type: integer
          maximum: 2147483647
          minimum: 0
          description: Timeout after which Policy execution is terminated.
        failure_result:
          type: boolean
          description: Result if the Policy execution fails.
      required:
      - group_obj
      - order
      - pk
      - policy_obj
      - target
      - user_obj
    PolicyBindingRequest:
      type: object
      description: PolicyBinding Serializer
      properties:
        policy:
          type: string
          format: uuid
          nullable: true
        group:
          type: string
          format: uuid
          nullable: true
        user:
          type: integer
          nullable: true
        target:
          type: string
          format: uuid
        negate:
          type: boolean
          description: Negates the outcome of the policy. Messages are unaffected.
        enabled:
          type: boolean
        order:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        timeout:
          type: integer
          maximum: 2147483647
          minimum: 0
          description: Timeout after which Policy execution is terminated.
        failure_result:
          type: boolean
          description: Result if the Policy execution fails.
      required:
      - order
      - target
    PolicyEngineMode:
      enum:
      - all
      - any
      type: string
      description: |-
        * `all` - all, all policies must pass
        * `any` - any, any policy must pass
    PolicyRequest:
      type: object
      description: Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
      required:
      - name
    PolicyTestRequest:
      type: object
      description: Test policy execution for a user with context
      properties:
        user:
          type: integer
        context:
          type: object
          additionalProperties: {}
      required:
      - user
    PolicyTestResult:
      type: object
      description: result of a policy test
      properties:
        passing:
          type: boolean
        messages:
          type: array
          items:
            type: string
          readOnly: true
        log_messages:
          type: array
          items:
            type: object
            additionalProperties: {}
          readOnly: true
      required:
      - log_messages
      - messages
      - passing
    Prompt:
      type: object
      description: Prompt Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Prompt uuid
        name:
          type: string
        field_key:
          type: string
          description: Name of the form field, also used to store the value
        label:
          type: string
        type:
          $ref: '#/components/schemas/PromptTypeEnum'
        required:
          type: boolean
        placeholder:
          type: string
          description: Optionally provide a short hint that describes the expected
            input value. When creating a fixed choice field, enable interpreting as
            expression and return a list to return multiple choices.
        initial_value:
          type: string
          description: Optionally pre-fill the input with an initial value. When creating
            a fixed choice field, enable interpreting as expression and return a list
            to return multiple default choices.
        order:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        promptstage_set:
          type: array
          items:
            $ref: '#/components/schemas/Stage'
        sub_text:
          type: string
        placeholder_expression:
          type: boolean
        initial_value_expression:
          type: boolean
      required:
      - field_key
      - label
      - name
      - pk
      - type
    PromptChallenge:
      type: object
      description: Initial challenge being sent, define fields
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-prompt
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        fields:
          type: array
          items:
            $ref: '#/components/schemas/StagePrompt'
      required:
      - fields
      - type
    PromptChallengeResponseRequest:
      type: object
      description: |-
        Validate response, fields are dynamically created based
        on the stage
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-prompt
      additionalProperties: {}
    PromptRequest:
      type: object
      description: Prompt Serializer
      properties:
        name:
          type: string
          minLength: 1
        field_key:
          type: string
          minLength: 1
          description: Name of the form field, also used to store the value
        label:
          type: string
          minLength: 1
        type:
          $ref: '#/components/schemas/PromptTypeEnum'
        required:
          type: boolean
        placeholder:
          type: string
          description: Optionally provide a short hint that describes the expected
            input value. When creating a fixed choice field, enable interpreting as
            expression and return a list to return multiple choices.
        initial_value:
          type: string
          description: Optionally pre-fill the input with an initial value. When creating
            a fixed choice field, enable interpreting as expression and return a list
            to return multiple default choices.
        order:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
        promptstage_set:
          type: array
          items:
            $ref: '#/components/schemas/StageRequest'
        sub_text:
          type: string
        placeholder_expression:
          type: boolean
        initial_value_expression:
          type: boolean
      required:
      - field_key
      - label
      - name
      - type
    PromptStage:
      type: object
      description: PromptStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        fields:
          type: array
          items:
            type: string
            format: uuid
        validation_policies:
          type: array
          items:
            type: string
            format: uuid
      required:
      - component
      - fields
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    PromptStageRequest:
      type: object
      description: PromptStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        fields:
          type: array
          items:
            type: string
            format: uuid
        validation_policies:
          type: array
          items:
            type: string
            format: uuid
      required:
      - fields
      - name
    PromptTypeEnum:
      enum:
      - text
      - text_area
      - text_read_only
      - text_area_read_only
      - username
      - email
      - password
      - number
      - checkbox
      - radio-button-group
      - dropdown
      - date
      - date-time
      - file
      - separator
      - hidden
      - static
      - ak-locale
      type: string
      description: |-
        * `text` - Text: Simple Text input
        * `text_area` - Text area: Multiline Text Input.
        * `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
        * `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
        * `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
        * `email` - Email: Text field with Email type.
        * `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
        * `number` - Number
        * `checkbox` - Checkbox
        * `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
        * `dropdown` - Fixed choice field rendered as a dropdown.
        * `date` - Date
        * `date-time` - Date Time
        * `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
        * `separator` - Separator: Static Separator Line
        * `hidden` - Hidden: Hidden field, can be used to insert data into form.
        * `static` - Static: Static value, displayed as-is.
        * `ak-locale` - authentik: Selection of locales authentik supports
    PropertyMapping:
      type: object
      description: PropertyMapping Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pm uuid
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
        expression:
          type: string
        component:
          type: string
          description: Get object's component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
      required:
      - component
      - expression
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    PropertyMappingPreview:
      type: object
      description: Preview how the current user is mapped via the property mappings
        selected in a provider
      properties:
        preview:
          type: object
          additionalProperties: {}
          readOnly: true
      required:
      - preview
    PropertyMappingTestResult:
      type: object
      description: Result of a Property-mapping test
      properties:
        result:
          type: string
          readOnly: true
        successful:
          type: boolean
          readOnly: true
      required:
      - result
      - successful
    Provider:
      type: object
      description: Provider Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        assigned_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        assigned_backchannel_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_backchannel_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
      required:
      - assigned_application_name
      - assigned_application_slug
      - assigned_backchannel_application_name
      - assigned_backchannel_application_slug
      - authorization_flow
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    ProviderEnum:
      enum:
      - twilio
      - generic
      type: string
      description: |-
        * `twilio` - Twilio
        * `generic` - Generic
    ProviderModelEnum:
      enum:
      - authentik_providers_ldap.ldapprovider
      - authentik_providers_oauth2.oauth2provider
      - authentik_providers_proxy.proxyprovider
      - authentik_providers_radius.radiusprovider
      - authentik_providers_saml.samlprovider
      - authentik_providers_scim.scimprovider
      type: string
      description: |-
        * `authentik_providers_ldap.ldapprovider` - authentik_providers_ldap.ldapprovider
        * `authentik_providers_oauth2.oauth2provider` - authentik_providers_oauth2.oauth2provider
        * `authentik_providers_proxy.proxyprovider` - authentik_providers_proxy.proxyprovider
        * `authentik_providers_radius.radiusprovider` - authentik_providers_radius.radiusprovider
        * `authentik_providers_saml.samlprovider` - authentik_providers_saml.samlprovider
        * `authentik_providers_scim.scimprovider` - authentik_providers_scim.scimprovider
    ProviderRequest:
      type: object
      description: Provider Serializer
      properties:
        name:
          type: string
          minLength: 1
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
      required:
      - authorization_flow
      - name
    ProviderTypeEnum:
      enum:
      - apple
      - azuread
      - discord
      - facebook
      - github
      - google
      - mailcow
      - openidconnect
      - okta
      - patreon
      - reddit
      - twitch
      - twitter
      type: string
      description: |-
        * `apple` - Apple
        * `azuread` - Azure AD
        * `discord` - Discord
        * `facebook` - Facebook
        * `github` - GitHub
        * `google` - Google
        * `mailcow` - Mailcow
        * `openidconnect` - OpenID Connect
        * `okta` - Okta
        * `patreon` - Patreon
        * `reddit` - Reddit
        * `twitch` - Twitch
        * `twitter` - Twitter
    ProxyMode:
      enum:
      - proxy
      - forward_single
      - forward_domain
      type: string
      description: |-
        * `proxy` - Proxy
        * `forward_single` - Forward Single
        * `forward_domain` - Forward Domain
    ProxyOutpostConfig:
      type: object
      description: Proxy provider serializer for outposts
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
        internal_host:
          type: string
          format: uri
        external_host:
          type: string
          format: uri
        internal_host_ssl_validation:
          type: boolean
          description: Validate SSL Certificates of upstream servers
        client_id:
          type: string
          maxLength: 255
        client_secret:
          type: string
          maxLength: 255
        oidc_configuration:
          allOf:
          - $ref: '#/components/schemas/OpenIDConnectConfiguration'
          readOnly: true
        cookie_secret:
          type: string
        certificate:
          type: string
          format: uuid
          nullable: true
        skip_path_regex:
          type: string
          description: Regular expressions for which authentication is not required.
            Each new line is interpreted as a new Regular Expression.
        basic_auth_enabled:
          type: boolean
          title: Set HTTP-Basic Authentication
          description: Set a custom HTTP-Basic Authentication header based on values
            from authentik.
        basic_auth_password_attribute:
          type: string
          title: HTTP-Basic Password Key
          description: User/Group Attribute used for the password part of the HTTP-Basic
            Header.
        basic_auth_user_attribute:
          type: string
          title: HTTP-Basic Username Key
          description: User/Group Attribute used for the user part of the HTTP-Basic
            Header. If not set, the user's Email address is used.
        mode:
          allOf:
          - $ref: '#/components/schemas/ProxyMode'
          description: |-
            Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

            * `proxy` - Proxy
            * `forward_single` - Forward Single
            * `forward_domain` - Forward Domain
        cookie_domain:
          type: string
        access_token_validity:
          type: number
          format: double
          nullable: true
          description: Get token validity as second count
          readOnly: true
        intercept_header_auth:
          type: boolean
          description: When enabled, this provider will intercept the authorization
            header and authenticate requests based on its value.
        scopes_to_request:
          type: array
          items:
            type: string
          description: |-
            Get all the scope names the outpost should request,
            including custom-defined ones
          readOnly: true
        assigned_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
      required:
      - access_token_validity
      - assigned_application_name
      - assigned_application_slug
      - external_host
      - name
      - oidc_configuration
      - pk
      - scopes_to_request
    ProxyProvider:
      type: object
      description: ProxyProvider Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        assigned_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        assigned_backchannel_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_backchannel_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        client_id:
          type: string
          readOnly: true
        internal_host:
          type: string
          format: uri
        external_host:
          type: string
          format: uri
        internal_host_ssl_validation:
          type: boolean
          description: Validate SSL Certificates of upstream servers
        certificate:
          type: string
          format: uuid
          nullable: true
        skip_path_regex:
          type: string
          description: Regular expressions for which authentication is not required.
            Each new line is interpreted as a new Regular Expression.
        basic_auth_enabled:
          type: boolean
          title: Set HTTP-Basic Authentication
          description: Set a custom HTTP-Basic Authentication header based on values
            from authentik.
        basic_auth_password_attribute:
          type: string
          title: HTTP-Basic Password Key
          description: User/Group Attribute used for the password part of the HTTP-Basic
            Header.
        basic_auth_user_attribute:
          type: string
          title: HTTP-Basic Username Key
          description: User/Group Attribute used for the user part of the HTTP-Basic
            Header. If not set, the user's Email address is used.
        mode:
          allOf:
          - $ref: '#/components/schemas/ProxyMode'
          description: |-
            Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

            * `proxy` - Proxy
            * `forward_single` - Forward Single
            * `forward_domain` - Forward Domain
        intercept_header_auth:
          type: boolean
          description: When enabled, this provider will intercept the authorization
            header and authenticate requests based on its value.
        redirect_uris:
          type: string
          readOnly: true
        cookie_domain:
          type: string
        jwks_sources:
          type: array
          items:
            type: string
            format: uuid
            title: Any JWT signed by the JWK of the selected source can be used to
              authenticate.
          title: Any JWT signed by the JWK of the selected source can be used to authenticate.
        access_token_validity:
          type: string
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        refresh_token_validity:
          type: string
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        outpost_set:
          type: array
          items:
            type: string
          readOnly: true
      required:
      - assigned_application_name
      - assigned_application_slug
      - assigned_backchannel_application_name
      - assigned_backchannel_application_slug
      - authorization_flow
      - client_id
      - component
      - external_host
      - meta_model_name
      - name
      - outpost_set
      - pk
      - redirect_uris
      - verbose_name
      - verbose_name_plural
    ProxyProviderRequest:
      type: object
      description: ProxyProvider Serializer
      properties:
        name:
          type: string
          minLength: 1
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        internal_host:
          type: string
          format: uri
        external_host:
          type: string
          minLength: 1
          format: uri
        internal_host_ssl_validation:
          type: boolean
          description: Validate SSL Certificates of upstream servers
        certificate:
          type: string
          format: uuid
          nullable: true
        skip_path_regex:
          type: string
          description: Regular expressions for which authentication is not required.
            Each new line is interpreted as a new Regular Expression.
        basic_auth_enabled:
          type: boolean
          title: Set HTTP-Basic Authentication
          description: Set a custom HTTP-Basic Authentication header based on values
            from authentik.
        basic_auth_password_attribute:
          type: string
          title: HTTP-Basic Password Key
          description: User/Group Attribute used for the password part of the HTTP-Basic
            Header.
        basic_auth_user_attribute:
          type: string
          title: HTTP-Basic Username Key
          description: User/Group Attribute used for the user part of the HTTP-Basic
            Header. If not set, the user's Email address is used.
        mode:
          allOf:
          - $ref: '#/components/schemas/ProxyMode'
          description: |-
            Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

            * `proxy` - Proxy
            * `forward_single` - Forward Single
            * `forward_domain` - Forward Domain
        intercept_header_auth:
          type: boolean
          description: When enabled, this provider will intercept the authorization
            header and authenticate requests based on its value.
        cookie_domain:
          type: string
        jwks_sources:
          type: array
          items:
            type: string
            format: uuid
            title: Any JWT signed by the JWK of the selected source can be used to
              authenticate.
          title: Any JWT signed by the JWK of the selected source can be used to authenticate.
        access_token_validity:
          type: string
          minLength: 1
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        refresh_token_validity:
          type: string
          minLength: 1
          description: 'Tokens not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
      required:
      - authorization_flow
      - external_host
      - name
    RadiusOutpostConfig:
      type: object
      description: RadiusProvider Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
        application_slug:
          type: string
        auth_flow_slug:
          type: string
        client_networks:
          type: string
          description: List of CIDRs (comma-separated) that clients can connect from.
            A more specific CIDR will match before a looser one. Clients connecting
            from a non-specified CIDR will be dropped.
        shared_secret:
          type: string
          description: Shared secret between clients and server to hash packets.
        mfa_support:
          type: boolean
          description: When enabled, code-based multi-factor authentication can be
            used by appending a semicolon and the TOTP code to the password. This
            should only be enabled if all users that will bind to this provider have
            a TOTP device configured, as otherwise a password may incorrectly be rejected
            if it contains a semicolon.
      required:
      - application_slug
      - auth_flow_slug
      - name
      - pk
    RadiusProvider:
      type: object
      description: RadiusProvider Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        assigned_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        assigned_backchannel_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_backchannel_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        client_networks:
          type: string
          description: List of CIDRs (comma-separated) that clients can connect from.
            A more specific CIDR will match before a looser one. Clients connecting
            from a non-specified CIDR will be dropped.
        shared_secret:
          type: string
          description: Shared secret between clients and server to hash packets.
        outpost_set:
          type: array
          items:
            type: string
          readOnly: true
        mfa_support:
          type: boolean
          description: When enabled, code-based multi-factor authentication can be
            used by appending a semicolon and the TOTP code to the password. This
            should only be enabled if all users that will bind to this provider have
            a TOTP device configured, as otherwise a password may incorrectly be rejected
            if it contains a semicolon.
      required:
      - assigned_application_name
      - assigned_application_slug
      - assigned_backchannel_application_name
      - assigned_backchannel_application_slug
      - authorization_flow
      - component
      - meta_model_name
      - name
      - outpost_set
      - pk
      - verbose_name
      - verbose_name_plural
    RadiusProviderRequest:
      type: object
      description: RadiusProvider Serializer
      properties:
        name:
          type: string
          minLength: 1
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        client_networks:
          type: string
          minLength: 1
          description: List of CIDRs (comma-separated) that clients can connect from.
            A more specific CIDR will match before a looser one. Clients connecting
            from a non-specified CIDR will be dropped.
        shared_secret:
          type: string
          minLength: 1
          description: Shared secret between clients and server to hash packets.
        mfa_support:
          type: boolean
          description: When enabled, code-based multi-factor authentication can be
            used by appending a semicolon and the TOTP code to the password. This
            should only be enabled if all users that will bind to this provider have
            a TOTP device configured, as otherwise a password may incorrectly be rejected
            if it contains a semicolon.
      required:
      - authorization_flow
      - name
    RedirectChallenge:
      type: object
      description: Challenge type to redirect the client
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: xak-flow-redirect
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        to:
          type: string
      required:
      - to
      - type
    Reputation:
      type: object
      description: Reputation Serializer
      properties:
        pk:
          type: string
          format: uuid
          title: Reputation uuid
        identifier:
          type: string
        ip:
          type: string
        ip_geo_data:
          type: object
          additionalProperties: {}
        score:
          type: integer
          maximum: 9223372036854775807
          minimum: -9223372036854775808
          format: int64
        updated:
          type: string
          format: date-time
          readOnly: true
      required:
      - identifier
      - ip
      - updated
    ReputationPolicy:
      type: object
      description: Reputation Policy Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Policy uuid
        name:
          type: string
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        bound_to:
          type: integer
          description: Return objects policy is bound to
          readOnly: true
        check_ip:
          type: boolean
        check_username:
          type: boolean
        threshold:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
      required:
      - bound_to
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    ReputationPolicyRequest:
      type: object
      description: Reputation Policy Serializer
      properties:
        name:
          type: string
          minLength: 1
        execution_logging:
          type: boolean
          description: When this option is enabled, all executions of this policy
            will be logged. By default, only execution errors are logged.
        check_ip:
          type: boolean
        check_username:
          type: boolean
        threshold:
          type: integer
          maximum: 2147483647
          minimum: -2147483648
      required:
      - name
    ResidentKeyRequirementEnum:
      enum:
      - discouraged
      - preferred
      - required
      type: string
      description: |-
        * `discouraged` - Discouraged
        * `preferred` - Preferred
        * `required` - Required
    Role:
      type: object
      description: Role serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Uuid
        name:
          type: string
          maxLength: 150
      required:
      - name
      - pk
    RoleAssignedObjectPermission:
      type: object
      description: Roles assigned object permission serializer
      properties:
        role_pk:
          type: string
          readOnly: true
        name:
          type: string
          readOnly: true
        permissions:
          type: array
          items:
            $ref: '#/components/schemas/RoleObjectPermission'
      required:
      - name
      - permissions
      - role_pk
    RoleObjectPermission:
      type: object
      description: Role-bound object level permission
      properties:
        id:
          type: integer
          readOnly: true
        codename:
          type: string
          readOnly: true
        model:
          type: string
          title: Python model class name
          readOnly: true
        app_label:
          type: string
          readOnly: true
        object_pk:
          type: string
          title: Object ID
          readOnly: true
        name:
          type: string
          readOnly: true
      required:
      - app_label
      - codename
      - id
      - model
      - name
      - object_pk
    RoleRequest:
      type: object
      description: Role serializer
      properties:
        name:
          type: string
          minLength: 1
          maxLength: 150
      required:
      - name
    SAMLMetadata:
      type: object
      description: SAML Provider Metadata serializer
      properties:
        metadata:
          type: string
          readOnly: true
        download_url:
          type: string
          readOnly: true
      required:
      - download_url
      - metadata
    SAMLPropertyMapping:
      type: object
      description: SAMLPropertyMapping Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pm uuid
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
        expression:
          type: string
        component:
          type: string
          description: Get object's component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        saml_name:
          type: string
        friendly_name:
          type: string
          nullable: true
      required:
      - component
      - expression
      - meta_model_name
      - name
      - pk
      - saml_name
      - verbose_name
      - verbose_name_plural
    SAMLPropertyMappingRequest:
      type: object
      description: SAMLPropertyMapping Serializer
      properties:
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
          minLength: 1
        expression:
          type: string
          minLength: 1
        saml_name:
          type: string
          minLength: 1
        friendly_name:
          type: string
          nullable: true
      required:
      - expression
      - name
      - saml_name
    SAMLProvider:
      type: object
      description: SAMLProvider Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        assigned_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        assigned_backchannel_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_backchannel_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        acs_url:
          type: string
          format: uri
          maxLength: 200
        audience:
          type: string
          description: Value of the audience restriction field of the assertion. When
            left empty, no audience restriction will be added.
        issuer:
          type: string
          description: Also known as EntityID
        assertion_valid_not_before:
          type: string
          description: 'Assertion valid not before current time + this value (Format:
            hours=-1;minutes=-2;seconds=-3).'
        assertion_valid_not_on_or_after:
          type: string
          description: 'Assertion not valid on or after current time + this value
            (Format: hours=1;minutes=2;seconds=3).'
        session_valid_not_on_or_after:
          type: string
          description: 'Session not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        name_id_mapping:
          type: string
          format: uuid
          nullable: true
          title: NameID Property Mapping
          description: Configure how the NameID value will be created. When left empty,
            the NameIDPolicy of the incoming request will be considered
        digest_algorithm:
          $ref: '#/components/schemas/DigestAlgorithmEnum'
        signature_algorithm:
          $ref: '#/components/schemas/SignatureAlgorithmEnum'
        signing_kp:
          type: string
          format: uuid
          nullable: true
          title: Signing Keypair
          description: Keypair used to sign outgoing Responses going to the Service
            Provider.
        verification_kp:
          type: string
          format: uuid
          nullable: true
          title: Verification Certificate
          description: When selected, incoming assertion's Signatures will be validated
            against this certificate. To allow unsigned Requests, leave on default.
        sp_binding:
          allOf:
          - $ref: '#/components/schemas/SpBindingEnum'
          title: Service Provider Binding
          description: |-
            This determines how authentik sends the response back to the Service Provider.

            * `redirect` - Redirect
            * `post` - Post
        default_relay_state:
          type: string
          description: Default relay_state value for IDP-initiated logins
        url_download_metadata:
          type: string
          description: Get metadata download URL
          readOnly: true
        url_sso_post:
          type: string
          description: Get SSO Post URL
          readOnly: true
        url_sso_redirect:
          type: string
          description: Get SSO Redirect URL
          readOnly: true
        url_sso_init:
          type: string
          description: Get SSO IDP-Initiated URL
          readOnly: true
        url_slo_post:
          type: string
          description: Get SLO POST URL
          readOnly: true
        url_slo_redirect:
          type: string
          description: Get SLO redirect URL
          readOnly: true
      required:
      - acs_url
      - assigned_application_name
      - assigned_application_slug
      - assigned_backchannel_application_name
      - assigned_backchannel_application_slug
      - authorization_flow
      - component
      - meta_model_name
      - name
      - pk
      - url_download_metadata
      - url_slo_post
      - url_slo_redirect
      - url_sso_init
      - url_sso_post
      - url_sso_redirect
      - verbose_name
      - verbose_name_plural
    SAMLProviderImportRequest:
      type: object
      description: Import saml provider from XML Metadata
      properties:
        name:
          type: string
          minLength: 1
        authorization_flow:
          type: string
          format: uuid
        file:
          type: string
          format: binary
      required:
      - authorization_flow
      - file
      - name
    SAMLProviderRequest:
      type: object
      description: SAMLProvider Serializer
      properties:
        name:
          type: string
          minLength: 1
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow used for authentication when the associated application
            is accessed by an un-authenticated user.
        authorization_flow:
          type: string
          format: uuid
          description: Flow used when authorizing this provider.
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        acs_url:
          type: string
          format: uri
          minLength: 1
          maxLength: 200
        audience:
          type: string
          description: Value of the audience restriction field of the assertion. When
            left empty, no audience restriction will be added.
        issuer:
          type: string
          minLength: 1
          description: Also known as EntityID
        assertion_valid_not_before:
          type: string
          minLength: 1
          description: 'Assertion valid not before current time + this value (Format:
            hours=-1;minutes=-2;seconds=-3).'
        assertion_valid_not_on_or_after:
          type: string
          minLength: 1
          description: 'Assertion not valid on or after current time + this value
            (Format: hours=1;minutes=2;seconds=3).'
        session_valid_not_on_or_after:
          type: string
          minLength: 1
          description: 'Session not valid on or after current time + this value (Format:
            hours=1;minutes=2;seconds=3).'
        name_id_mapping:
          type: string
          format: uuid
          nullable: true
          title: NameID Property Mapping
          description: Configure how the NameID value will be created. When left empty,
            the NameIDPolicy of the incoming request will be considered
        digest_algorithm:
          $ref: '#/components/schemas/DigestAlgorithmEnum'
        signature_algorithm:
          $ref: '#/components/schemas/SignatureAlgorithmEnum'
        signing_kp:
          type: string
          format: uuid
          nullable: true
          title: Signing Keypair
          description: Keypair used to sign outgoing Responses going to the Service
            Provider.
        verification_kp:
          type: string
          format: uuid
          nullable: true
          title: Verification Certificate
          description: When selected, incoming assertion's Signatures will be validated
            against this certificate. To allow unsigned Requests, leave on default.
        sp_binding:
          allOf:
          - $ref: '#/components/schemas/SpBindingEnum'
          title: Service Provider Binding
          description: |-
            This determines how authentik sends the response back to the Service Provider.

            * `redirect` - Redirect
            * `post` - Post
        default_relay_state:
          type: string
          description: Default relay_state value for IDP-initiated logins
      required:
      - acs_url
      - authorization_flow
      - name
    SAMLSource:
      type: object
      description: SAMLSource Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pbm uuid
        name:
          type: string
          description: Source's display Name.
        slug:
          type: string
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
          readOnly: true
        user_path_template:
          type: string
        icon:
          type: string
          nullable: true
          description: |-
            Get the URL to the Icon. If the name is /static or
            starts with http it is returned as-is
          readOnly: true
        pre_authentication_flow:
          type: string
          format: uuid
          description: Flow used before authentication.
        issuer:
          type: string
          description: Also known as Entity ID. Defaults the Metadata URL.
        sso_url:
          type: string
          format: uri
          description: URL that the initial Login request is sent to.
          maxLength: 200
        slo_url:
          type: string
          format: uri
          nullable: true
          description: Optional URL if your IDP supports Single-Logout.
          maxLength: 200
        allow_idp_initiated:
          type: boolean
          description: Allows authentication flows initiated by the IdP. This can
            be a security risk, as no validation of the request ID is done.
        name_id_policy:
          allOf:
          - $ref: '#/components/schemas/NameIdPolicyEnum'
          description: |-
            NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

            * `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
        binding_type:
          $ref: '#/components/schemas/BindingTypeEnum'
        verification_kp:
          type: string
          format: uuid
          nullable: true
          title: Verification Certificate
          description: When selected, incoming assertion's Signatures will be validated
            against this certificate. To allow unsigned Requests, leave on default.
        signing_kp:
          type: string
          format: uuid
          nullable: true
          title: Signing Keypair
          description: Keypair used to sign outgoing Responses going to the Identity
            Provider.
        digest_algorithm:
          $ref: '#/components/schemas/DigestAlgorithmEnum'
        signature_algorithm:
          $ref: '#/components/schemas/SignatureAlgorithmEnum'
        temporary_user_delete_after:
          type: string
          title: Delete temporary users after
          description: 'Time offset when temporary users should be deleted. This only
            applies if your IDP uses the NameID Format ''transient'', and the user
            doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
      required:
      - component
      - icon
      - managed
      - meta_model_name
      - name
      - pk
      - pre_authentication_flow
      - slug
      - sso_url
      - verbose_name
      - verbose_name_plural
    SAMLSourceRequest:
      type: object
      description: SAMLSource Serializer
      properties:
        name:
          type: string
          minLength: 1
          description: Source's display Name.
        slug:
          type: string
          minLength: 1
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        user_path_template:
          type: string
          minLength: 1
        pre_authentication_flow:
          type: string
          format: uuid
          description: Flow used before authentication.
        issuer:
          type: string
          description: Also known as Entity ID. Defaults the Metadata URL.
        sso_url:
          type: string
          format: uri
          minLength: 1
          description: URL that the initial Login request is sent to.
          maxLength: 200
        slo_url:
          type: string
          format: uri
          nullable: true
          description: Optional URL if your IDP supports Single-Logout.
          maxLength: 200
        allow_idp_initiated:
          type: boolean
          description: Allows authentication flows initiated by the IdP. This can
            be a security risk, as no validation of the request ID is done.
        name_id_policy:
          allOf:
          - $ref: '#/components/schemas/NameIdPolicyEnum'
          description: |-
            NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

            * `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
            * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
        binding_type:
          $ref: '#/components/schemas/BindingTypeEnum'
        verification_kp:
          type: string
          format: uuid
          nullable: true
          title: Verification Certificate
          description: When selected, incoming assertion's Signatures will be validated
            against this certificate. To allow unsigned Requests, leave on default.
        signing_kp:
          type: string
          format: uuid
          nullable: true
          title: Signing Keypair
          description: Keypair used to sign outgoing Responses going to the Identity
            Provider.
        digest_algorithm:
          $ref: '#/components/schemas/DigestAlgorithmEnum'
        signature_algorithm:
          $ref: '#/components/schemas/SignatureAlgorithmEnum'
        temporary_user_delete_after:
          type: string
          minLength: 1
          title: Delete temporary users after
          description: 'Time offset when temporary users should be deleted. This only
            applies if your IDP uses the NameID Format ''transient'', and the user
            doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
      required:
      - name
      - pre_authentication_flow
      - slug
      - sso_url
    SCIMMapping:
      type: object
      description: SCIMMapping Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pm uuid
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
        expression:
          type: string
        component:
          type: string
          description: Get object's component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
      required:
      - component
      - expression
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    SCIMMappingRequest:
      type: object
      description: SCIMMapping Serializer
      properties:
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
          minLength: 1
        expression:
          type: string
          minLength: 1
      required:
      - expression
      - name
    SCIMProvider:
      type: object
      description: SCIMProvider Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        property_mappings_group:
          type: array
          items:
            type: string
            format: uuid
          description: Property mappings used for group creation/updating.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        assigned_backchannel_application_slug:
          type: string
          description: Internal application name, used in URLs.
          readOnly: true
        assigned_backchannel_application_name:
          type: string
          description: Application's display Name.
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        url:
          type: string
          description: Base URL to SCIM requests, usually ends in /v2
        token:
          type: string
          description: Authentication token
        exclude_users_service_account:
          type: boolean
        filter_group:
          type: string
          format: uuid
          nullable: true
      required:
      - assigned_backchannel_application_name
      - assigned_backchannel_application_slug
      - component
      - meta_model_name
      - name
      - pk
      - token
      - url
      - verbose_name
      - verbose_name_plural
    SCIMProviderRequest:
      type: object
      description: SCIMProvider Serializer
      properties:
        name:
          type: string
          minLength: 1
        property_mappings:
          type: array
          items:
            type: string
            format: uuid
        property_mappings_group:
          type: array
          items:
            type: string
            format: uuid
          description: Property mappings used for group creation/updating.
        url:
          type: string
          minLength: 1
          description: Base URL to SCIM requests, usually ends in /v2
        token:
          type: string
          minLength: 1
          description: Authentication token
        exclude_users_service_account:
          type: boolean
        filter_group:
          type: string
          format: uuid
          nullable: true
      required:
      - name
      - token
      - url
    SMSDevice:
      type: object
      description: Serializer for sms authenticator devices
      properties:
        name:
          type: string
          description: The human-readable name of this device.
          maxLength: 64
        pk:
          type: integer
          readOnly: true
          title: ID
        phone_number:
          type: string
          readOnly: true
      required:
      - name
      - phone_number
      - pk
    SMSDeviceRequest:
      type: object
      description: Serializer for sms authenticator devices
      properties:
        name:
          type: string
          minLength: 1
          description: The human-readable name of this device.
          maxLength: 64
      required:
      - name
    ScopeMapping:
      type: object
      description: ScopeMapping Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pm uuid
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
        expression:
          type: string
        component:
          type: string
          description: Get object's component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        scope_name:
          type: string
          description: Scope name requested by the client
        description:
          type: string
          description: Description shown to the user when consenting. If left empty,
            the user won't be informed.
      required:
      - component
      - expression
      - meta_model_name
      - name
      - pk
      - scope_name
      - verbose_name
      - verbose_name_plural
    ScopeMappingRequest:
      type: object
      description: ScopeMapping Serializer
      properties:
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        name:
          type: string
          minLength: 1
        expression:
          type: string
          minLength: 1
        scope_name:
          type: string
          minLength: 1
          description: Scope name requested by the client
        description:
          type: string
          description: Description shown to the user when consenting. If left empty,
            the user won't be informed.
      required:
      - expression
      - name
      - scope_name
    SelectableStage:
      type: object
      description: Serializer for stages which can be selected by users
      properties:
        pk:
          type: string
          format: uuid
        name:
          type: string
        verbose_name:
          type: string
        meta_model_name:
          type: string
      required:
      - meta_model_name
      - name
      - pk
      - verbose_name
    ServiceConnection:
      type: object
      description: ServiceConnection Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Uuid
        name:
          type: string
        local:
          type: boolean
          description: If enabled, use the local connection. Required Docker socket/Kubernetes
            Integration
        component:
          type: string
          description: Return component used to edit this object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    ServiceConnectionRequest:
      type: object
      description: ServiceConnection Serializer
      properties:
        name:
          type: string
          minLength: 1
        local:
          type: boolean
          description: If enabled, use the local connection. Required Docker socket/Kubernetes
            Integration
      required:
      - name
    ServiceConnectionState:
      type: object
      description: Serializer for Service connection state
      properties:
        healthy:
          type: boolean
          readOnly: true
        version:
          type: string
          readOnly: true
      required:
      - healthy
      - version
    SessionUser:
      type: object
      description: |-
        Response for the /user/me endpoint, returns the currently active user (as `user` property)
        and, if this user is being impersonated, the original user in the `original` property.
      properties:
        user:
          $ref: '#/components/schemas/UserSelf'
        original:
          $ref: '#/components/schemas/UserSelf'
      required:
      - user
    SeverityEnum:
      enum:
      - notice
      - warning
      - alert
      type: string
      description: |-
        * `notice` - Notice
        * `warning` - Warning
        * `alert` - Alert
    ShellChallenge:
      type: object
      description: challenge type to render HTML as-is
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: xak-flow-shell
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        body:
          type: string
      required:
      - body
      - type
    SignatureAlgorithmEnum:
      enum:
      - http://www.w3.org/2000/09/xmldsig#rsa-sha1
      - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
      - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
      - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
      - http://www.w3.org/2000/09/xmldsig#dsa-sha1
      type: string
      description: |-
        * `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - RSA-SHA1
        * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - RSA-SHA256
        * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - RSA-SHA384
        * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - RSA-SHA512
        * `http://www.w3.org/2000/09/xmldsig#dsa-sha1` - DSA-SHA1
    Source:
      type: object
      description: Source Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Pbm uuid
        name:
          type: string
          description: Source's display Name.
        slug:
          type: string
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        component:
          type: string
          description: Get object component so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
          readOnly: true
        user_path_template:
          type: string
        icon:
          type: string
          nullable: true
          description: |-
            Get the URL to the Icon. If the name is /static or
            starts with http it is returned as-is
          readOnly: true
      required:
      - component
      - icon
      - managed
      - meta_model_name
      - name
      - pk
      - slug
      - verbose_name
      - verbose_name_plural
    SourceRequest:
      type: object
      description: Source Serializer
      properties:
        name:
          type: string
          minLength: 1
          description: Source's display Name.
        slug:
          type: string
          minLength: 1
          description: Internal source name, used in URLs.
          maxLength: 50
          pattern: ^[-a-zA-Z0-9_]+$
        enabled:
          type: boolean
        authentication_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when authenticating existing users.
        enrollment_flow:
          type: string
          format: uuid
          nullable: true
          description: Flow to use when enrolling new users.
        policy_engine_mode:
          $ref: '#/components/schemas/PolicyEngineMode'
        user_matching_mode:
          allOf:
          - $ref: '#/components/schemas/UserMatchingModeEnum'
          description: |-
            How the source determines if an existing user should be authenticated or a new user enrolled.

            * `identifier` - Use the source-specific identifier
            * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
            * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
            * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
            * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
        user_path_template:
          type: string
          minLength: 1
      required:
      - name
      - slug
    SourceType:
      type: object
      description: Serializer for SourceType
      properties:
        name:
          type: string
        slug:
          type: string
        urls_customizable:
          type: boolean
        request_token_url:
          type: string
          readOnly: true
          nullable: true
        authorization_url:
          type: string
          readOnly: true
          nullable: true
        access_token_url:
          type: string
          readOnly: true
          nullable: true
        profile_url:
          type: string
          readOnly: true
          nullable: true
        oidc_well_known_url:
          type: string
          readOnly: true
          nullable: true
        oidc_jwks_url:
          type: string
          readOnly: true
          nullable: true
      required:
      - access_token_url
      - authorization_url
      - name
      - oidc_jwks_url
      - oidc_well_known_url
      - profile_url
      - request_token_url
      - slug
      - urls_customizable
    SpBindingEnum:
      enum:
      - redirect
      - post
      type: string
      description: |-
        * `redirect` - Redirect
        * `post` - Post
    Stage:
      type: object
      description: Stage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    StagePrompt:
      type: object
      description: Serializer for a single Prompt field
      properties:
        field_key:
          type: string
        label:
          type: string
        type:
          $ref: '#/components/schemas/PromptTypeEnum'
        required:
          type: boolean
        placeholder:
          type: string
        initial_value:
          type: string
        order:
          type: integer
        sub_text:
          type: string
        choices:
          type: array
          items:
            type: string
          nullable: true
      required:
      - choices
      - field_key
      - initial_value
      - label
      - order
      - placeholder
      - required
      - sub_text
      - type
    StageRequest:
      type: object
      description: Stage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
      required:
      - name
    StaticDevice:
      type: object
      description: Serializer for static authenticator devices
      properties:
        name:
          type: string
          description: The human-readable name of this device.
          maxLength: 64
        token_set:
          type: array
          items:
            $ref: '#/components/schemas/StaticDeviceToken'
          readOnly: true
        pk:
          type: integer
          readOnly: true
          title: ID
      required:
      - name
      - pk
      - token_set
    StaticDeviceRequest:
      type: object
      description: Serializer for static authenticator devices
      properties:
        name:
          type: string
          minLength: 1
          description: The human-readable name of this device.
          maxLength: 64
      required:
      - name
    StaticDeviceToken:
      type: object
      description: Serializer for static device's tokens
      properties:
        token:
          type: string
          maxLength: 16
      required:
      - token
    StaticDeviceTokenRequest:
      type: object
      description: Serializer for static device's tokens
      properties:
        token:
          type: string
          minLength: 1
          maxLength: 16
      required:
      - token
    SubModeEnum:
      enum:
      - hashed_user_id
      - user_id
      - user_uuid
      - user_username
      - user_email
      - user_upn
      type: string
      description: |-
        * `hashed_user_id` - Based on the Hashed User ID
        * `user_id` - Based on user ID
        * `user_uuid` - Based on user UUID
        * `user_username` - Based on the username
        * `user_email` - Based on the User's Email. This is recommended over the UPN method.
        * `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
    System:
      type: object
      description: Get system information.
      properties:
        http_headers:
          type: object
          additionalProperties:
            type: string
          description: Get HTTP Request headers
          readOnly: true
        http_host:
          type: string
          description: Get HTTP host
          readOnly: true
        http_is_secure:
          type: boolean
          description: Get HTTP Secure flag
          readOnly: true
        runtime:
          type: object
          description: Get versions
          properties:
            python_version:
              type: string
            gunicorn_version:
              type: string
            environment:
              type: string
            architecture:
              type: string
            platform:
              type: string
            uname:
              type: string
          required:
          - architecture
          - environment
          - gunicorn_version
          - platform
          - python_version
          - uname
          readOnly: true
        tenant:
          type: string
          description: Currently active tenant
          readOnly: true
        server_time:
          type: string
          format: date-time
          description: Current server time
          readOnly: true
        embedded_outpost_host:
          type: string
          description: Get the FQDN configured on the embedded outpost
          readOnly: true
      required:
      - embedded_outpost_host
      - http_headers
      - http_host
      - http_is_secure
      - runtime
      - server_time
      - tenant
    TOTPDevice:
      type: object
      description: Serializer for totp authenticator devices
      properties:
        name:
          type: string
          description: The human-readable name of this device.
          maxLength: 64
        pk:
          type: integer
          readOnly: true
          title: ID
      required:
      - name
      - pk
    TOTPDeviceRequest:
      type: object
      description: Serializer for totp authenticator devices
      properties:
        name:
          type: string
          minLength: 1
          description: The human-readable name of this device.
          maxLength: 64
      required:
      - name
    Task:
      type: object
      description: Serialize TaskInfo and TaskResult
      properties:
        task_name:
          type: string
        task_description:
          type: string
        task_finish_timestamp:
          type: string
          format: date-time
        task_duration:
          type: integer
          description: Get the duration a task took to run
          readOnly: true
        status:
          $ref: '#/components/schemas/TaskStatusEnum'
        messages:
          type: array
          items: {}
      required:
      - messages
      - status
      - task_description
      - task_duration
      - task_finish_timestamp
      - task_name
    TaskStatusEnum:
      enum:
      - SUCCESSFUL
      - WARNING
      - ERROR
      - UNKNOWN
      type: string
      description: |-
        * `SUCCESSFUL` - SUCCESSFUL
        * `WARNING` - WARNING
        * `ERROR` - ERROR
        * `UNKNOWN` - UNKNOWN
    Tenant:
      type: object
      description: Tenant Serializer
      properties:
        tenant_uuid:
          type: string
          format: uuid
          readOnly: true
        domain:
          type: string
          description: Domain that activates this tenant. Can be a superset, i.e.
            `a.b` for `aa.b` and `ba.b`
        default:
          type: boolean
        branding_title:
          type: string
        branding_logo:
          type: string
        branding_favicon:
          type: string
        flow_authentication:
          type: string
          format: uuid
          nullable: true
        flow_invalidation:
          type: string
          format: uuid
          nullable: true
        flow_recovery:
          type: string
          format: uuid
          nullable: true
        flow_unenrollment:
          type: string
          format: uuid
          nullable: true
        flow_user_settings:
          type: string
          format: uuid
          nullable: true
        flow_device_code:
          type: string
          format: uuid
          nullable: true
        event_retention:
          type: string
          description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
        web_certificate:
          type: string
          format: uuid
          nullable: true
          description: Web Certificate used by the authentik Core webserver.
        attributes:
          type: object
          additionalProperties: {}
      required:
      - domain
      - tenant_uuid
    TenantRequest:
      type: object
      description: Tenant Serializer
      properties:
        domain:
          type: string
          minLength: 1
          description: Domain that activates this tenant. Can be a superset, i.e.
            `a.b` for `aa.b` and `ba.b`
        default:
          type: boolean
        branding_title:
          type: string
          minLength: 1
        branding_logo:
          type: string
          minLength: 1
        branding_favicon:
          type: string
          minLength: 1
        flow_authentication:
          type: string
          format: uuid
          nullable: true
        flow_invalidation:
          type: string
          format: uuid
          nullable: true
        flow_recovery:
          type: string
          format: uuid
          nullable: true
        flow_unenrollment:
          type: string
          format: uuid
          nullable: true
        flow_user_settings:
          type: string
          format: uuid
          nullable: true
        flow_device_code:
          type: string
          format: uuid
          nullable: true
        event_retention:
          type: string
          minLength: 1
          description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
        web_certificate:
          type: string
          format: uuid
          nullable: true
          description: Web Certificate used by the authentik Core webserver.
        attributes:
          type: object
          additionalProperties: {}
      required:
      - domain
    Token:
      type: object
      description: Token Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Token uuid
        managed:
          type: string
          nullable: true
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        identifier:
          type: string
          maxLength: 255
          pattern: ^[-a-zA-Z0-9_]+$
        intent:
          $ref: '#/components/schemas/IntentEnum'
        user:
          type: integer
        user_obj:
          allOf:
          - $ref: '#/components/schemas/User'
          readOnly: true
        description:
          type: string
        expires:
          type: string
          format: date-time
        expiring:
          type: boolean
      required:
      - identifier
      - pk
      - user_obj
    TokenModel:
      type: object
      description: Serializer for BaseGrantModel and RefreshToken
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        provider:
          $ref: '#/components/schemas/OAuth2Provider'
        user:
          $ref: '#/components/schemas/User'
        is_expired:
          type: boolean
          description: Check if token is expired yet.
          readOnly: true
        expires:
          type: string
          format: date-time
        scope:
          type: array
          items:
            type: string
        id_token:
          type: string
          description: Get the token's id_token as JSON String
          readOnly: true
        revoked:
          type: boolean
      required:
      - id_token
      - is_expired
      - pk
      - provider
      - scope
      - user
    TokenRequest:
      type: object
      description: Token Serializer
      properties:
        managed:
          type: string
          nullable: true
          minLength: 1
          title: Managed by authentik
          description: Objects that are managed by authentik. These objects are created
            and updated automatically. This flag only indicates that an object can
            be overwritten by migrations. You can still modify the objects via the
            API, but expect changes to be overwritten in a later update.
        identifier:
          type: string
          minLength: 1
          maxLength: 255
          pattern: ^[-a-zA-Z0-9_]+$
        intent:
          $ref: '#/components/schemas/IntentEnum'
        user:
          type: integer
        description:
          type: string
        expires:
          type: string
          format: date-time
        expiring:
          type: boolean
      required:
      - identifier
    TokenSetKeyRequest:
      type: object
      properties:
        key:
          type: string
          minLength: 1
      required:
      - key
    TokenView:
      type: object
      description: Show token's current key
      properties:
        key:
          type: string
          readOnly: true
      required:
      - key
    TransactionApplicationRequest:
      type: object
      description: Serializer for creating a provider and an application in one transaction
      properties:
        app:
          $ref: '#/components/schemas/ApplicationRequest'
        provider_model:
          $ref: '#/components/schemas/ProviderModelEnum'
        provider:
          $ref: '#/components/schemas/modelRequest'
      required:
      - app
      - provider
      - provider_model
    TransactionApplicationResponse:
      type: object
      description: Transactional creation response
      properties:
        applied:
          type: boolean
        logs:
          type: array
          items:
            type: string
      required:
      - applied
      - logs
    TypeCreate:
      type: object
      description: Types of an object that can be created
      properties:
        name:
          type: string
        description:
          type: string
        component:
          type: string
        model_name:
          type: string
      required:
      - component
      - description
      - model_name
      - name
    UiThemeEnum:
      enum:
      - automatic
      - light
      - dark
      type: string
      description: |-
        * `automatic` - Automatic
        * `light` - Light
        * `dark` - Dark
    UsedBy:
      type: object
      description: A list of all objects referencing the queried object
      properties:
        app:
          type: string
        model_name:
          type: string
        pk:
          type: string
        name:
          type: string
        action:
          $ref: '#/components/schemas/UsedByActionEnum'
      required:
      - action
      - app
      - model_name
      - name
      - pk
    UsedByActionEnum:
      enum:
      - CASCADE
      - CASCADE_MANY
      - SET_NULL
      - SET_DEFAULT
      type: string
      description: |-
        * `CASCADE` - CASCADE
        * `CASCADE_MANY` - CASCADE_MANY
        * `SET_NULL` - SET_NULL
        * `SET_DEFAULT` - SET_DEFAULT
    User:
      type: object
      description: User Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        username:
          type: string
          maxLength: 150
        name:
          type: string
          description: User's display name.
        is_active:
          type: boolean
          title: Active
          description: Designates whether this user should be treated as active. Unselect
            this instead of deleting accounts.
        last_login:
          type: string
          format: date-time
          nullable: true
        is_superuser:
          type: boolean
          readOnly: true
        groups:
          type: array
          items:
            type: string
            format: uuid
        groups_obj:
          type: array
          items:
            $ref: '#/components/schemas/UserGroup'
          readOnly: true
        email:
          type: string
          format: email
          title: Email address
          maxLength: 254
        avatar:
          type: string
          readOnly: true
        attributes:
          type: object
          additionalProperties: {}
        uid:
          type: string
          readOnly: true
        path:
          type: string
        type:
          $ref: '#/components/schemas/UserTypeEnum'
        uuid:
          type: string
          format: uuid
          readOnly: true
      required:
      - avatar
      - groups_obj
      - is_superuser
      - name
      - pk
      - uid
      - username
      - uuid
    UserAccountRequest:
      type: object
      description: Account adding/removing operations
      properties:
        pk:
          type: integer
      required:
      - pk
    UserAssignedObjectPermission:
      type: object
      description: Users assigned object permission serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        username:
          type: string
          description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
            only.
          pattern: ^[\w.@+-]+$
          maxLength: 150
        name:
          type: string
          description: User's display name.
        is_active:
          type: boolean
          title: Active
          description: Designates whether this user should be treated as active. Unselect
            this instead of deleting accounts.
        last_login:
          type: string
          format: date-time
          nullable: true
        email:
          type: string
          format: email
          title: Email address
          maxLength: 254
        attributes:
          type: object
          additionalProperties: {}
        uid:
          type: string
          readOnly: true
        permissions:
          type: array
          items:
            $ref: '#/components/schemas/UserObjectPermission'
        is_superuser:
          type: boolean
      required:
      - is_superuser
      - name
      - permissions
      - pk
      - uid
      - username
    UserConsent:
      type: object
      description: UserConsent Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        expires:
          type: string
          format: date-time
        user:
          $ref: '#/components/schemas/User'
        application:
          $ref: '#/components/schemas/Application'
        permissions:
          type: string
          default: ''
      required:
      - application
      - pk
      - user
    UserCreationModeEnum:
      enum:
      - never_create
      - create_when_required
      - always_create
      type: string
      description: |-
        * `never_create` - Never Create
        * `create_when_required` - Create When Required
        * `always_create` - Always Create
    UserDeleteStage:
      type: object
      description: UserDeleteStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    UserDeleteStageRequest:
      type: object
      description: UserDeleteStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
      required:
      - name
    UserFieldsEnum:
      enum:
      - email
      - username
      - upn
      type: string
      description: |-
        * `email` - E Mail
        * `username` - Username
        * `upn` - Upn
    UserGroup:
      type: object
      description: Simplified Group Serializer for user's groups
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Group uuid
        num_pk:
          type: integer
          description: Get a numerical, int32 ID for the group
          readOnly: true
        name:
          type: string
          maxLength: 80
        is_superuser:
          type: boolean
          description: Users added to this group will be superusers.
        parent:
          type: string
          format: uuid
          nullable: true
        parent_name:
          type: string
          readOnly: true
        attributes:
          type: object
          additionalProperties: {}
      required:
      - name
      - num_pk
      - parent_name
      - pk
    UserGroupRequest:
      type: object
      description: Simplified Group Serializer for user's groups
      properties:
        name:
          type: string
          minLength: 1
          maxLength: 80
        is_superuser:
          type: boolean
          description: Users added to this group will be superusers.
        parent:
          type: string
          format: uuid
          nullable: true
        attributes:
          type: object
          additionalProperties: {}
      required:
      - name
    UserLoginChallenge:
      type: object
      description: Empty challenge
      properties:
        type:
          $ref: '#/components/schemas/ChallengeChoices'
        flow_info:
          $ref: '#/components/schemas/ContextualFlowInfo'
        component:
          type: string
          default: ak-stage-user-login
        response_errors:
          type: object
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/ErrorDetail'
        pending_user:
          type: string
        pending_user_avatar:
          type: string
      required:
      - pending_user
      - pending_user_avatar
      - type
    UserLoginChallengeResponseRequest:
      type: object
      description: User login challenge
      properties:
        component:
          type: string
          minLength: 1
          default: ak-stage-user-login
        remember_me:
          type: boolean
      required:
      - remember_me
    UserLoginStage:
      type: object
      description: UserLoginStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        session_duration:
          type: string
          description: 'Determines how long a session lasts. Default of 0 means that
            the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
        terminate_other_sessions:
          type: boolean
          description: Terminate all other sessions of the user logging in.
        remember_me_offset:
          type: string
          description: 'Offset the session will be extended by when the user picks
            the remember me option. Default of 0 means that the remember me option
            will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    UserLoginStageRequest:
      type: object
      description: UserLoginStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        session_duration:
          type: string
          minLength: 1
          description: 'Determines how long a session lasts. Default of 0 means that
            the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
        terminate_other_sessions:
          type: boolean
          description: Terminate all other sessions of the user logging in.
        remember_me_offset:
          type: string
          minLength: 1
          description: 'Offset the session will be extended by when the user picks
            the remember me option. Default of 0 means that the remember me option
            will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
      required:
      - name
    UserLogoutStage:
      type: object
      description: UserLogoutStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    UserLogoutStageRequest:
      type: object
      description: UserLogoutStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
      required:
      - name
    UserMatchingModeEnum:
      enum:
      - identifier
      - email_link
      - email_deny
      - username_link
      - username_deny
      type: string
      description: |-
        * `identifier` - Use the source-specific identifier
        * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
        * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
        * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
        * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
    UserMetrics:
      type: object
      description: User Metrics
      properties:
        logins:
          type: array
          items:
            $ref: '#/components/schemas/Coordinate'
          readOnly: true
        logins_failed:
          type: array
          items:
            $ref: '#/components/schemas/Coordinate'
          readOnly: true
        authorizations:
          type: array
          items:
            $ref: '#/components/schemas/Coordinate'
          readOnly: true
      required:
      - authorizations
      - logins
      - logins_failed
    UserOAuthSourceConnection:
      type: object
      description: OAuth Source Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        user:
          type: integer
        source:
          allOf:
          - $ref: '#/components/schemas/Source'
          readOnly: true
        identifier:
          type: string
          maxLength: 255
      required:
      - identifier
      - pk
      - source
      - user
    UserOAuthSourceConnectionRequest:
      type: object
      description: OAuth Source Serializer
      properties:
        user:
          type: integer
        identifier:
          type: string
          minLength: 1
          maxLength: 255
        access_token:
          type: string
          writeOnly: true
          nullable: true
      required:
      - identifier
      - user
    UserObjectPermission:
      type: object
      description: User-bound object level permission
      properties:
        id:
          type: integer
          readOnly: true
        codename:
          type: string
          readOnly: true
        model:
          type: string
          title: Python model class name
          readOnly: true
        app_label:
          type: string
          readOnly: true
        object_pk:
          type: string
          title: Object ID
          readOnly: true
        name:
          type: string
          readOnly: true
      required:
      - app_label
      - codename
      - id
      - model
      - name
      - object_pk
    UserPasswordSetRequest:
      type: object
      properties:
        password:
          type: string
          minLength: 1
      required:
      - password
    UserPath:
      type: object
      properties:
        paths:
          type: array
          items:
            type: string
          readOnly: true
      required:
      - paths
    UserRequest:
      type: object
      description: User Serializer
      properties:
        username:
          type: string
          minLength: 1
          maxLength: 150
        name:
          type: string
          description: User's display name.
        is_active:
          type: boolean
          title: Active
          description: Designates whether this user should be treated as active. Unselect
            this instead of deleting accounts.
        last_login:
          type: string
          format: date-time
          nullable: true
        groups:
          type: array
          items:
            type: string
            format: uuid
        email:
          type: string
          format: email
          title: Email address
          maxLength: 254
        attributes:
          type: object
          additionalProperties: {}
        path:
          type: string
          minLength: 1
        type:
          $ref: '#/components/schemas/UserTypeEnum'
      required:
      - name
      - username
    UserSAMLSourceConnection:
      type: object
      description: SAML Source Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        user:
          type: integer
        source:
          allOf:
          - $ref: '#/components/schemas/Source'
          readOnly: true
        identifier:
          type: string
      required:
      - identifier
      - pk
      - source
      - user
    UserSAMLSourceConnectionRequest:
      type: object
      description: SAML Source Serializer
      properties:
        user:
          type: integer
        identifier:
          type: string
          minLength: 1
      required:
      - identifier
      - user
    UserSelf:
      type: object
      description: User Serializer for information a user can retrieve about themselves
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        username:
          type: string
          description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
            only.
          pattern: ^[\w.@+-]+$
          maxLength: 150
        name:
          type: string
          description: User's display name.
        is_active:
          type: boolean
          readOnly: true
          title: Active
          description: Designates whether this user should be treated as active. Unselect
            this instead of deleting accounts.
        is_superuser:
          type: boolean
          readOnly: true
        groups:
          type: array
          items:
            $ref: '#/components/schemas/UserSelfGroups'
          readOnly: true
        email:
          type: string
          format: email
          title: Email address
          maxLength: 254
        avatar:
          type: string
          readOnly: true
        uid:
          type: string
          readOnly: true
        settings:
          type: object
          additionalProperties: {}
          description: Get user settings with tenant and group settings applied
          readOnly: true
        type:
          $ref: '#/components/schemas/UserTypeEnum'
        system_permissions:
          type: array
          items:
            type: string
          description: Get all system permissions assigned to the user
          readOnly: true
      required:
      - avatar
      - groups
      - is_active
      - is_superuser
      - name
      - pk
      - settings
      - system_permissions
      - uid
      - username
    UserSelfGroups:
      type: object
      properties:
        name:
          type: string
          readOnly: true
        pk:
          type: string
          readOnly: true
      required:
      - name
      - pk
    UserServiceAccountRequest:
      type: object
      properties:
        name:
          type: string
          minLength: 1
        create_group:
          type: boolean
          default: false
        expiring:
          type: boolean
          default: true
        expires:
          type: string
          format: date-time
          description: If not provided, valid for 360 days
      required:
      - name
    UserServiceAccountResponse:
      type: object
      properties:
        username:
          type: string
        token:
          type: string
        user_uid:
          type: string
        user_pk:
          type: integer
        group_pk:
          type: string
      required:
      - token
      - user_pk
      - user_uid
      - username
    UserSetting:
      type: object
      description: Serializer for User settings for stages and sources
      properties:
        object_uid:
          type: string
        component:
          type: string
        title:
          type: string
        configure_url:
          type: string
        icon_url:
          type: string
      required:
      - component
      - object_uid
      - title
    UserSourceConnection:
      type: object
      description: OAuth Source Serializer
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        user:
          type: integer
          readOnly: true
        source:
          allOf:
          - $ref: '#/components/schemas/Source'
          readOnly: true
        created:
          type: string
          format: date-time
          readOnly: true
      required:
      - created
      - pk
      - source
      - user
    UserTypeEnum:
      enum:
      - internal
      - external
      - service_account
      - internal_service_account
      type: string
      description: |-
        * `internal` - Internal
        * `external` - External
        * `service_account` - Service Account
        * `internal_service_account` - Internal Service Account
    UserVerificationEnum:
      enum:
      - required
      - preferred
      - discouraged
      type: string
      description: |-
        * `required` - Required
        * `preferred` - Preferred
        * `discouraged` - Discouraged
    UserWriteStage:
      type: object
      description: UserWriteStage Serializer
      properties:
        pk:
          type: string
          format: uuid
          readOnly: true
          title: Stage uuid
        name:
          type: string
        component:
          type: string
          description: Get object type so that we know how to edit the object
          readOnly: true
        verbose_name:
          type: string
          description: Return object's verbose_name
          readOnly: true
        verbose_name_plural:
          type: string
          description: Return object's plural verbose_name
          readOnly: true
        meta_model_name:
          type: string
          description: Return internal model name
          readOnly: true
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSet'
        user_creation_mode:
          $ref: '#/components/schemas/UserCreationModeEnum'
        create_users_as_inactive:
          type: boolean
          description: When set, newly created users are inactive and cannot login.
        create_users_group:
          type: string
          format: uuid
          nullable: true
          description: Optionally add newly created users to this group.
        user_type:
          $ref: '#/components/schemas/UserTypeEnum'
        user_path_template:
          type: string
      required:
      - component
      - meta_model_name
      - name
      - pk
      - verbose_name
      - verbose_name_plural
    UserWriteStageRequest:
      type: object
      description: UserWriteStage Serializer
      properties:
        name:
          type: string
          minLength: 1
        flow_set:
          type: array
          items:
            $ref: '#/components/schemas/FlowSetRequest'
        user_creation_mode:
          $ref: '#/components/schemas/UserCreationModeEnum'
        create_users_as_inactive:
          type: boolean
          description: When set, newly created users are inactive and cannot login.
        create_users_group:
          type: string
          format: uuid
          nullable: true
          description: Optionally add newly created users to this group.
        user_type:
          $ref: '#/components/schemas/UserTypeEnum'
        user_path_template:
          type: string
      required:
      - name
    ValidationError:
      type: object
      description: Validation Error
      properties:
        non_field_errors:
          type: array
          items:
            type: string
        code:
          type: string
      additionalProperties: {}
    Version:
      type: object
      description: Get running and latest version.
      properties:
        version_current:
          type: string
          description: Get current version
          readOnly: true
        version_latest:
          type: string
          description: Get latest version from cache
          readOnly: true
        build_hash:
          type: string
          description: Get build hash, if version is not latest or released
          readOnly: true
        outdated:
          type: boolean
          description: Check if we're running the latest version
          readOnly: true
      required:
      - build_hash
      - outdated
      - version_current
      - version_latest
    WebAuthnDevice:
      type: object
      description: Serializer for WebAuthn authenticator devices
      properties:
        pk:
          type: integer
          readOnly: true
          title: ID
        name:
          type: string
          maxLength: 200
        created_on:
          type: string
          format: date-time
          readOnly: true
      required:
      - created_on
      - name
      - pk
    WebAuthnDeviceRequest:
      type: object
      description: Serializer for WebAuthn authenticator devices
      properties:
        name:
          type: string
          minLength: 1
          maxLength: 200
      required:
      - name
    Workers:
      type: object
      properties:
        count:
          type: integer
      required:
      - count
    modelRequest:
      oneOf:
      - $ref: '#/components/schemas/LDAPProviderRequest'
      - $ref: '#/components/schemas/OAuth2ProviderRequest'
      - $ref: '#/components/schemas/ProxyProviderRequest'
      - $ref: '#/components/schemas/RadiusProviderRequest'
      - $ref: '#/components/schemas/SAMLProviderRequest'
      - $ref: '#/components/schemas/SCIMProviderRequest'
      discriminator:
        propertyName: provider_model
        mapping:
          authentik_providers_ldap.ldapprovider: '#/components/schemas/LDAPProviderRequest'
          authentik_providers_oauth2.oauth2provider: '#/components/schemas/OAuth2ProviderRequest'
          authentik_providers_proxy.proxyprovider: '#/components/schemas/ProxyProviderRequest'
          authentik_providers_radius.radiusprovider: '#/components/schemas/RadiusProviderRequest'
          authentik_providers_saml.samlprovider: '#/components/schemas/SAMLProviderRequest'
          authentik_providers_scim.scimprovider: '#/components/schemas/SCIMProviderRequest'
  securitySchemes:
    authentik:
      type: apiKey
      in: header
      name: Authorization
      scheme: bearer
servers:
- url: /api/v3/