43132 lines
1.2 MiB
43132 lines
1.2 MiB
openapi: 3.0.3
|
|
info:
|
|
title: authentik
|
|
version: 2023.10.3
|
|
description: Making authentication simple.
|
|
contact:
|
|
email: hello@goauthentik.io
|
|
license:
|
|
name: MIT
|
|
url: https://github.com/goauthentik/authentik/blob/main/LICENSE
|
|
paths:
|
|
/admin/apps/:
|
|
get:
|
|
operationId: admin_apps_list
|
|
description: Read-only view list all installed apps
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/App'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/admin/metrics/:
|
|
get:
|
|
operationId: admin_metrics_retrieve
|
|
description: Login Metrics per 1h
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LoginMetrics'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/admin/models/:
|
|
get:
|
|
operationId: admin_models_list
|
|
description: Read-only view list all installed models
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/App'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/admin/settings/:
|
|
get:
|
|
operationId: admin_settings_retrieve
|
|
description: Settings view
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Settings'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: admin_settings_update
|
|
description: Settings view
|
|
tags:
|
|
- admin
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SettingsRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Settings'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: admin_settings_partial_update
|
|
description: Settings view
|
|
tags:
|
|
- admin
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSettingsRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Settings'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/admin/system/:
|
|
get:
|
|
operationId: admin_system_retrieve
|
|
description: Get system information.
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SystemInfo'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: admin_system_create
|
|
description: Get system information.
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SystemInfo'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/admin/system_tasks/:
|
|
get:
|
|
operationId: admin_system_tasks_list
|
|
description: List system tasks
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Task'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/admin/system_tasks/{id}/:
|
|
get:
|
|
operationId: admin_system_tasks_retrieve
|
|
description: Get a single system task
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Task'
|
|
description: ''
|
|
'404':
|
|
description: Task not found
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/admin/system_tasks/{id}/retry/:
|
|
post:
|
|
operationId: admin_system_tasks_retry_create
|
|
description: Retry task
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Task retried successfully
|
|
'404':
|
|
description: Task not found
|
|
'500':
|
|
description: Failed to retry task
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/admin/version/:
|
|
get:
|
|
operationId: admin_version_retrieve
|
|
description: Get running and latest version.
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Version'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/admin/workers/:
|
|
get:
|
|
operationId: admin_workers_retrieve
|
|
description: Get currently connected worker count.
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Workers'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/admin/all/:
|
|
get:
|
|
operationId: authenticators_admin_all_list
|
|
description: Get all devices for current user
|
|
parameters:
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Device'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/admin/duo/:
|
|
get:
|
|
operationId: authenticators_admin_duo_list
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDuoDeviceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: authenticators_admin_duo_create
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/admin/duo/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_duo_retrieve
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: authenticators_admin_duo_update
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: authenticators_admin_duo_partial_update
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDuoDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: authenticators_admin_duo_destroy
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/admin/sms/:
|
|
get:
|
|
operationId: authenticators_admin_sms_list
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSMSDeviceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: authenticators_admin_sms_create
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/admin/sms/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_sms_retrieve
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: authenticators_admin_sms_update
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: authenticators_admin_sms_partial_update
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSMSDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: authenticators_admin_sms_destroy
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/admin/static/:
|
|
get:
|
|
operationId: authenticators_admin_static_list
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedStaticDeviceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: authenticators_admin_static_create
|
|
description: Viewset for static authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/admin/static/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_static_retrieve
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: authenticators_admin_static_update
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: authenticators_admin_static_partial_update
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedStaticDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: authenticators_admin_static_destroy
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/admin/totp/:
|
|
get:
|
|
operationId: authenticators_admin_totp_list
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTOTPDeviceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: authenticators_admin_totp_create
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/admin/totp/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_totp_retrieve
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: authenticators_admin_totp_update
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: authenticators_admin_totp_partial_update
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTOTPDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: authenticators_admin_totp_destroy
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/admin/webauthn/:
|
|
get:
|
|
operationId: authenticators_admin_webauthn_list
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: authenticators_admin_webauthn_create
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/admin/webauthn/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_webauthn_retrieve
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: authenticators_admin_webauthn_update
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: authenticators_admin_webauthn_partial_update
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: authenticators_admin_webauthn_destroy
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/all/:
|
|
get:
|
|
operationId: authenticators_all_list
|
|
description: Get all devices for current user
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Device'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/duo/:
|
|
get:
|
|
operationId: authenticators_duo_list
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDuoDeviceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/duo/{id}/:
|
|
get:
|
|
operationId: authenticators_duo_retrieve
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: authenticators_duo_update
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: authenticators_duo_partial_update
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDuoDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: authenticators_duo_destroy
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/duo/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_duo_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/sms/:
|
|
get:
|
|
operationId: authenticators_sms_list
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSMSDeviceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/sms/{id}/:
|
|
get:
|
|
operationId: authenticators_sms_retrieve
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: authenticators_sms_update
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: authenticators_sms_partial_update
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSMSDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: authenticators_sms_destroy
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/sms/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_sms_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/static/:
|
|
get:
|
|
operationId: authenticators_static_list
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedStaticDeviceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/static/{id}/:
|
|
get:
|
|
operationId: authenticators_static_retrieve
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: authenticators_static_update
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: authenticators_static_partial_update
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedStaticDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: authenticators_static_destroy
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/static/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_static_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/totp/:
|
|
get:
|
|
operationId: authenticators_totp_list
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTOTPDeviceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/totp/{id}/:
|
|
get:
|
|
operationId: authenticators_totp_retrieve
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: authenticators_totp_update
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: authenticators_totp_partial_update
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTOTPDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: authenticators_totp_destroy
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/totp/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_totp_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/webauthn/:
|
|
get:
|
|
operationId: authenticators_webauthn_list
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/webauthn/{id}/:
|
|
get:
|
|
operationId: authenticators_webauthn_retrieve
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: authenticators_webauthn_update
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: authenticators_webauthn_partial_update
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: authenticators_webauthn_destroy
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/authenticators/webauthn/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_webauthn_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/applications/:
|
|
get:
|
|
operationId: core_applications_list
|
|
description: Custom list method that checks Policy based access instead of guardian
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: meta_description
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: meta_launch_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: meta_publisher
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: superuser_full_list
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedApplicationList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: core_applications_create
|
|
description: Application Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/applications/{slug}/:
|
|
get:
|
|
operationId: core_applications_retrieve
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: core_applications_update
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: core_applications_partial_update
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedApplicationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: core_applications_destroy
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/applications/{slug}/check_access/:
|
|
get:
|
|
operationId: core_applications_check_access_retrieve
|
|
description: Check access to a single application by slug
|
|
parameters:
|
|
- in: query
|
|
name: for_user
|
|
schema:
|
|
type: integer
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyTestResult'
|
|
description: ''
|
|
'404':
|
|
description: for_user user not found
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/applications/{slug}/metrics/:
|
|
get:
|
|
operationId: core_applications_metrics_list
|
|
description: Metrics for application logins
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Coordinate'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/applications/{slug}/set_icon/:
|
|
post:
|
|
operationId: core_applications_set_icon_create
|
|
description: Set application icon
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
multipart/form-data:
|
|
schema:
|
|
$ref: '#/components/schemas/FileUploadRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
description: Success
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/applications/{slug}/set_icon_url/:
|
|
post:
|
|
operationId: core_applications_set_icon_url_create
|
|
description: Set application icon (as URL)
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FilePathRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
description: Success
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/applications/{slug}/used_by/:
|
|
get:
|
|
operationId: core_applications_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/authenticated_sessions/:
|
|
get:
|
|
operationId: core_authenticated_sessions_list
|
|
description: AuthenticatedSession Viewset
|
|
parameters:
|
|
- in: query
|
|
name: last_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: last_user_agent
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatedSessionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/authenticated_sessions/{uuid}/:
|
|
get:
|
|
operationId: core_authenticated_sessions_retrieve
|
|
description: AuthenticatedSession Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticated Session.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatedSession'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: core_authenticated_sessions_destroy
|
|
description: AuthenticatedSession Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticated Session.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/authenticated_sessions/{uuid}/used_by/:
|
|
get:
|
|
operationId: core_authenticated_sessions_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticated Session.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/brands/:
|
|
get:
|
|
operationId: core_brands_list
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: query
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: branding_favicon
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: branding_logo
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: branding_title
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: default
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: domain
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: event_retention
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: flow_authentication
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_device_code
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_invalidation
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_recovery
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_unenrollment
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_user_settings
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: web_certificate
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedBrandList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: core_brands_create
|
|
description: Brand Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BrandRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/brands/{brand_uuid}/:
|
|
get:
|
|
operationId: core_brands_retrieve
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: core_brands_update
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BrandRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: core_brands_partial_update
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedBrandRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: core_brands_destroy
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/brands/{brand_uuid}/used_by/:
|
|
get:
|
|
operationId: core_brands_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/brands/current/:
|
|
get:
|
|
operationId: core_brands_current_retrieve
|
|
description: Get current brand
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CurrentBrand'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/groups/:
|
|
get:
|
|
operationId: core_groups_list
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: query
|
|
name: attributes
|
|
schema:
|
|
type: string
|
|
description: Attributes
|
|
- in: query
|
|
name: is_superuser
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: members_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: members_by_username
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: core_groups_create
|
|
description: Group Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/groups/{group_uuid}/:
|
|
get:
|
|
operationId: core_groups_retrieve
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: core_groups_update
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: core_groups_partial_update
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: core_groups_destroy
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/groups/{group_uuid}/add_user/:
|
|
post:
|
|
operationId: core_groups_add_user_create
|
|
description: Add user to group
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserAccountRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: User added
|
|
'404':
|
|
description: User not found
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/groups/{group_uuid}/remove_user/:
|
|
post:
|
|
operationId: core_groups_remove_user_create
|
|
description: Add user to group
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserAccountRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: User added
|
|
'404':
|
|
description: User not found
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/groups/{group_uuid}/used_by/:
|
|
get:
|
|
operationId: core_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/tokens/:
|
|
get:
|
|
operationId: core_tokens_list
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: query
|
|
name: description
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: expires
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: expiring
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: intent
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- api
|
|
- app_password
|
|
- recovery
|
|
- verification
|
|
description: |-
|
|
* `verification` - Intent Verification
|
|
* `api` - Intent Api
|
|
* `recovery` - Intent Recovery
|
|
* `app_password` - Intent App Password
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTokenList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: core_tokens_create
|
|
description: Token Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/tokens/{identifier}/:
|
|
get:
|
|
operationId: core_tokens_retrieve
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: core_tokens_update
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: core_tokens_partial_update
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTokenRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: core_tokens_destroy
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/tokens/{identifier}/set_key/:
|
|
post:
|
|
operationId: core_tokens_set_key_create
|
|
description: |-
|
|
Set token key. Action is logged as event. `authentik_core.set_token_key` permission
|
|
is required.
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenSetKeyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully changed key
|
|
'400':
|
|
description: Missing key
|
|
'404':
|
|
description: Token not found or expired
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/tokens/{identifier}/used_by/:
|
|
get:
|
|
operationId: core_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/tokens/{identifier}/view_key/:
|
|
get:
|
|
operationId: core_tokens_view_key_retrieve
|
|
description: Return token key and log access
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenView'
|
|
description: ''
|
|
'404':
|
|
description: Token not found or expired
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/transactional/applications/:
|
|
put:
|
|
operationId: core_transactional_applications_update
|
|
description: Convert data into a blueprint, validate it and apply it
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TransactionApplicationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TransactionApplicationResponse'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/user_consent/:
|
|
get:
|
|
operationId: core_user_consent_list
|
|
description: UserConsent Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserConsentList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/user_consent/{id}/:
|
|
get:
|
|
operationId: core_user_consent_retrieve
|
|
description: UserConsent Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Consent.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserConsent'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: core_user_consent_destroy
|
|
description: UserConsent Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Consent.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/user_consent/{id}/used_by/:
|
|
get:
|
|
operationId: core_user_consent_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Consent.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/:
|
|
get:
|
|
operationId: core_users_list
|
|
description: User Viewset
|
|
parameters:
|
|
- in: query
|
|
name: attributes
|
|
schema:
|
|
type: string
|
|
description: Attributes
|
|
- in: query
|
|
name: email
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: groups_by_name
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: groups_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: is_active
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: is_superuser
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: path
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: path_startswith
|
|
schema:
|
|
type: string
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: type
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
enum:
|
|
- external
|
|
- internal
|
|
- internal_service_account
|
|
- service_account
|
|
description: |-
|
|
* `internal` - Internal
|
|
* `external` - External
|
|
* `service_account` - Service Account
|
|
* `internal_service_account` - Internal Service Account
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: core_users_create
|
|
description: User Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/{id}/:
|
|
get:
|
|
operationId: core_users_retrieve
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: core_users_update
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: core_users_partial_update
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: core_users_destroy
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/{id}/impersonate/:
|
|
post:
|
|
operationId: core_users_impersonate_create
|
|
description: Impersonate a user
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully started impersonation
|
|
'401':
|
|
description: Access denied
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/{id}/metrics/:
|
|
get:
|
|
operationId: core_users_metrics_retrieve
|
|
description: User metrics per 1h
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserMetrics'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/{id}/recovery/:
|
|
get:
|
|
operationId: core_users_recovery_retrieve
|
|
description: Create a temporary link that a user can use to recover their accounts
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Link'
|
|
description: ''
|
|
'404':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Link'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/{id}/recovery_email/:
|
|
get:
|
|
operationId: core_users_recovery_email_retrieve
|
|
description: Create a temporary link that a user can use to recover their accounts
|
|
parameters:
|
|
- in: query
|
|
name: email_stage
|
|
schema:
|
|
type: string
|
|
required: true
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully sent recover email
|
|
'404':
|
|
description: Bad request
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/{id}/set_password/:
|
|
post:
|
|
operationId: core_users_set_password_create
|
|
description: Set password for user
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPasswordSetRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully changed password
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/{id}/used_by/:
|
|
get:
|
|
operationId: core_users_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/impersonate_end/:
|
|
get:
|
|
operationId: core_users_impersonate_end_retrieve
|
|
description: End Impersonation a user
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully started impersonation
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/me/:
|
|
get:
|
|
operationId: core_users_me_retrieve
|
|
description: Get information about current user
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SessionUser'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/paths/:
|
|
get:
|
|
operationId: core_users_paths_retrieve
|
|
description: Get all user paths
|
|
parameters:
|
|
- in: query
|
|
name: search
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPath'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/core/users/service_account/:
|
|
post:
|
|
operationId: core_users_service_account_create
|
|
description: Create a new user account that is marked as a service account
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserServiceAccountRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserServiceAccountResponse'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/crypto/certificatekeypairs/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_list
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: query
|
|
name: has_key
|
|
schema:
|
|
type: boolean
|
|
description: Only return certificate-key pairs with keys
|
|
- in: query
|
|
name: include_details
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedCertificateKeyPairList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: crypto_certificatekeypairs_create
|
|
description: CertificateKeyPair Viewset
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPairRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/crypto/certificatekeypairs/{kp_uuid}/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_retrieve
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: crypto_certificatekeypairs_update
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPairRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: crypto_certificatekeypairs_partial_update
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedCertificateKeyPairRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: crypto_certificatekeypairs_destroy
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/crypto/certificatekeypairs/{kp_uuid}/used_by/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/crypto/certificatekeypairs/{kp_uuid}/view_certificate/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_view_certificate_retrieve
|
|
description: Return certificate-key pairs certificate and log access
|
|
parameters:
|
|
- in: query
|
|
name: download
|
|
schema:
|
|
type: boolean
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateData'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/crypto/certificatekeypairs/{kp_uuid}/view_private_key/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_view_private_key_retrieve
|
|
description: Return certificate-key pairs private key and log access
|
|
parameters:
|
|
- in: query
|
|
name: download
|
|
schema:
|
|
type: boolean
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateData'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/crypto/certificatekeypairs/generate/:
|
|
post:
|
|
operationId: crypto_certificatekeypairs_generate_create
|
|
description: Generate a new, self-signed certificate-key pair
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateGenerationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/enterprise/license/:
|
|
get:
|
|
operationId: enterprise_license_list
|
|
description: License Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLicenseList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: enterprise_license_create
|
|
description: License Viewset
|
|
tags:
|
|
- enterprise
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/enterprise/license/{license_uuid}/:
|
|
get:
|
|
operationId: enterprise_license_retrieve
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: enterprise_license_update
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: enterprise_license_partial_update
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLicenseRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: enterprise_license_destroy
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/enterprise/license/{license_uuid}/used_by/:
|
|
get:
|
|
operationId: enterprise_license_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/enterprise/license/forecast/:
|
|
get:
|
|
operationId: enterprise_license_forecast_retrieve
|
|
description: Forecast how many users will be required in a year
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseForecast'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/enterprise/license/get_install_id/:
|
|
get:
|
|
operationId: enterprise_license_get_install_id_retrieve
|
|
description: Get install_id
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InstallID'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/enterprise/license/summary/:
|
|
get:
|
|
operationId: enterprise_license_summary_retrieve
|
|
description: Get the total license status
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseSummary'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/events/:
|
|
get:
|
|
operationId: events_events_list
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: brand_name
|
|
schema:
|
|
type: string
|
|
description: Brand name
|
|
- in: query
|
|
name: client_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: context_authorized_app
|
|
schema:
|
|
type: string
|
|
description: Context Authorized application
|
|
- in: query
|
|
name: context_model_app
|
|
schema:
|
|
type: string
|
|
description: Context Model App
|
|
- in: query
|
|
name: context_model_name
|
|
schema:
|
|
type: string
|
|
description: Context Model Name
|
|
- in: query
|
|
name: context_model_pk
|
|
schema:
|
|
type: string
|
|
description: Context Model Primary Key
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
description: Username
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEventList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: events_events_create
|
|
description: Event Read-Only Viewset
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/events/{event_uuid}/:
|
|
get:
|
|
operationId: events_events_retrieve
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: events_events_update
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: events_events_partial_update
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEventRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: events_events_destroy
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/events/actions/:
|
|
get:
|
|
operationId: events_events_actions_list
|
|
description: Get all actions
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/events/per_month/:
|
|
get:
|
|
operationId: events_events_per_month_list
|
|
description: Get the count of events per month
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: query
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Coordinate'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/events/top_per_user/:
|
|
get:
|
|
operationId: events_events_top_per_user_list
|
|
description: Get the top_n events grouped by user count
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: top_n
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventTopPerUser'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/notifications/:
|
|
get:
|
|
operationId: events_notifications_list
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: query
|
|
name: body
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: event
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: seen
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: severity
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- alert
|
|
- notice
|
|
- warning
|
|
description: |-
|
|
* `notice` - Notice
|
|
* `warning` - Warning
|
|
* `alert` - Alert
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/notifications/{uuid}/:
|
|
get:
|
|
operationId: events_notifications_retrieve
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Notification'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: events_notifications_update
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Notification'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: events_notifications_partial_update
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Notification'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: events_notifications_destroy
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/notifications/{uuid}/used_by/:
|
|
get:
|
|
operationId: events_notifications_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/notifications/mark_all_seen/:
|
|
post:
|
|
operationId: events_notifications_mark_all_seen_create
|
|
description: Mark all the user's notifications as seen
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Marked tasks as read successfully.
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/rules/:
|
|
get:
|
|
operationId: events_rules_list
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group__name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: severity
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- alert
|
|
- notice
|
|
- warning
|
|
description: |-
|
|
Controls which severity level the created notifications will have.
|
|
|
|
* `notice` - Notice
|
|
* `warning` - Warning
|
|
* `alert` - Alert
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationRuleList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: events_rules_create
|
|
description: NotificationRule Viewset
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRuleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/rules/{pbm_uuid}/:
|
|
get:
|
|
operationId: events_rules_retrieve
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: events_rules_update
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRuleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: events_rules_partial_update
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationRuleRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: events_rules_destroy
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/rules/{pbm_uuid}/used_by/:
|
|
get:
|
|
operationId: events_rules_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/transports/:
|
|
get:
|
|
operationId: events_transports_list
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: query
|
|
name: mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- email
|
|
- local
|
|
- webhook
|
|
- webhook_slack
|
|
description: |-
|
|
* `local` - authentik inbuilt notifications
|
|
* `webhook` - Generic Webhook
|
|
* `webhook_slack` - Slack Webhook (Slack/Discord)
|
|
* `email` - Email
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: send_once
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: webhook_url
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationTransportList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: events_transports_create
|
|
description: NotificationTransport Viewset
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/transports/{uuid}/:
|
|
get:
|
|
operationId: events_transports_retrieve
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: events_transports_update
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: events_transports_partial_update
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationTransportRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: events_transports_destroy
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/transports/{uuid}/test/:
|
|
post:
|
|
operationId: events_transports_test_create
|
|
description: |-
|
|
Send example notification using selected transport. Requires
|
|
Modify permissions.
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransportTest'
|
|
description: ''
|
|
'500':
|
|
description: Failed to test transport
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/events/transports/{uuid}/used_by/:
|
|
get:
|
|
operationId: events_transports_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/bindings/:
|
|
get:
|
|
operationId: flows_bindings_list
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: query
|
|
name: evaluate_on_plan
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: invalid_response_action
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- restart
|
|
- restart_with_context
|
|
- retry
|
|
description: |-
|
|
Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
|
|
|
|
* `retry` - Retry
|
|
* `restart` - Restart
|
|
* `restart_with_context` - Restart With Context
|
|
- in: query
|
|
name: order
|
|
schema:
|
|
type: integer
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policies
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- all
|
|
- any
|
|
description: |-
|
|
* `all` - all, all policies must pass
|
|
* `any` - any, any policy must pass
|
|
- in: query
|
|
name: re_evaluate_policies
|
|
schema:
|
|
type: boolean
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: target
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedFlowStageBindingList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: flows_bindings_create
|
|
description: FlowStageBinding Viewset
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/bindings/{fsb_uuid}/:
|
|
get:
|
|
operationId: flows_bindings_retrieve
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: flows_bindings_update
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: flows_bindings_partial_update
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedFlowStageBindingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: flows_bindings_destroy
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/bindings/{fsb_uuid}/used_by/:
|
|
get:
|
|
operationId: flows_bindings_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/executor/{flow_slug}/:
|
|
get:
|
|
operationId: flows_executor_get
|
|
description: Get the next pending challenge from the currently active flow.
|
|
parameters:
|
|
- in: path
|
|
name: flow_slug
|
|
schema:
|
|
type: string
|
|
required: true
|
|
- in: query
|
|
name: query
|
|
schema:
|
|
type: string
|
|
description: Querystring as received
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ChallengeTypes'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: flows_executor_solve
|
|
description: Solve the previously retrieved challenge and advanced to the next
|
|
stage.
|
|
parameters:
|
|
- in: path
|
|
name: flow_slug
|
|
schema:
|
|
type: string
|
|
required: true
|
|
- in: query
|
|
name: query
|
|
schema:
|
|
type: string
|
|
description: Querystring as received
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowChallengeResponseRequest'
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ChallengeTypes'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/inspector/{flow_slug}/:
|
|
get:
|
|
operationId: flows_inspector_get
|
|
description: Get current flow state and record it
|
|
parameters:
|
|
- in: path
|
|
name: flow_slug
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowInspection'
|
|
description: ''
|
|
'400':
|
|
description: No flow plan in session.
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/instances/:
|
|
get:
|
|
operationId: flows_instances_list
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: query
|
|
name: denied_action
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- continue
|
|
- message
|
|
- message_continue
|
|
description: |-
|
|
Configure what should happen when a flow denies access to a user.
|
|
|
|
* `message_continue` - Message Continue
|
|
* `message` - Message
|
|
* `continue` - Continue
|
|
- in: query
|
|
name: designation
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- authentication
|
|
- authorization
|
|
- enrollment
|
|
- invalidation
|
|
- recovery
|
|
- stage_configuration
|
|
- unenrollment
|
|
description: |-
|
|
Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
|
|
|
|
* `authentication` - Authentication
|
|
* `authorization` - Authorization
|
|
* `invalidation` - Invalidation
|
|
* `enrollment` - Enrollment
|
|
* `unenrollment` - Unrenollment
|
|
* `recovery` - Recovery
|
|
* `stage_configuration` - Stage Configuration
|
|
- in: query
|
|
name: flow_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedFlowList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: flows_instances_create
|
|
description: Flow Viewset
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/instances/{slug}/:
|
|
get:
|
|
operationId: flows_instances_retrieve
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: flows_instances_update
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: flows_instances_partial_update
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedFlowRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: flows_instances_destroy
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/instances/{slug}/diagram/:
|
|
get:
|
|
operationId: flows_instances_diagram_retrieve
|
|
description: Return diagram for flow with slug `slug`, in the format used by
|
|
flowchart.js
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowDiagram'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/instances/{slug}/execute/:
|
|
get:
|
|
operationId: flows_instances_execute_retrieve
|
|
description: Execute flow for current user
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Link'
|
|
description: ''
|
|
'400':
|
|
description: Flow not applicable
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/instances/{slug}/export/:
|
|
get:
|
|
operationId: flows_instances_export_retrieve
|
|
description: Export flow to .yaml file
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
format: binary
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/instances/{slug}/set_background/:
|
|
post:
|
|
operationId: flows_instances_set_background_create
|
|
description: Set Flow background
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
multipart/form-data:
|
|
schema:
|
|
$ref: '#/components/schemas/FileUploadRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
description: Success
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/instances/{slug}/set_background_url/:
|
|
post:
|
|
operationId: flows_instances_set_background_url_create
|
|
description: Set Flow background (as URL)
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FilePathRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
description: Success
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/instances/{slug}/used_by/:
|
|
get:
|
|
operationId: flows_instances_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/instances/cache_clear/:
|
|
post:
|
|
operationId: flows_instances_cache_clear_create
|
|
description: Clear flow cache
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully cleared cache
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/instances/cache_info/:
|
|
get:
|
|
operationId: flows_instances_cache_info_retrieve
|
|
description: Info about cached flows
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Cache'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/flows/instances/import/:
|
|
post:
|
|
operationId: flows_instances_import_create
|
|
description: Import flow from .yaml file
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
multipart/form-data:
|
|
schema:
|
|
$ref: '#/components/schemas/FileUploadRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowImportResult'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowImportResult'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/managed/blueprints/:
|
|
get:
|
|
operationId: managed_blueprints_list
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: path
|
|
schema:
|
|
type: string
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedBlueprintInstanceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: managed_blueprints_create
|
|
description: Blueprint instances
|
|
tags:
|
|
- managed
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstanceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/managed/blueprints/{instance_uuid}/:
|
|
get:
|
|
operationId: managed_blueprints_retrieve
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: managed_blueprints_update
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstanceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: managed_blueprints_partial_update
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedBlueprintInstanceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: managed_blueprints_destroy
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/managed/blueprints/{instance_uuid}/apply/:
|
|
post:
|
|
operationId: managed_blueprints_apply_create
|
|
description: Apply a blueprint
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/managed/blueprints/{instance_uuid}/used_by/:
|
|
get:
|
|
operationId: managed_blueprints_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/managed/blueprints/available/:
|
|
get:
|
|
operationId: managed_blueprints_available_list
|
|
description: Get blueprints
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BlueprintFile'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/oauth2/access_tokens/:
|
|
get:
|
|
operationId: oauth2_access_tokens_list
|
|
description: AccessToken Viewset
|
|
parameters:
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTokenModelList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/oauth2/access_tokens/{id}/:
|
|
get:
|
|
operationId: oauth2_access_tokens_retrieve
|
|
description: AccessToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Access Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenModel'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: oauth2_access_tokens_destroy
|
|
description: AccessToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Access Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/oauth2/access_tokens/{id}/used_by/:
|
|
get:
|
|
operationId: oauth2_access_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Access Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/oauth2/authorization_codes/:
|
|
get:
|
|
operationId: oauth2_authorization_codes_list
|
|
description: AuthorizationCode Viewset
|
|
parameters:
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/oauth2/authorization_codes/{id}/:
|
|
get:
|
|
operationId: oauth2_authorization_codes_retrieve
|
|
description: AuthorizationCode Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Authorization Code.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpiringBaseGrantModel'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: oauth2_authorization_codes_destroy
|
|
description: AuthorizationCode Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Authorization Code.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/oauth2/authorization_codes/{id}/used_by/:
|
|
get:
|
|
operationId: oauth2_authorization_codes_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Authorization Code.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/oauth2/refresh_tokens/:
|
|
get:
|
|
operationId: oauth2_refresh_tokens_list
|
|
description: RefreshToken Viewset
|
|
parameters:
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTokenModelList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/oauth2/refresh_tokens/{id}/:
|
|
get:
|
|
operationId: oauth2_refresh_tokens_retrieve
|
|
description: RefreshToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Refresh Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenModel'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: oauth2_refresh_tokens_destroy
|
|
description: RefreshToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Refresh Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/oauth2/refresh_tokens/{id}/used_by/:
|
|
get:
|
|
operationId: oauth2_refresh_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Refresh Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/instances/:
|
|
get:
|
|
operationId: outposts_instances_list
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: providers__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: providers_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
explode: true
|
|
style: form
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: service_connection__name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: service_connection__name__iexact
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedOutpostList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: outposts_instances_create
|
|
description: Outpost Viewset
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OutpostRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/instances/{uuid}/:
|
|
get:
|
|
operationId: outposts_instances_retrieve
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: outposts_instances_update
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OutpostRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: outposts_instances_partial_update
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedOutpostRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: outposts_instances_destroy
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/instances/{uuid}/health/:
|
|
get:
|
|
operationId: outposts_instances_health_list
|
|
description: Get outposts current health
|
|
parameters:
|
|
- in: query
|
|
name: managed__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: providers__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: providers_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
explode: true
|
|
style: form
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: service_connection__name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: service_connection__name__iexact
|
|
schema:
|
|
type: string
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/OutpostHealth'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/instances/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_instances_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/instances/default_settings/:
|
|
get:
|
|
operationId: outposts_instances_default_settings_retrieve
|
|
description: Global default outpost config
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OutpostDefaultConfig'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/ldap/:
|
|
get:
|
|
operationId: outposts_ldap_list
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPOutpostConfigList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/ldap/{id}/:
|
|
get:
|
|
operationId: outposts_ldap_retrieve
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPOutpostConfig'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/proxy/:
|
|
get:
|
|
operationId: outposts_proxy_list
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedProxyOutpostConfigList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/proxy/{id}/:
|
|
get:
|
|
operationId: outposts_proxy_retrieve
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyOutpostConfig'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/radius/:
|
|
get:
|
|
operationId: outposts_radius_list
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRadiusOutpostConfigList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/radius/{id}/:
|
|
get:
|
|
operationId: outposts_radius_retrieve
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusOutpostConfig'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/service_connections/all/:
|
|
get:
|
|
operationId: outposts_service_connections_all_list
|
|
description: ServiceConnection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedServiceConnectionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/service_connections/all/{uuid}/:
|
|
get:
|
|
operationId: outposts_service_connections_all_retrieve
|
|
description: ServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ServiceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: outposts_service_connections_all_destroy
|
|
description: ServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/service_connections/all/{uuid}/state/:
|
|
get:
|
|
operationId: outposts_service_connections_all_state_retrieve
|
|
description: Get the service connection's state
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ServiceConnectionState'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/service_connections/all/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_service_connections_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/service_connections/all/types/:
|
|
get:
|
|
operationId: outposts_service_connections_all_types_list
|
|
description: Get all creatable service connection types
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/service_connections/docker/:
|
|
get:
|
|
operationId: outposts_service_connections_docker_list
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: local
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: tls_authentication
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: tls_verification
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: url
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDockerServiceConnectionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: outposts_service_connections_docker_create
|
|
description: DockerServiceConnection Viewset
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/service_connections/docker/{uuid}/:
|
|
get:
|
|
operationId: outposts_service_connections_docker_retrieve
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: outposts_service_connections_docker_update
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: outposts_service_connections_docker_partial_update
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDockerServiceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: outposts_service_connections_docker_destroy
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/service_connections/docker/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_service_connections_docker_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/service_connections/kubernetes/:
|
|
get:
|
|
operationId: outposts_service_connections_kubernetes_list
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: local
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedKubernetesServiceConnectionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: outposts_service_connections_kubernetes_create
|
|
description: KubernetesServiceConnection Viewset
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/service_connections/kubernetes/{uuid}/:
|
|
get:
|
|
operationId: outposts_service_connections_kubernetes_retrieve
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: outposts_service_connections_kubernetes_update
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: outposts_service_connections_kubernetes_partial_update
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: outposts_service_connections_kubernetes_destroy
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/outposts/service_connections/kubernetes/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_service_connections_kubernetes_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/all/:
|
|
get:
|
|
operationId: policies_all_list
|
|
description: Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: bindings__isnull
|
|
schema:
|
|
type: boolean
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: promptstage__isnull
|
|
schema:
|
|
type: boolean
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPolicyList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/all/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_all_retrieve
|
|
description: Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Policy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: policies_all_destroy
|
|
description: Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/all/{policy_uuid}/test/:
|
|
post:
|
|
operationId: policies_all_test_create
|
|
description: Test policy
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyTestRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyTestResult'
|
|
description: ''
|
|
'400':
|
|
description: Invalid parameters
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/all/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/all/cache_clear/:
|
|
post:
|
|
operationId: policies_all_cache_clear_create
|
|
description: Clear policy cache
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully cleared cache
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/all/cache_info/:
|
|
get:
|
|
operationId: policies_all_cache_info_retrieve
|
|
description: Info about cached policies
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Cache'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/all/types/:
|
|
get:
|
|
operationId: policies_all_types_list
|
|
description: Get all creatable policy types
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/bindings/:
|
|
get:
|
|
operationId: policies_bindings_list
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: order
|
|
schema:
|
|
type: integer
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: policy
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy__isnull
|
|
schema:
|
|
type: boolean
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: target
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: target_in
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: timeout
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPolicyBindingList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: policies_bindings_create
|
|
description: PolicyBinding Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/bindings/{policy_binding_uuid}/:
|
|
get:
|
|
operationId: policies_bindings_retrieve
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: policies_bindings_update
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: policies_bindings_partial_update
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPolicyBindingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: policies_bindings_destroy
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/bindings/{policy_binding_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_bindings_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/dummy/:
|
|
get:
|
|
operationId: policies_dummy_list
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: result
|
|
schema:
|
|
type: boolean
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: wait_max
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: wait_min
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDummyPolicyList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: policies_dummy_create
|
|
description: Dummy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/dummy/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_dummy_retrieve
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: policies_dummy_update
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: policies_dummy_partial_update
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDummyPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: policies_dummy_destroy
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/dummy/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_dummy_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/event_matcher/:
|
|
get:
|
|
operationId: policies_event_matcher_list
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
nullable: true
|
|
enum:
|
|
- authorize_application
|
|
- configuration_error
|
|
- custom_
|
|
- email_sent
|
|
- flow_execution
|
|
- impersonation_ended
|
|
- impersonation_started
|
|
- invitation_used
|
|
- login
|
|
- login_failed
|
|
- logout
|
|
- model_created
|
|
- model_deleted
|
|
- model_updated
|
|
- password_set
|
|
- policy_exception
|
|
- policy_execution
|
|
- property_mapping_exception
|
|
- secret_rotate
|
|
- secret_view
|
|
- source_linked
|
|
- suspicious_request
|
|
- system_exception
|
|
- system_task_exception
|
|
- system_task_execution
|
|
- update_available
|
|
- user_write
|
|
description: |-
|
|
Match created events with this action type. When left empty, all action types will be matched.
|
|
|
|
* `login` - Login
|
|
* `login_failed` - Login Failed
|
|
* `logout` - Logout
|
|
* `user_write` - User Write
|
|
* `suspicious_request` - Suspicious Request
|
|
* `password_set` - Password Set
|
|
* `secret_view` - Secret View
|
|
* `secret_rotate` - Secret Rotate
|
|
* `invitation_used` - Invite Used
|
|
* `authorize_application` - Authorize Application
|
|
* `source_linked` - Source Linked
|
|
* `impersonation_started` - Impersonation Started
|
|
* `impersonation_ended` - Impersonation Ended
|
|
* `flow_execution` - Flow Execution
|
|
* `policy_execution` - Policy Execution
|
|
* `policy_exception` - Policy Exception
|
|
* `property_mapping_exception` - Property Mapping Exception
|
|
* `system_task_execution` - System Task Execution
|
|
* `system_task_exception` - System Task Exception
|
|
* `system_exception` - System Exception
|
|
* `configuration_error` - Configuration Error
|
|
* `model_created` - Model Created
|
|
* `model_updated` - Model Updated
|
|
* `model_deleted` - Model Deleted
|
|
* `email_sent` - Email Sent
|
|
* `update_available` - Update Available
|
|
* `custom_` - Custom Prefix
|
|
- in: query
|
|
name: app
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: model
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEventMatcherPolicyList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: policies_event_matcher_create
|
|
description: Event Matcher Policy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/event_matcher/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_event_matcher_retrieve
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: policies_event_matcher_update
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: policies_event_matcher_partial_update
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEventMatcherPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: policies_event_matcher_destroy
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/event_matcher/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_event_matcher_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/expression/:
|
|
get:
|
|
operationId: policies_expression_list
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: expression
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedExpressionPolicyList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: policies_expression_create
|
|
description: Source Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/expression/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_expression_retrieve
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: policies_expression_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: policies_expression_partial_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedExpressionPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: policies_expression_destroy
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/expression/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_expression_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/password/:
|
|
get:
|
|
operationId: policies_password_list
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: amount_digits
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: amount_lowercase
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: amount_symbols
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: amount_uppercase
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: check_have_i_been_pwned
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: check_static_rules
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: check_zxcvbn
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: error_message
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: hibp_allowed_count
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: length_min
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: password_field
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: symbol_charset
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: zxcvbn_score_threshold
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPasswordPolicyList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: policies_password_create
|
|
description: Password Policy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/password/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_password_retrieve
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: policies_password_update
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: policies_password_partial_update
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPasswordPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: policies_password_destroy
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/password/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_password_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/password_expiry/:
|
|
get:
|
|
operationId: policies_password_expiry_list
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: days
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: deny_only
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPasswordExpiryPolicyList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: policies_password_expiry_create
|
|
description: Password Expiry Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/password_expiry/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_password_expiry_retrieve
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: policies_password_expiry_update
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: policies_password_expiry_partial_update
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: policies_password_expiry_destroy
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/password_expiry/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_password_expiry_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/reputation/:
|
|
get:
|
|
operationId: policies_reputation_list
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: check_ip
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: check_username
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: threshold
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedReputationPolicyList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: policies_reputation_create
|
|
description: Reputation Policy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/reputation/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_reputation_retrieve
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: policies_reputation_update
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: policies_reputation_partial_update
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedReputationPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: policies_reputation_destroy
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/reputation/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_reputation_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/reputation/scores/:
|
|
get:
|
|
operationId: policies_reputation_scores_list
|
|
description: Reputation Viewset
|
|
parameters:
|
|
- in: query
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: ip
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: score
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedReputationList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/reputation/scores/{reputation_uuid}/:
|
|
get:
|
|
operationId: policies_reputation_scores_retrieve
|
|
description: Reputation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: reputation_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Score.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Reputation'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: policies_reputation_scores_destroy
|
|
description: Reputation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: reputation_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Score.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/policies/reputation/scores/{reputation_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_reputation_scores_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: reputation_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Score.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/all/:
|
|
get:
|
|
operationId: propertymappings_all_list
|
|
description: PropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/all/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_all_retrieve
|
|
description: PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: propertymappings_all_destroy
|
|
description: PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/all/{pm_uuid}/test/:
|
|
post:
|
|
operationId: propertymappings_all_test_create
|
|
description: Test Property Mapping
|
|
parameters:
|
|
- in: query
|
|
name: format_result
|
|
schema:
|
|
type: boolean
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyTestRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingTestResult'
|
|
description: ''
|
|
'400':
|
|
description: Invalid parameters
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/all/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/all/types/:
|
|
get:
|
|
operationId: propertymappings_all_types_list
|
|
description: Get all creatable property-mapping types
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/ldap/:
|
|
get:
|
|
operationId: propertymappings_ldap_list
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: expression
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: object_field
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPPropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: propertymappings_ldap_create
|
|
description: LDAP PropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/ldap/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_ldap_retrieve
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: propertymappings_ldap_update
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: propertymappings_ldap_partial_update
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: propertymappings_ldap_destroy
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/ldap/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/notification/:
|
|
get:
|
|
operationId: propertymappings_notification_list
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationWebhookMappingList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: propertymappings_notification_create
|
|
description: NotificationWebhookMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/notification/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_notification_retrieve
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: propertymappings_notification_update
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: propertymappings_notification_partial_update
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationWebhookMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: propertymappings_notification_destroy
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/notification/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_notification_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/saml/:
|
|
get:
|
|
operationId: propertymappings_saml_list
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: expression
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: saml_name
|
|
schema:
|
|
type: string
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSAMLPropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: propertymappings_saml_create
|
|
description: SAMLPropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/saml/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_saml_retrieve
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: propertymappings_saml_update
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: propertymappings_saml_partial_update
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: propertymappings_saml_destroy
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/saml/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/scim/:
|
|
get:
|
|
operationId: propertymappings_scim_list
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: expression
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMMappingList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: propertymappings_scim_create
|
|
description: SCIMMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/scim/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_scim_retrieve
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: propertymappings_scim_update
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: propertymappings_scim_partial_update
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: propertymappings_scim_destroy
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/scim/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_scim_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/scope/:
|
|
get:
|
|
operationId: propertymappings_scope_list
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: scope_name
|
|
schema:
|
|
type: string
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedScopeMappingList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: propertymappings_scope_create
|
|
description: ScopeMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/scope/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_scope_retrieve
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: propertymappings_scope_update
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: propertymappings_scope_partial_update
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedScopeMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: propertymappings_scope_destroy
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/propertymappings/scope/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_scope_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/all/:
|
|
get:
|
|
operationId: providers_all_list
|
|
description: Provider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: backchannel_only
|
|
schema:
|
|
type: boolean
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedProviderList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/all/{id}/:
|
|
get:
|
|
operationId: providers_all_retrieve
|
|
description: Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Provider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: providers_all_destroy
|
|
description: Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/all/{id}/used_by/:
|
|
get:
|
|
operationId: providers_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/all/types/:
|
|
get:
|
|
operationId: providers_all_types_list
|
|
description: Get all creatable provider types
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/ldap/:
|
|
get:
|
|
operationId: providers_ldap_list
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authorization_flow__slug__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: base_dn__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: certificate__kp_uuid__iexact
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: certificate__name__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: gid_start_number__iexact
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: search_group__group_uuid__iexact
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: search_group__name__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: tls_server_name__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: uid_start_number__iexact
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPProviderList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: providers_ldap_create
|
|
description: LDAPProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/ldap/{id}/:
|
|
get:
|
|
operationId: providers_ldap_retrieve
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: providers_ldap_update
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: providers_ldap_partial_update
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLDAPProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: providers_ldap_destroy
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/ldap/{id}/used_by/:
|
|
get:
|
|
operationId: providers_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/oauth2/:
|
|
get:
|
|
operationId: providers_oauth2_list
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: access_code_validity
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: access_token_validity
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: application
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authorization_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: client_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_type
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- confidential
|
|
- public
|
|
description: |-
|
|
Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
|
|
|
|
* `confidential` - Confidential
|
|
* `public` - Public
|
|
- in: query
|
|
name: include_claims_in_id_token
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: issuer_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- global
|
|
- per_provider
|
|
description: |-
|
|
Configure how the issuer field of the ID Token should be filled.
|
|
|
|
* `global` - Same identifier is used for all providers
|
|
* `per_provider` - Each provider has a different issuer, based on the application slug.
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: redirect_uris
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: refresh_token_validity
|
|
schema:
|
|
type: string
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: signing_key
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: sub_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- hashed_user_id
|
|
- user_email
|
|
- user_id
|
|
- user_upn
|
|
- user_username
|
|
- user_uuid
|
|
description: |-
|
|
Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
|
|
|
|
* `hashed_user_id` - Based on the Hashed User ID
|
|
* `user_id` - Based on user ID
|
|
* `user_uuid` - Based on user UUID
|
|
* `user_username` - Based on the username
|
|
* `user_email` - Based on the User's Email. This is recommended over the UPN method.
|
|
* `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedOAuth2ProviderList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: providers_oauth2_create
|
|
description: OAuth2Provider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2ProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/oauth2/{id}/:
|
|
get:
|
|
operationId: providers_oauth2_retrieve
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: providers_oauth2_update
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2ProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: providers_oauth2_partial_update
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedOAuth2ProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: providers_oauth2_destroy
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/oauth2/{id}/preview_user/:
|
|
get:
|
|
operationId: providers_oauth2_preview_user_retrieve
|
|
description: Preview user data for provider
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingPreview'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/oauth2/{id}/setup_urls/:
|
|
get:
|
|
operationId: providers_oauth2_setup_urls_retrieve
|
|
description: Get Providers setup URLs
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2ProviderSetupURLs'
|
|
description: ''
|
|
'404':
|
|
description: Provider has no application assigned
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/oauth2/{id}/used_by/:
|
|
get:
|
|
operationId: providers_oauth2_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/proxy/:
|
|
get:
|
|
operationId: providers_proxy_list
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authorization_flow__slug__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: basic_auth_enabled__iexact
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: basic_auth_password_attribute__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: basic_auth_user_attribute__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: certificate__kp_uuid__iexact
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: certificate__name__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: cookie_domain__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: external_host__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: internal_host__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: internal_host_ssl_validation__iexact
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: mode__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: property_mappings__iexact
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: redirect_uris__iexact
|
|
schema:
|
|
type: string
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: skip_path_regex__iexact
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedProxyProviderList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: providers_proxy_create
|
|
description: ProxyProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/proxy/{id}/:
|
|
get:
|
|
operationId: providers_proxy_retrieve
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: providers_proxy_update
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: providers_proxy_partial_update
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedProxyProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: providers_proxy_destroy
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/proxy/{id}/used_by/:
|
|
get:
|
|
operationId: providers_proxy_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/radius/:
|
|
get:
|
|
operationId: providers_radius_list
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authorization_flow__slug__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_networks__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRadiusProviderList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: providers_radius_create
|
|
description: RadiusProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/radius/{id}/:
|
|
get:
|
|
operationId: providers_radius_retrieve
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: providers_radius_update
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: providers_radius_partial_update
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRadiusProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: providers_radius_destroy
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/radius/{id}/used_by/:
|
|
get:
|
|
operationId: providers_radius_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/saml/:
|
|
get:
|
|
operationId: providers_saml_list
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: acs_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: assertion_valid_not_before
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: assertion_valid_not_on_or_after
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: audience
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authorization_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: backchannel_application
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: default_relay_state
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: digest_algorithm
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#sha384
|
|
- http://www.w3.org/2001/04/xmlenc#sha256
|
|
- http://www.w3.org/2001/04/xmlenc#sha512
|
|
description: |-
|
|
* `http://www.w3.org/2000/09/xmldsig#sha1` - SHA1
|
|
* `http://www.w3.org/2001/04/xmlenc#sha256` - SHA256
|
|
* `http://www.w3.org/2001/04/xmldsig-more#sha384` - SHA384
|
|
* `http://www.w3.org/2001/04/xmlenc#sha512` - SHA512
|
|
- in: query
|
|
name: is_backchannel
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: issuer
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name_id_mapping
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: session_valid_not_on_or_after
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: signature_algorithm
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#dsa-sha1
|
|
- http://www.w3.org/2000/09/xmldsig#rsa-sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
|
|
description: |-
|
|
* `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - RSA-SHA1
|
|
* `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - RSA-SHA256
|
|
* `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - RSA-SHA384
|
|
* `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - RSA-SHA512
|
|
* `http://www.w3.org/2000/09/xmldsig#dsa-sha1` - DSA-SHA1
|
|
- in: query
|
|
name: signing_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: sp_binding
|
|
schema:
|
|
type: string
|
|
title: Service Provider Binding
|
|
enum:
|
|
- post
|
|
- redirect
|
|
description: |-
|
|
This determines how authentik sends the response back to the Service Provider.
|
|
|
|
* `redirect` - Redirect
|
|
* `post` - Post
|
|
- in: query
|
|
name: verification_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSAMLProviderList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: providers_saml_create
|
|
description: SAMLProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/saml/{id}/:
|
|
get:
|
|
operationId: providers_saml_retrieve
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: providers_saml_update
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: providers_saml_partial_update
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSAMLProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: providers_saml_destroy
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/saml/{id}/metadata/:
|
|
get:
|
|
operationId: providers_saml_metadata_retrieve
|
|
description: Return metadata as XML string
|
|
parameters:
|
|
- in: query
|
|
name: download
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: force_binding
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
|
|
- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
|
|
description: Optionally force the metadata to only include one binding.
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLMetadata'
|
|
description: ''
|
|
'404':
|
|
description: Provider has no application assigned
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/saml/{id}/preview_user/:
|
|
get:
|
|
operationId: providers_saml_preview_user_retrieve
|
|
description: Preview user data for provider
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingPreview'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/saml/{id}/used_by/:
|
|
get:
|
|
operationId: providers_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/saml/import_metadata/:
|
|
post:
|
|
operationId: providers_saml_import_metadata_create
|
|
description: Create provider from SAML Metadata
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
multipart/form-data:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProviderImportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully imported provider
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/scim/:
|
|
get:
|
|
operationId: providers_scim_list
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: exclude_users_service_account
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: filter_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: url
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMProviderList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: providers_scim_create
|
|
description: SCIMProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/scim/{id}/:
|
|
get:
|
|
operationId: providers_scim_retrieve
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: providers_scim_update
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: providers_scim_partial_update
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: providers_scim_destroy
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/scim/{id}/sync_status/:
|
|
get:
|
|
operationId: providers_scim_sync_status_retrieve
|
|
description: Get provider's sync status
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Task'
|
|
description: ''
|
|
'404':
|
|
description: Task not found
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/providers/scim/{id}/used_by/:
|
|
get:
|
|
operationId: providers_scim_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/permissions/:
|
|
get:
|
|
operationId: rbac_permissions_list
|
|
description: Read-only list of all permissions, filterable by model and app
|
|
parameters:
|
|
- in: query
|
|
name: codename
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: content_type__app_label
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: content_type__model
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: role
|
|
schema:
|
|
type: string
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPermissionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/permissions/{id}/:
|
|
get:
|
|
operationId: rbac_permissions_retrieve
|
|
description: Read-only list of all permissions, filterable by model and app
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this permission.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Permission'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/permissions/assigned_by_roles/:
|
|
get:
|
|
operationId: rbac_permissions_assigned_by_roles_list
|
|
description: Get assigned object permissions for a single object
|
|
parameters:
|
|
- in: query
|
|
name: model
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- authentik_blueprints.blueprintinstance
|
|
- authentik_brands.brand
|
|
- authentik_core.application
|
|
- authentik_core.group
|
|
- authentik_core.token
|
|
- authentik_core.user
|
|
- authentik_crypto.certificatekeypair
|
|
- authentik_enterprise.license
|
|
- authentik_events.event
|
|
- authentik_events.notification
|
|
- authentik_events.notificationrule
|
|
- authentik_events.notificationtransport
|
|
- authentik_events.notificationwebhookmapping
|
|
- authentik_flows.flow
|
|
- authentik_flows.flowstagebinding
|
|
- authentik_outposts.dockerserviceconnection
|
|
- authentik_outposts.kubernetesserviceconnection
|
|
- authentik_outposts.outpost
|
|
- authentik_policies.policybinding
|
|
- authentik_policies_dummy.dummypolicy
|
|
- authentik_policies_event_matcher.eventmatcherpolicy
|
|
- authentik_policies_expiry.passwordexpirypolicy
|
|
- authentik_policies_expression.expressionpolicy
|
|
- authentik_policies_password.passwordpolicy
|
|
- authentik_policies_reputation.reputation
|
|
- authentik_policies_reputation.reputationpolicy
|
|
- authentik_providers_ldap.ldapprovider
|
|
- authentik_providers_oauth2.accesstoken
|
|
- authentik_providers_oauth2.authorizationcode
|
|
- authentik_providers_oauth2.oauth2provider
|
|
- authentik_providers_oauth2.refreshtoken
|
|
- authentik_providers_oauth2.scopemapping
|
|
- authentik_providers_proxy.proxyprovider
|
|
- authentik_providers_radius.radiusprovider
|
|
- authentik_providers_saml.samlpropertymapping
|
|
- authentik_providers_saml.samlprovider
|
|
- authentik_providers_scim.scimmapping
|
|
- authentik_providers_scim.scimprovider
|
|
- authentik_rbac.role
|
|
- authentik_sources_ldap.ldappropertymapping
|
|
- authentik_sources_ldap.ldapsource
|
|
- authentik_sources_oauth.oauthsource
|
|
- authentik_sources_oauth.useroauthsourceconnection
|
|
- authentik_sources_plex.plexsource
|
|
- authentik_sources_plex.plexsourceconnection
|
|
- authentik_sources_saml.samlsource
|
|
- authentik_sources_saml.usersamlsourceconnection
|
|
- authentik_stages_authenticator_duo.authenticatorduostage
|
|
- authentik_stages_authenticator_duo.duodevice
|
|
- authentik_stages_authenticator_sms.authenticatorsmsstage
|
|
- authentik_stages_authenticator_sms.smsdevice
|
|
- authentik_stages_authenticator_static.authenticatorstaticstage
|
|
- authentik_stages_authenticator_static.staticdevice
|
|
- authentik_stages_authenticator_totp.authenticatortotpstage
|
|
- authentik_stages_authenticator_totp.totpdevice
|
|
- authentik_stages_authenticator_validate.authenticatorvalidatestage
|
|
- authentik_stages_authenticator_webauthn.authenticatewebauthnstage
|
|
- authentik_stages_authenticator_webauthn.webauthndevice
|
|
- authentik_stages_captcha.captchastage
|
|
- authentik_stages_consent.consentstage
|
|
- authentik_stages_consent.userconsent
|
|
- authentik_stages_deny.denystage
|
|
- authentik_stages_dummy.dummystage
|
|
- authentik_stages_email.emailstage
|
|
- authentik_stages_identification.identificationstage
|
|
- authentik_stages_invitation.invitation
|
|
- authentik_stages_invitation.invitationstage
|
|
- authentik_stages_password.passwordstage
|
|
- authentik_stages_prompt.prompt
|
|
- authentik_stages_prompt.promptstage
|
|
- authentik_stages_user_delete.userdeletestage
|
|
- authentik_stages_user_login.userloginstage
|
|
- authentik_stages_user_logout.userlogoutstage
|
|
- authentik_stages_user_write.userwritestage
|
|
- authentik_tenants.domain
|
|
- authentik_tenants.tenant
|
|
description: |-
|
|
* `authentik_tenants.tenant` - Tenant
|
|
* `authentik_tenants.domain` - Domain
|
|
* `authentik_crypto.certificatekeypair` - Certificate-Key Pair
|
|
* `authentik_events.event` - Event
|
|
* `authentik_events.notificationtransport` - Notification Transport
|
|
* `authentik_events.notification` - Notification
|
|
* `authentik_events.notificationrule` - Notification Rule
|
|
* `authentik_events.notificationwebhookmapping` - Webhook Mapping
|
|
* `authentik_flows.flow` - Flow
|
|
* `authentik_flows.flowstagebinding` - Flow Stage Binding
|
|
* `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
|
|
* `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
|
|
* `authentik_outposts.outpost` - Outpost
|
|
* `authentik_policies_dummy.dummypolicy` - Dummy Policy
|
|
* `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
|
|
* `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
|
|
* `authentik_policies_expression.expressionpolicy` - Expression Policy
|
|
* `authentik_policies_password.passwordpolicy` - Password Policy
|
|
* `authentik_policies_reputation.reputationpolicy` - Reputation Policy
|
|
* `authentik_policies_reputation.reputation` - Reputation Score
|
|
* `authentik_policies.policybinding` - Policy Binding
|
|
* `authentik_providers_ldap.ldapprovider` - LDAP Provider
|
|
* `authentik_providers_oauth2.scopemapping` - Scope Mapping
|
|
* `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
|
|
* `authentik_providers_oauth2.authorizationcode` - Authorization Code
|
|
* `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
|
|
* `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
|
|
* `authentik_providers_proxy.proxyprovider` - Proxy Provider
|
|
* `authentik_providers_radius.radiusprovider` - Radius Provider
|
|
* `authentik_providers_saml.samlprovider` - SAML Provider
|
|
* `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
|
|
* `authentik_providers_scim.scimprovider` - SCIM Provider
|
|
* `authentik_providers_scim.scimmapping` - SCIM Mapping
|
|
* `authentik_rbac.role` - Role
|
|
* `authentik_sources_ldap.ldapsource` - LDAP Source
|
|
* `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
|
|
* `authentik_sources_oauth.oauthsource` - OAuth Source
|
|
* `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
|
|
* `authentik_sources_plex.plexsource` - Plex Source
|
|
* `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
|
|
* `authentik_sources_saml.samlsource` - SAML Source
|
|
* `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
|
|
* `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_duo.duodevice` - Duo Device
|
|
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
|
|
* `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
|
|
* `authentik_stages_authenticator_static.staticdevice` - Static Device
|
|
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
|
|
* `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
|
|
* `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
|
|
* `authentik_stages_captcha.captchastage` - Captcha Stage
|
|
* `authentik_stages_consent.consentstage` - Consent Stage
|
|
* `authentik_stages_consent.userconsent` - User Consent
|
|
* `authentik_stages_deny.denystage` - Deny Stage
|
|
* `authentik_stages_dummy.dummystage` - Dummy Stage
|
|
* `authentik_stages_email.emailstage` - Email Stage
|
|
* `authentik_stages_identification.identificationstage` - Identification Stage
|
|
* `authentik_stages_invitation.invitationstage` - Invitation Stage
|
|
* `authentik_stages_invitation.invitation` - Invitation
|
|
* `authentik_stages_password.passwordstage` - Password Stage
|
|
* `authentik_stages_prompt.prompt` - Prompt
|
|
* `authentik_stages_prompt.promptstage` - Prompt Stage
|
|
* `authentik_stages_user_delete.userdeletestage` - User Delete Stage
|
|
* `authentik_stages_user_login.userloginstage` - User Login Stage
|
|
* `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
|
|
* `authentik_stages_user_write.userwritestage` - User Write Stage
|
|
* `authentik_brands.brand` - Brand
|
|
* `authentik_blueprints.blueprintinstance` - Blueprint Instance
|
|
* `authentik_core.group` - Group
|
|
* `authentik_core.user` - User
|
|
* `authentik_core.application` - Application
|
|
* `authentik_core.token` - Token
|
|
* `authentik_enterprise.license` - License
|
|
required: true
|
|
- in: query
|
|
name: object_pk
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRoleAssignedObjectPermissionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/permissions/assigned_by_roles/{uuid}/assign/:
|
|
post:
|
|
operationId: rbac_permissions_assigned_by_roles_assign_create
|
|
description: |-
|
|
Assign permission(s) to role. When `object_pk` is set, the permissions
|
|
are only assigned to the specific object, otherwise they are assigned globally.
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PermissionAssignRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully assigned
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/permissions/assigned_by_roles/{uuid}/unassign/:
|
|
patch:
|
|
operationId: rbac_permissions_assigned_by_roles_unassign_partial_update
|
|
description: |-
|
|
Unassign permission(s) to role. When `object_pk` is set, the permissions
|
|
are only assigned to the specific object, otherwise they are assigned globally.
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPermissionAssignRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully unassigned
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/permissions/assigned_by_users/:
|
|
get:
|
|
operationId: rbac_permissions_assigned_by_users_list
|
|
description: Get assigned object permissions for a single object
|
|
parameters:
|
|
- in: query
|
|
name: model
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- authentik_blueprints.blueprintinstance
|
|
- authentik_brands.brand
|
|
- authentik_core.application
|
|
- authentik_core.group
|
|
- authentik_core.token
|
|
- authentik_core.user
|
|
- authentik_crypto.certificatekeypair
|
|
- authentik_enterprise.license
|
|
- authentik_events.event
|
|
- authentik_events.notification
|
|
- authentik_events.notificationrule
|
|
- authentik_events.notificationtransport
|
|
- authentik_events.notificationwebhookmapping
|
|
- authentik_flows.flow
|
|
- authentik_flows.flowstagebinding
|
|
- authentik_outposts.dockerserviceconnection
|
|
- authentik_outposts.kubernetesserviceconnection
|
|
- authentik_outposts.outpost
|
|
- authentik_policies.policybinding
|
|
- authentik_policies_dummy.dummypolicy
|
|
- authentik_policies_event_matcher.eventmatcherpolicy
|
|
- authentik_policies_expiry.passwordexpirypolicy
|
|
- authentik_policies_expression.expressionpolicy
|
|
- authentik_policies_password.passwordpolicy
|
|
- authentik_policies_reputation.reputation
|
|
- authentik_policies_reputation.reputationpolicy
|
|
- authentik_providers_ldap.ldapprovider
|
|
- authentik_providers_oauth2.accesstoken
|
|
- authentik_providers_oauth2.authorizationcode
|
|
- authentik_providers_oauth2.oauth2provider
|
|
- authentik_providers_oauth2.refreshtoken
|
|
- authentik_providers_oauth2.scopemapping
|
|
- authentik_providers_proxy.proxyprovider
|
|
- authentik_providers_radius.radiusprovider
|
|
- authentik_providers_saml.samlpropertymapping
|
|
- authentik_providers_saml.samlprovider
|
|
- authentik_providers_scim.scimmapping
|
|
- authentik_providers_scim.scimprovider
|
|
- authentik_rbac.role
|
|
- authentik_sources_ldap.ldappropertymapping
|
|
- authentik_sources_ldap.ldapsource
|
|
- authentik_sources_oauth.oauthsource
|
|
- authentik_sources_oauth.useroauthsourceconnection
|
|
- authentik_sources_plex.plexsource
|
|
- authentik_sources_plex.plexsourceconnection
|
|
- authentik_sources_saml.samlsource
|
|
- authentik_sources_saml.usersamlsourceconnection
|
|
- authentik_stages_authenticator_duo.authenticatorduostage
|
|
- authentik_stages_authenticator_duo.duodevice
|
|
- authentik_stages_authenticator_sms.authenticatorsmsstage
|
|
- authentik_stages_authenticator_sms.smsdevice
|
|
- authentik_stages_authenticator_static.authenticatorstaticstage
|
|
- authentik_stages_authenticator_static.staticdevice
|
|
- authentik_stages_authenticator_totp.authenticatortotpstage
|
|
- authentik_stages_authenticator_totp.totpdevice
|
|
- authentik_stages_authenticator_validate.authenticatorvalidatestage
|
|
- authentik_stages_authenticator_webauthn.authenticatewebauthnstage
|
|
- authentik_stages_authenticator_webauthn.webauthndevice
|
|
- authentik_stages_captcha.captchastage
|
|
- authentik_stages_consent.consentstage
|
|
- authentik_stages_consent.userconsent
|
|
- authentik_stages_deny.denystage
|
|
- authentik_stages_dummy.dummystage
|
|
- authentik_stages_email.emailstage
|
|
- authentik_stages_identification.identificationstage
|
|
- authentik_stages_invitation.invitation
|
|
- authentik_stages_invitation.invitationstage
|
|
- authentik_stages_password.passwordstage
|
|
- authentik_stages_prompt.prompt
|
|
- authentik_stages_prompt.promptstage
|
|
- authentik_stages_user_delete.userdeletestage
|
|
- authentik_stages_user_login.userloginstage
|
|
- authentik_stages_user_logout.userlogoutstage
|
|
- authentik_stages_user_write.userwritestage
|
|
- authentik_tenants.domain
|
|
- authentik_tenants.tenant
|
|
description: |-
|
|
* `authentik_tenants.tenant` - Tenant
|
|
* `authentik_tenants.domain` - Domain
|
|
* `authentik_crypto.certificatekeypair` - Certificate-Key Pair
|
|
* `authentik_events.event` - Event
|
|
* `authentik_events.notificationtransport` - Notification Transport
|
|
* `authentik_events.notification` - Notification
|
|
* `authentik_events.notificationrule` - Notification Rule
|
|
* `authentik_events.notificationwebhookmapping` - Webhook Mapping
|
|
* `authentik_flows.flow` - Flow
|
|
* `authentik_flows.flowstagebinding` - Flow Stage Binding
|
|
* `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
|
|
* `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
|
|
* `authentik_outposts.outpost` - Outpost
|
|
* `authentik_policies_dummy.dummypolicy` - Dummy Policy
|
|
* `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
|
|
* `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
|
|
* `authentik_policies_expression.expressionpolicy` - Expression Policy
|
|
* `authentik_policies_password.passwordpolicy` - Password Policy
|
|
* `authentik_policies_reputation.reputationpolicy` - Reputation Policy
|
|
* `authentik_policies_reputation.reputation` - Reputation Score
|
|
* `authentik_policies.policybinding` - Policy Binding
|
|
* `authentik_providers_ldap.ldapprovider` - LDAP Provider
|
|
* `authentik_providers_oauth2.scopemapping` - Scope Mapping
|
|
* `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
|
|
* `authentik_providers_oauth2.authorizationcode` - Authorization Code
|
|
* `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
|
|
* `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
|
|
* `authentik_providers_proxy.proxyprovider` - Proxy Provider
|
|
* `authentik_providers_radius.radiusprovider` - Radius Provider
|
|
* `authentik_providers_saml.samlprovider` - SAML Provider
|
|
* `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
|
|
* `authentik_providers_scim.scimprovider` - SCIM Provider
|
|
* `authentik_providers_scim.scimmapping` - SCIM Mapping
|
|
* `authentik_rbac.role` - Role
|
|
* `authentik_sources_ldap.ldapsource` - LDAP Source
|
|
* `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
|
|
* `authentik_sources_oauth.oauthsource` - OAuth Source
|
|
* `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
|
|
* `authentik_sources_plex.plexsource` - Plex Source
|
|
* `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
|
|
* `authentik_sources_saml.samlsource` - SAML Source
|
|
* `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
|
|
* `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_duo.duodevice` - Duo Device
|
|
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
|
|
* `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
|
|
* `authentik_stages_authenticator_static.staticdevice` - Static Device
|
|
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
|
|
* `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
|
|
* `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
|
|
* `authentik_stages_captcha.captchastage` - Captcha Stage
|
|
* `authentik_stages_consent.consentstage` - Consent Stage
|
|
* `authentik_stages_consent.userconsent` - User Consent
|
|
* `authentik_stages_deny.denystage` - Deny Stage
|
|
* `authentik_stages_dummy.dummystage` - Dummy Stage
|
|
* `authentik_stages_email.emailstage` - Email Stage
|
|
* `authentik_stages_identification.identificationstage` - Identification Stage
|
|
* `authentik_stages_invitation.invitationstage` - Invitation Stage
|
|
* `authentik_stages_invitation.invitation` - Invitation
|
|
* `authentik_stages_password.passwordstage` - Password Stage
|
|
* `authentik_stages_prompt.prompt` - Prompt
|
|
* `authentik_stages_prompt.promptstage` - Prompt Stage
|
|
* `authentik_stages_user_delete.userdeletestage` - User Delete Stage
|
|
* `authentik_stages_user_login.userloginstage` - User Login Stage
|
|
* `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
|
|
* `authentik_stages_user_write.userwritestage` - User Write Stage
|
|
* `authentik_brands.brand` - Brand
|
|
* `authentik_blueprints.blueprintinstance` - Blueprint Instance
|
|
* `authentik_core.group` - Group
|
|
* `authentik_core.user` - User
|
|
* `authentik_core.application` - Application
|
|
* `authentik_core.token` - Token
|
|
* `authentik_enterprise.license` - License
|
|
required: true
|
|
- in: query
|
|
name: object_pk
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserAssignedObjectPermissionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/permissions/assigned_by_users/{id}/assign/:
|
|
post:
|
|
operationId: rbac_permissions_assigned_by_users_assign_create
|
|
description: Assign permission(s) to user
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PermissionAssignRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully assigned
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/permissions/assigned_by_users/{id}/unassign/:
|
|
patch:
|
|
operationId: rbac_permissions_assigned_by_users_unassign_partial_update
|
|
description: |-
|
|
Unassign permission(s) to user. When `object_pk` is set, the permissions
|
|
are only assigned to the specific object, otherwise they are assigned globally.
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPermissionAssignRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully unassigned
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/permissions/roles/:
|
|
get:
|
|
operationId: rbac_permissions_roles_list
|
|
description: Get a role's assigned object permissions
|
|
parameters:
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedExtraRoleObjectPermissionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/permissions/users/:
|
|
get:
|
|
operationId: rbac_permissions_users_list
|
|
description: Get a users's assigned object permissions
|
|
parameters:
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_id
|
|
schema:
|
|
type: integer
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedExtraUserObjectPermissionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/roles/:
|
|
get:
|
|
operationId: rbac_roles_list
|
|
description: Role viewset
|
|
parameters:
|
|
- in: query
|
|
name: group__name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRoleList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: rbac_roles_create
|
|
description: Role viewset
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RoleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/roles/{uuid}/:
|
|
get:
|
|
operationId: rbac_roles_retrieve
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: rbac_roles_update
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RoleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: rbac_roles_partial_update
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRoleRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: rbac_roles_destroy
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/rbac/roles/{uuid}/used_by/:
|
|
get:
|
|
operationId: rbac_roles_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/root/config/:
|
|
get:
|
|
operationId: root_config_retrieve
|
|
description: Retrieve public configuration options
|
|
tags:
|
|
- root
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Config'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/schema/:
|
|
get:
|
|
operationId: schema_retrieve
|
|
description: |-
|
|
OpenApi3 schema for this API. Format can be selected via content negotiation.
|
|
|
|
- YAML: application/vnd.oai.openapi
|
|
- JSON: application/vnd.oai.openapi+json
|
|
parameters:
|
|
- in: query
|
|
name: format
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- json
|
|
- yaml
|
|
- in: query
|
|
name: lang
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- af
|
|
- ar
|
|
- ar-dz
|
|
- ast
|
|
- az
|
|
- be
|
|
- bg
|
|
- bn
|
|
- br
|
|
- bs
|
|
- ca
|
|
- ckb
|
|
- cs
|
|
- cy
|
|
- da
|
|
- de
|
|
- dsb
|
|
- el
|
|
- en
|
|
- en-au
|
|
- en-gb
|
|
- eo
|
|
- es
|
|
- es-ar
|
|
- es-co
|
|
- es-mx
|
|
- es-ni
|
|
- es-ve
|
|
- et
|
|
- eu
|
|
- fa
|
|
- fi
|
|
- fr
|
|
- fy
|
|
- ga
|
|
- gd
|
|
- gl
|
|
- he
|
|
- hi
|
|
- hr
|
|
- hsb
|
|
- hu
|
|
- hy
|
|
- ia
|
|
- id
|
|
- ig
|
|
- io
|
|
- is
|
|
- it
|
|
- ja
|
|
- ka
|
|
- kab
|
|
- kk
|
|
- km
|
|
- kn
|
|
- ko
|
|
- ky
|
|
- lb
|
|
- lt
|
|
- lv
|
|
- mk
|
|
- ml
|
|
- mn
|
|
- mr
|
|
- ms
|
|
- my
|
|
- nb
|
|
- ne
|
|
- nl
|
|
- nn
|
|
- os
|
|
- pa
|
|
- pl
|
|
- pt
|
|
- pt-br
|
|
- ro
|
|
- ru
|
|
- sk
|
|
- sl
|
|
- sq
|
|
- sr
|
|
- sr-latn
|
|
- sv
|
|
- sw
|
|
- ta
|
|
- te
|
|
- tg
|
|
- th
|
|
- tk
|
|
- tr
|
|
- tt
|
|
- udm
|
|
- uk
|
|
- ur
|
|
- uz
|
|
- vi
|
|
- zh-hans
|
|
- zh-hant
|
|
tags:
|
|
- schema
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/vnd.oai.openapi:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
application/yaml:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
application/vnd.oai.openapi+json:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/all/:
|
|
get:
|
|
operationId: sources_all_list
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSourceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/all/{slug}/:
|
|
get:
|
|
operationId: sources_all_retrieve
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Source'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: sources_all_destroy
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/all/{slug}/set_icon/:
|
|
post:
|
|
operationId: sources_all_set_icon_create
|
|
description: Set source icon
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
multipart/form-data:
|
|
schema:
|
|
$ref: '#/components/schemas/FileUploadRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
description: Success
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/all/{slug}/set_icon_url/:
|
|
post:
|
|
operationId: sources_all_set_icon_url_create
|
|
description: Set source icon (as URL)
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FilePathRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
description: Success
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/all/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/all/types/:
|
|
get:
|
|
operationId: sources_all_types_list
|
|
description: Get all creatable source types
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/all/user_settings/:
|
|
get:
|
|
operationId: sources_all_user_settings_list
|
|
description: Get all sources the user can configure
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSetting'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/ldap/:
|
|
get:
|
|
operationId: sources_ldap_list
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: additional_group_dn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: additional_user_dn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: base_dn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: bind_cn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_certificate
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: group_membership_field
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: group_object_filter
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: object_uniqueness_field
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: peer_certificate
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: property_mappings_group
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: server_uri
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sni
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: start_tls
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sync_groups
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sync_parent_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: sync_users
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sync_users_password
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: user_object_filter
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPSourceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: sources_ldap_create
|
|
description: LDAP Source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/ldap/{slug}/:
|
|
get:
|
|
operationId: sources_ldap_retrieve
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: sources_ldap_update
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: sources_ldap_partial_update
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLDAPSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: sources_ldap_destroy
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/ldap/{slug}/debug/:
|
|
get:
|
|
operationId: sources_ldap_debug_retrieve
|
|
description: Get raw LDAP data to debug
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPDebug'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/ldap/{slug}/sync_status/:
|
|
get:
|
|
operationId: sources_ldap_sync_status_retrieve
|
|
description: Get source's sync status
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSyncStatus'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/ldap/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/oauth/:
|
|
get:
|
|
operationId: sources_oauth_list
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: access_token_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: additional_scopes
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authorization_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: consumer_key
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: has_jwks
|
|
schema:
|
|
type: boolean
|
|
description: Only return sources with JWKS data
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- all
|
|
- any
|
|
description: |-
|
|
* `all` - all, all policies must pass
|
|
* `any` - any, any policy must pass
|
|
- in: query
|
|
name: profile_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: provider_type
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: request_token_url
|
|
schema:
|
|
type: string
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_matching_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- email_deny
|
|
- email_link
|
|
- identifier
|
|
- username_deny
|
|
- username_link
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedOAuthSourceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: sources_oauth_create
|
|
description: Source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/oauth/{slug}/:
|
|
get:
|
|
operationId: sources_oauth_retrieve
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: sources_oauth_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: sources_oauth_partial_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedOAuthSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: sources_oauth_destroy
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/oauth/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_oauth_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/oauth/source_types/:
|
|
get:
|
|
operationId: sources_oauth_source_types_list
|
|
description: |-
|
|
Get all creatable source types. If ?name is set, only returns the type for <name>.
|
|
If <name> isn't found, returns the default type.
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SourceType'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/plex/:
|
|
get:
|
|
operationId: sources_plex_list
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: allow_friends
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: client_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- all
|
|
- any
|
|
description: |-
|
|
* `all` - all, all policies must pass
|
|
* `any` - any, any policy must pass
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_matching_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- email_deny
|
|
- email_link
|
|
- identifier
|
|
- username_deny
|
|
- username_link
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPlexSourceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: sources_plex_create
|
|
description: Plex source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/plex/{slug}/:
|
|
get:
|
|
operationId: sources_plex_retrieve
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: sources_plex_update
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: sources_plex_partial_update
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPlexSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: sources_plex_destroy
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/plex/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_plex_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/plex/redeem_token/:
|
|
post:
|
|
operationId: sources_plex_redeem_token_create
|
|
description: |-
|
|
Redeem a plex token, check it's access to resources against what's allowed
|
|
for the source, and redirect to an authentication/enrollment flow.
|
|
parameters:
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexTokenRedeemRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectChallenge'
|
|
description: ''
|
|
'400':
|
|
description: Token not found
|
|
'403':
|
|
description: Access denied
|
|
/sources/plex/redeem_token_authenticated/:
|
|
post:
|
|
operationId: sources_plex_redeem_token_authenticated_create
|
|
description: Redeem a plex token for an authenticated user, creating a connection
|
|
parameters:
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexTokenRedeemRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
description: Token not found
|
|
'403':
|
|
description: Access denied
|
|
/sources/saml/:
|
|
get:
|
|
operationId: sources_saml_list
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: query
|
|
name: allow_idp_initiated
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: binding_type
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- POST
|
|
- POST_AUTO
|
|
- REDIRECT
|
|
description: |-
|
|
* `REDIRECT` - Redirect Binding
|
|
* `POST` - POST Binding
|
|
* `POST_AUTO` - POST Binding with auto-confirmation
|
|
- in: query
|
|
name: digest_algorithm
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#sha384
|
|
- http://www.w3.org/2001/04/xmlenc#sha256
|
|
- http://www.w3.org/2001/04/xmlenc#sha512
|
|
description: |-
|
|
* `http://www.w3.org/2000/09/xmldsig#sha1` - SHA1
|
|
* `http://www.w3.org/2001/04/xmlenc#sha256` - SHA256
|
|
* `http://www.w3.org/2001/04/xmldsig-more#sha384` - SHA384
|
|
* `http://www.w3.org/2001/04/xmlenc#sha512` - SHA512
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: issuer
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name_id_policy
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
|
description: |-
|
|
NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
|
|
|
|
* `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- all
|
|
- any
|
|
description: |-
|
|
* `all` - all, all policies must pass
|
|
* `any` - any, any policy must pass
|
|
- in: query
|
|
name: pre_authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: signature_algorithm
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#dsa-sha1
|
|
- http://www.w3.org/2000/09/xmldsig#rsa-sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
|
|
description: |-
|
|
* `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - RSA-SHA1
|
|
* `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - RSA-SHA256
|
|
* `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - RSA-SHA384
|
|
* `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - RSA-SHA512
|
|
* `http://www.w3.org/2000/09/xmldsig#dsa-sha1` - DSA-SHA1
|
|
- in: query
|
|
name: signing_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: slo_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sso_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: temporary_user_delete_after
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_matching_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- email_deny
|
|
- email_link
|
|
- identifier
|
|
- username_deny
|
|
- username_link
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
- in: query
|
|
name: verification_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSAMLSourceList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: sources_saml_create
|
|
description: SAMLSource Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/saml/{slug}/:
|
|
get:
|
|
operationId: sources_saml_retrieve
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: sources_saml_update
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: sources_saml_partial_update
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSAMLSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: sources_saml_destroy
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/saml/{slug}/metadata/:
|
|
get:
|
|
operationId: sources_saml_metadata_retrieve
|
|
description: Return metadata as XML string
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLMetadata'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/saml/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/all/:
|
|
get:
|
|
operationId: sources_user_connections_all_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/all/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_all_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: sources_user_connections_all_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: sources_user_connections_all_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: sources_user_connections_all_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/all/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/oauth/:
|
|
get:
|
|
operationId: sources_user_connections_oauth_list
|
|
description: Source Viewset
|
|
parameters:
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserOAuthSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: sources_user_connections_oauth_create
|
|
description: Source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/oauth/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_oauth_retrieve
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: sources_user_connections_oauth_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: sources_user_connections_oauth_partial_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: sources_user_connections_oauth_destroy
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/oauth/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_oauth_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/plex/:
|
|
get:
|
|
operationId: sources_user_connections_plex_list
|
|
description: Plex Source connection Serializer
|
|
parameters:
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPlexSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: sources_user_connections_plex_create
|
|
description: Plex Source connection Serializer
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/plex/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_plex_retrieve
|
|
description: Plex Source connection Serializer
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: sources_user_connections_plex_update
|
|
description: Plex Source connection Serializer
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: sources_user_connections_plex_partial_update
|
|
description: Plex Source connection Serializer
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPlexSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: sources_user_connections_plex_destroy
|
|
description: Plex Source connection Serializer
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/plex/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_plex_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/saml/:
|
|
get:
|
|
operationId: sources_user_connections_saml_list
|
|
description: Source Viewset
|
|
parameters:
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserSAMLSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: sources_user_connections_saml_create
|
|
description: Source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/saml/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_saml_retrieve
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: sources_user_connections_saml_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: sources_user_connections_saml_partial_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserSAMLSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: sources_user_connections_saml_destroy
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/sources/user_connections/saml/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/all/:
|
|
get:
|
|
operationId: stages_all_list
|
|
description: Stage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/all/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_all_retrieve
|
|
description: Stage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Stage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_all_destroy
|
|
description: Stage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/all/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/all/types/:
|
|
get:
|
|
operationId: stages_all_types_list
|
|
description: Get all creatable stage types
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/all/user_settings/:
|
|
get:
|
|
operationId: stages_all_user_settings_list
|
|
description: Get all stages the user can configure
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSetting'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/duo/:
|
|
get:
|
|
operationId: stages_authenticator_duo_list
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: api_hostname
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorDuoStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_authenticator_duo_create
|
|
description: AuthenticatorDuoStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/duo/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_duo_retrieve
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_authenticator_duo_update
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_authenticator_duo_partial_update
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorDuoStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_authenticator_duo_destroy
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/duo/{stage_uuid}/enrollment_status/:
|
|
post:
|
|
operationId: stages_authenticator_duo_enrollment_status_create
|
|
description: Check enrollment status of user details in current session
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceEnrollmentStatus'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/duo/{stage_uuid}/import_device_manual/:
|
|
post:
|
|
operationId: stages_authenticator_duo_import_device_manual_create
|
|
description: Import duo devices into authentik
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageManualDeviceImportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Enrollment successful
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/duo/{stage_uuid}/import_devices_automatic/:
|
|
post:
|
|
operationId: stages_authenticator_duo_import_devices_automatic_create
|
|
description: Import duo devices into authentik
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageDeviceImportResponse'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/duo/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_duo_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/sms/:
|
|
get:
|
|
operationId: stages_authenticator_sms_list
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: account_sid
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: auth
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: auth_password
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: auth_type
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- basic
|
|
- bearer
|
|
description: |-
|
|
* `basic` - Basic
|
|
* `bearer` - Bearer
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: from_number
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: mapping
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- generic
|
|
- twilio
|
|
description: |-
|
|
* `twilio` - Twilio
|
|
* `generic` - Generic
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: verify_only
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorSMSStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_authenticator_sms_create
|
|
description: AuthenticatorSMSStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/sms/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_sms_retrieve
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_authenticator_sms_update
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_authenticator_sms_partial_update
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorSMSStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_authenticator_sms_destroy
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/sms/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_sms_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/static/:
|
|
get:
|
|
operationId: stages_authenticator_static_list
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: token_count
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: token_length
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorStaticStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_authenticator_static_create
|
|
description: AuthenticatorStaticStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/static/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_static_retrieve
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_authenticator_static_update
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_authenticator_static_partial_update
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_authenticator_static_destroy
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/static/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_static_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/totp/:
|
|
get:
|
|
operationId: stages_authenticator_totp_list
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: digits
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- '6'
|
|
- '8'
|
|
description: |-
|
|
* `6` - 6 digits, widely compatible
|
|
* `8` - 8 digits, not compatible with apps like Google Authenticator
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_authenticator_totp_create
|
|
description: AuthenticatorTOTPStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/totp/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_totp_retrieve
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_authenticator_totp_update
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_authenticator_totp_partial_update
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_authenticator_totp_destroy
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/totp/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_totp_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/validate/:
|
|
get:
|
|
operationId: stages_authenticator_validate_list
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configuration_stages
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: not_configured_action
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- configure
|
|
- deny
|
|
- skip
|
|
description: |-
|
|
* `skip` - Skip
|
|
* `deny` - Deny
|
|
* `configure` - Configure
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_authenticator_validate_create
|
|
description: AuthenticatorValidateStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/validate/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_validate_retrieve
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_authenticator_validate_update
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_authenticator_validate_partial_update
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_authenticator_validate_destroy
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/validate/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_validate_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/webauthn/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_list
|
|
description: AuthenticateWebAuthnStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: authenticator_attachment
|
|
schema:
|
|
type: string
|
|
nullable: true
|
|
enum:
|
|
- cross-platform
|
|
- platform
|
|
description: |-
|
|
* `platform` - Platform
|
|
* `cross-platform` - Cross Platform
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: resident_key_requirement
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- discouraged
|
|
- preferred
|
|
- required
|
|
description: |-
|
|
* `discouraged` - Discouraged
|
|
* `preferred` - Preferred
|
|
* `required` - Required
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: user_verification
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- discouraged
|
|
- preferred
|
|
- required
|
|
description: |-
|
|
* `required` - Required
|
|
* `preferred` - Preferred
|
|
* `discouraged` - Discouraged
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticateWebAuthnStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_authenticator_webauthn_create
|
|
description: AuthenticateWebAuthnStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticateWebAuthnStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticateWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/webauthn/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_retrieve
|
|
description: AuthenticateWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticateWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_authenticator_webauthn_update
|
|
description: AuthenticateWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticateWebAuthnStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticateWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_authenticator_webauthn_partial_update
|
|
description: AuthenticateWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticateWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_authenticator_webauthn_destroy
|
|
description: AuthenticateWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/authenticator/webauthn/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/captcha/:
|
|
get:
|
|
operationId: stages_captcha_list
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: public_key
|
|
schema:
|
|
type: string
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedCaptchaStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_captcha_create
|
|
description: CaptchaStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/captcha/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_captcha_retrieve
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_captcha_update
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_captcha_partial_update
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedCaptchaStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_captcha_destroy
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/captcha/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_captcha_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/consent/:
|
|
get:
|
|
operationId: stages_consent_list
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: consent_expire_in
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- always_require
|
|
- expiring
|
|
- permanent
|
|
description: |-
|
|
* `always_require` - Always Require
|
|
* `permanent` - Permanent
|
|
* `expiring` - Expiring
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedConsentStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_consent_create
|
|
description: ConsentStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/consent/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_consent_retrieve
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_consent_update
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_consent_partial_update
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedConsentStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_consent_destroy
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/consent/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_consent_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/deny/:
|
|
get:
|
|
operationId: stages_deny_list
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: deny_message
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDenyStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_deny_create
|
|
description: DenyStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/deny/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_deny_retrieve
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_deny_update
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_deny_partial_update
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDenyStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_deny_destroy
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/deny/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_deny_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/dummy/:
|
|
get:
|
|
operationId: stages_dummy_list
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: throw_error
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDummyStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_dummy_create
|
|
description: DummyStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/dummy/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_dummy_retrieve
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_dummy_update
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_dummy_partial_update
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDummyStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_dummy_destroy
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/dummy/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_dummy_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/email/:
|
|
get:
|
|
operationId: stages_email_list
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: activate_user_on_success
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: from_address
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: host
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: port
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: subject
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: template
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: timeout
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: token_expiry
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: use_global_settings
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: use_ssl
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: use_tls
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEmailStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_email_create
|
|
description: EmailStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/email/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_email_retrieve
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_email_update
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_email_partial_update
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEmailStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_email_destroy
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/email/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_email_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/email/templates/:
|
|
get:
|
|
operationId: stages_email_templates_list
|
|
description: Get all available templates, including custom templates
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/identification/:
|
|
get:
|
|
operationId: stages_identification_list
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: case_insensitive_matching
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: password_stage
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: passwordless_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: recovery_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: show_matched_user
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: show_source_labels
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedIdentificationStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_identification_create
|
|
description: IdentificationStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/identification/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_identification_retrieve
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_identification_update
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_identification_partial_update
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedIdentificationStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_identification_destroy
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/identification/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_identification_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/invitation/invitations/:
|
|
get:
|
|
operationId: stages_invitation_invitations_list
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created_by__username
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: expires
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: flow__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedInvitationList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_invitation_invitations_create
|
|
description: Invitation Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/invitation/invitations/{invite_uuid}/:
|
|
get:
|
|
operationId: stages_invitation_invitations_retrieve
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_invitation_invitations_update
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_invitation_invitations_partial_update
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedInvitationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_invitation_invitations_destroy
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/invitation/invitations/{invite_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_invitation_invitations_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/invitation/stages/:
|
|
get:
|
|
operationId: stages_invitation_stages_list
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: continue_flow_without_invitation
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: no_flows
|
|
schema:
|
|
type: boolean
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedInvitationStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_invitation_stages_create
|
|
description: InvitationStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/invitation/stages/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_invitation_stages_retrieve
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_invitation_stages_update
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_invitation_stages_partial_update
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedInvitationStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_invitation_stages_destroy
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/invitation/stages/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_invitation_stages_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/password/:
|
|
get:
|
|
operationId: stages_password_list
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: failed_attempts_before_cancel
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPasswordStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_password_create
|
|
description: PasswordStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/password/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_password_retrieve
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_password_update
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_password_partial_update
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPasswordStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_password_destroy
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/password/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_password_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/prompt/prompts/:
|
|
get:
|
|
operationId: stages_prompt_prompts_list
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: query
|
|
name: field_key
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: label
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: placeholder
|
|
schema:
|
|
type: string
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: type
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- ak-locale
|
|
- checkbox
|
|
- date
|
|
- date-time
|
|
- dropdown
|
|
- email
|
|
- file
|
|
- hidden
|
|
- number
|
|
- password
|
|
- radio-button-group
|
|
- separator
|
|
- static
|
|
- text
|
|
- text_area
|
|
- text_area_read_only
|
|
- text_read_only
|
|
- username
|
|
description: |-
|
|
* `text` - Text: Simple Text input
|
|
* `text_area` - Text area: Multiline Text Input.
|
|
* `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
|
|
* `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
|
|
* `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
|
|
* `email` - Email: Text field with Email type.
|
|
* `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
|
|
* `number` - Number
|
|
* `checkbox` - Checkbox
|
|
* `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
|
|
* `dropdown` - Fixed choice field rendered as a dropdown.
|
|
* `date` - Date
|
|
* `date-time` - Date Time
|
|
* `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
|
|
* `separator` - Separator: Static Separator Line
|
|
* `hidden` - Hidden: Hidden field, can be used to insert data into form.
|
|
* `static` - Static: Static value, displayed as-is.
|
|
* `ak-locale` - authentik: Selection of locales authentik supports
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPromptList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_prompt_prompts_create
|
|
description: Prompt Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/prompt/prompts/{prompt_uuid}/:
|
|
get:
|
|
operationId: stages_prompt_prompts_retrieve
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_prompt_prompts_update
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_prompt_prompts_partial_update
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPromptRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_prompt_prompts_destroy
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/prompt/prompts/{prompt_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_prompt_prompts_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/prompt/prompts/preview/:
|
|
post:
|
|
operationId: stages_prompt_prompts_preview_create
|
|
description: Preview a prompt as a challenge, just like a flow would receive
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptChallenge'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/prompt/stages/:
|
|
get:
|
|
operationId: stages_prompt_stages_list
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: fields
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: validation_policies
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPromptStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_prompt_stages_create
|
|
description: PromptStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/prompt/stages/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_prompt_stages_retrieve
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_prompt_stages_update
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_prompt_stages_partial_update
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPromptStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_prompt_stages_destroy
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/prompt/stages/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_prompt_stages_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_delete/:
|
|
get:
|
|
operationId: stages_user_delete_list
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserDeleteStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_user_delete_create
|
|
description: UserDeleteStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_delete/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_delete_retrieve
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_user_delete_update
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_user_delete_partial_update
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserDeleteStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_user_delete_destroy
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_delete/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_delete_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_login/:
|
|
get:
|
|
operationId: stages_user_login_list
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: remember_me_offset
|
|
schema:
|
|
type: string
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: session_duration
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: terminate_other_sessions
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserLoginStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_user_login_create
|
|
description: UserLoginStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_login/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_login_retrieve
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_user_login_update
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_user_login_partial_update
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserLoginStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_user_login_destroy
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_login/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_login_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_logout/:
|
|
get:
|
|
operationId: stages_user_logout_list
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserLogoutStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_user_logout_create
|
|
description: UserLogoutStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_logout/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_logout_retrieve
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_user_logout_update
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_user_logout_partial_update
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserLogoutStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_user_logout_destroy
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_logout/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_logout_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_write/:
|
|
get:
|
|
operationId: stages_user_write_list
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: create_users_as_inactive
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: create_users_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: user_creation_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- always_create
|
|
- create_when_required
|
|
- never_create
|
|
description: |-
|
|
* `never_create` - Never Create
|
|
* `create_when_required` - Create When Required
|
|
* `always_create` - Always Create
|
|
- in: query
|
|
name: user_path_template
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_type
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- external
|
|
- internal
|
|
- internal_service_account
|
|
- service_account
|
|
description: |-
|
|
* `internal` - Internal
|
|
* `external` - External
|
|
* `service_account` - Service Account
|
|
* `internal_service_account` - Internal Service Account
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserWriteStageList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: stages_user_write_create
|
|
description: UserWriteStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_write/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_write_retrieve
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: stages_user_write_update
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: stages_user_write_partial_update
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserWriteStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: stages_user_write_destroy
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/stages/user_write/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_write_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/tenants/:
|
|
get:
|
|
operationId: tenants_list
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- name: ordering
|
|
required: false
|
|
in: query
|
|
description: Which field to use when ordering the results.
|
|
schema:
|
|
type: string
|
|
- name: page
|
|
required: false
|
|
in: query
|
|
description: A page number within the paginated result set.
|
|
schema:
|
|
type: integer
|
|
- name: page_size
|
|
required: false
|
|
in: query
|
|
description: Number of results to return per page.
|
|
schema:
|
|
type: integer
|
|
- name: search
|
|
required: false
|
|
in: query
|
|
description: A search term.
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- tenants
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTenantList'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
post:
|
|
operationId: tenants_create
|
|
description: Tenant Viewset
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
/tenants/{tenant_uuid}/:
|
|
get:
|
|
operationId: tenants_retrieve
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
put:
|
|
operationId: tenants_update
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
patch:
|
|
operationId: tenants_partial_update
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTenantRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
delete:
|
|
operationId: tenants_destroy
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
'403':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
components:
|
|
schemas:
|
|
AccessDeniedChallenge:
|
|
type: object
|
|
description: Challenge when a flow's active stage calls `stage_invalid()`.
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-access-denied
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
error_message:
|
|
type: string
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- type
|
|
App:
|
|
type: object
|
|
description: Serialize Application info
|
|
properties:
|
|
name:
|
|
type: string
|
|
label:
|
|
type: string
|
|
required:
|
|
- label
|
|
- name
|
|
AppEnum:
|
|
enum:
|
|
- authentik.tenants
|
|
- authentik.admin
|
|
- authentik.api
|
|
- authentik.crypto
|
|
- authentik.events
|
|
- authentik.flows
|
|
- authentik.outposts
|
|
- authentik.policies.dummy
|
|
- authentik.policies.event_matcher
|
|
- authentik.policies.expiry
|
|
- authentik.policies.expression
|
|
- authentik.policies.password
|
|
- authentik.policies.reputation
|
|
- authentik.policies
|
|
- authentik.providers.ldap
|
|
- authentik.providers.oauth2
|
|
- authentik.providers.proxy
|
|
- authentik.providers.radius
|
|
- authentik.providers.saml
|
|
- authentik.providers.scim
|
|
- authentik.rbac
|
|
- authentik.recovery
|
|
- authentik.sources.ldap
|
|
- authentik.sources.oauth
|
|
- authentik.sources.plex
|
|
- authentik.sources.saml
|
|
- authentik.stages.authenticator
|
|
- authentik.stages.authenticator_duo
|
|
- authentik.stages.authenticator_sms
|
|
- authentik.stages.authenticator_static
|
|
- authentik.stages.authenticator_totp
|
|
- authentik.stages.authenticator_validate
|
|
- authentik.stages.authenticator_webauthn
|
|
- authentik.stages.captcha
|
|
- authentik.stages.consent
|
|
- authentik.stages.deny
|
|
- authentik.stages.dummy
|
|
- authentik.stages.email
|
|
- authentik.stages.identification
|
|
- authentik.stages.invitation
|
|
- authentik.stages.password
|
|
- authentik.stages.prompt
|
|
- authentik.stages.user_delete
|
|
- authentik.stages.user_login
|
|
- authentik.stages.user_logout
|
|
- authentik.stages.user_write
|
|
- authentik.brands
|
|
- authentik.blueprints
|
|
- authentik.core
|
|
- authentik.enterprise
|
|
type: string
|
|
description: |-
|
|
* `authentik.tenants` - authentik Tenants
|
|
* `authentik.admin` - authentik Admin
|
|
* `authentik.api` - authentik API
|
|
* `authentik.crypto` - authentik Crypto
|
|
* `authentik.events` - authentik Events
|
|
* `authentik.flows` - authentik Flows
|
|
* `authentik.outposts` - authentik Outpost
|
|
* `authentik.policies.dummy` - authentik Policies.Dummy
|
|
* `authentik.policies.event_matcher` - authentik Policies.Event Matcher
|
|
* `authentik.policies.expiry` - authentik Policies.Expiry
|
|
* `authentik.policies.expression` - authentik Policies.Expression
|
|
* `authentik.policies.password` - authentik Policies.Password
|
|
* `authentik.policies.reputation` - authentik Policies.Reputation
|
|
* `authentik.policies` - authentik Policies
|
|
* `authentik.providers.ldap` - authentik Providers.LDAP
|
|
* `authentik.providers.oauth2` - authentik Providers.OAuth2
|
|
* `authentik.providers.proxy` - authentik Providers.Proxy
|
|
* `authentik.providers.radius` - authentik Providers.Radius
|
|
* `authentik.providers.saml` - authentik Providers.SAML
|
|
* `authentik.providers.scim` - authentik Providers.SCIM
|
|
* `authentik.rbac` - authentik RBAC
|
|
* `authentik.recovery` - authentik Recovery
|
|
* `authentik.sources.ldap` - authentik Sources.LDAP
|
|
* `authentik.sources.oauth` - authentik Sources.OAuth
|
|
* `authentik.sources.plex` - authentik Sources.Plex
|
|
* `authentik.sources.saml` - authentik Sources.SAML
|
|
* `authentik.stages.authenticator` - authentik Stages.Authenticator
|
|
* `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
|
|
* `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
|
|
* `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
|
|
* `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
|
|
* `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
|
|
* `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
|
|
* `authentik.stages.captcha` - authentik Stages.Captcha
|
|
* `authentik.stages.consent` - authentik Stages.Consent
|
|
* `authentik.stages.deny` - authentik Stages.Deny
|
|
* `authentik.stages.dummy` - authentik Stages.Dummy
|
|
* `authentik.stages.email` - authentik Stages.Email
|
|
* `authentik.stages.identification` - authentik Stages.Identification
|
|
* `authentik.stages.invitation` - authentik Stages.User Invitation
|
|
* `authentik.stages.password` - authentik Stages.Password
|
|
* `authentik.stages.prompt` - authentik Stages.Prompt
|
|
* `authentik.stages.user_delete` - authentik Stages.User Delete
|
|
* `authentik.stages.user_login` - authentik Stages.User Login
|
|
* `authentik.stages.user_logout` - authentik Stages.User Logout
|
|
* `authentik.stages.user_write` - authentik Stages.User Write
|
|
* `authentik.brands` - authentik Brands
|
|
* `authentik.blueprints` - authentik Blueprints
|
|
* `authentik.core` - authentik Core
|
|
* `authentik.enterprise` - authentik Enterprise
|
|
AppleChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for plex response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-source-oauth-apple
|
|
AppleLoginChallenge:
|
|
type: object
|
|
description: Special challenge for apple-native authentication flow, which happens
|
|
on the client.
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-source-oauth-apple
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
client_id:
|
|
type: string
|
|
scope:
|
|
type: string
|
|
redirect_uri:
|
|
type: string
|
|
state:
|
|
type: string
|
|
required:
|
|
- client_id
|
|
- redirect_uri
|
|
- scope
|
|
- state
|
|
- type
|
|
Application:
|
|
type: object
|
|
description: Application Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Application's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
provider:
|
|
type: integer
|
|
nullable: true
|
|
provider_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Provider'
|
|
readOnly: true
|
|
backchannel_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
backchannel_providers_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Provider'
|
|
readOnly: true
|
|
launch_url:
|
|
type: string
|
|
nullable: true
|
|
description: Allow formatting of launch URL
|
|
readOnly: true
|
|
open_in_new_tab:
|
|
type: boolean
|
|
description: Open launch URL in a new browser tab or window.
|
|
meta_launch_url:
|
|
type: string
|
|
format: uri
|
|
meta_icon:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Get the URL to the App Icon image. If the name is /static or starts with http
|
|
it is returned as-is
|
|
readOnly: true
|
|
meta_description:
|
|
type: string
|
|
meta_publisher:
|
|
type: string
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
group:
|
|
type: string
|
|
required:
|
|
- backchannel_providers_obj
|
|
- launch_url
|
|
- meta_icon
|
|
- name
|
|
- pk
|
|
- provider_obj
|
|
- slug
|
|
ApplicationRequest:
|
|
type: object
|
|
description: Application Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Application's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal application name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
provider:
|
|
type: integer
|
|
nullable: true
|
|
backchannel_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
open_in_new_tab:
|
|
type: boolean
|
|
description: Open launch URL in a new browser tab or window.
|
|
meta_launch_url:
|
|
type: string
|
|
format: uri
|
|
meta_description:
|
|
type: string
|
|
meta_publisher:
|
|
type: string
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
group:
|
|
type: string
|
|
required:
|
|
- name
|
|
- slug
|
|
AuthTypeEnum:
|
|
enum:
|
|
- basic
|
|
- bearer
|
|
type: string
|
|
description: |-
|
|
* `basic` - Basic
|
|
* `bearer` - Bearer
|
|
AuthenticateWebAuthnStage:
|
|
type: object
|
|
description: AuthenticateWebAuthnStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
user_verification:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
authenticator_attachment:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
|
|
nullable: true
|
|
resident_key_requirement:
|
|
$ref: '#/components/schemas/ResidentKeyRequirementEnum'
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticateWebAuthnStageRequest:
|
|
type: object
|
|
description: AuthenticateWebAuthnStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
user_verification:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
authenticator_attachment:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
|
|
nullable: true
|
|
resident_key_requirement:
|
|
$ref: '#/components/schemas/ResidentKeyRequirementEnum'
|
|
required:
|
|
- name
|
|
AuthenticatedSession:
|
|
type: object
|
|
description: AuthenticatedSession Serializer
|
|
properties:
|
|
uuid:
|
|
type: string
|
|
format: uuid
|
|
current:
|
|
type: boolean
|
|
description: Check if session is currently active session
|
|
readOnly: true
|
|
user_agent:
|
|
type: object
|
|
description: Get parsed user agent
|
|
properties:
|
|
device:
|
|
type: object
|
|
description: User agent device
|
|
properties:
|
|
brand:
|
|
type: string
|
|
family:
|
|
type: string
|
|
model:
|
|
type: string
|
|
required:
|
|
- brand
|
|
- family
|
|
- model
|
|
os:
|
|
type: object
|
|
description: User agent os
|
|
properties:
|
|
family:
|
|
type: string
|
|
major:
|
|
type: string
|
|
minor:
|
|
type: string
|
|
patch:
|
|
type: string
|
|
patch_minor:
|
|
type: string
|
|
required:
|
|
- family
|
|
- major
|
|
- minor
|
|
- patch
|
|
- patch_minor
|
|
user_agent:
|
|
type: object
|
|
description: User agent browser
|
|
properties:
|
|
family:
|
|
type: string
|
|
major:
|
|
type: string
|
|
minor:
|
|
type: string
|
|
patch:
|
|
type: string
|
|
required:
|
|
- family
|
|
- major
|
|
- minor
|
|
- patch
|
|
string:
|
|
type: string
|
|
required:
|
|
- device
|
|
- os
|
|
- string
|
|
- user_agent
|
|
readOnly: true
|
|
geo_ip:
|
|
type: object
|
|
description: Get parsed user agent
|
|
properties:
|
|
continent:
|
|
type: string
|
|
country:
|
|
type: string
|
|
lat:
|
|
type: number
|
|
format: double
|
|
long:
|
|
type: number
|
|
format: double
|
|
city:
|
|
type: string
|
|
required:
|
|
- city
|
|
- continent
|
|
- country
|
|
- lat
|
|
- long
|
|
nullable: true
|
|
readOnly: true
|
|
user:
|
|
type: integer
|
|
last_ip:
|
|
type: string
|
|
last_user_agent:
|
|
type: string
|
|
last_used:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
required:
|
|
- current
|
|
- geo_ip
|
|
- last_ip
|
|
- last_used
|
|
- user
|
|
- user_agent
|
|
AuthenticationEnum:
|
|
enum:
|
|
- none
|
|
- require_authenticated
|
|
- require_unauthenticated
|
|
- require_superuser
|
|
type: string
|
|
description: |-
|
|
* `none` - None
|
|
* `require_authenticated` - Require Authenticated
|
|
* `require_unauthenticated` - Require Unauthenticated
|
|
* `require_superuser` - Require Superuser
|
|
AuthenticatorAttachmentEnum:
|
|
enum:
|
|
- platform
|
|
- cross-platform
|
|
type: string
|
|
description: |-
|
|
* `platform` - Platform
|
|
* `cross-platform` - Cross Platform
|
|
AuthenticatorDuoChallenge:
|
|
type: object
|
|
description: Duo Challenge
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-duo
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
activation_barcode:
|
|
type: string
|
|
activation_code:
|
|
type: string
|
|
stage_uuid:
|
|
type: string
|
|
required:
|
|
- activation_barcode
|
|
- activation_code
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- stage_uuid
|
|
- type
|
|
AuthenticatorDuoChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for duo response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-duo
|
|
AuthenticatorDuoStage:
|
|
type: object
|
|
description: AuthenticatorDuoStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
client_id:
|
|
type: string
|
|
api_hostname:
|
|
type: string
|
|
admin_integration_key:
|
|
type: string
|
|
required:
|
|
- api_hostname
|
|
- client_id
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorDuoStageDeviceImportResponse:
|
|
type: object
|
|
properties:
|
|
count:
|
|
type: integer
|
|
readOnly: true
|
|
error:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- count
|
|
- error
|
|
AuthenticatorDuoStageManualDeviceImportRequest:
|
|
type: object
|
|
properties:
|
|
duo_user_id:
|
|
type: string
|
|
minLength: 1
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- duo_user_id
|
|
- username
|
|
AuthenticatorDuoStageRequest:
|
|
type: object
|
|
description: AuthenticatorDuoStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
client_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
api_hostname:
|
|
type: string
|
|
minLength: 1
|
|
admin_integration_key:
|
|
type: string
|
|
admin_secret_key:
|
|
type: string
|
|
writeOnly: true
|
|
required:
|
|
- api_hostname
|
|
- client_id
|
|
- client_secret
|
|
- name
|
|
AuthenticatorSMSChallenge:
|
|
type: object
|
|
description: SMS Setup challenge
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-sms
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
phone_number_required:
|
|
type: boolean
|
|
default: true
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- type
|
|
AuthenticatorSMSChallengeResponseRequest:
|
|
type: object
|
|
description: SMS Challenge response, device is set by get_response_instance
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-sms
|
|
code:
|
|
type: integer
|
|
phone_number:
|
|
type: string
|
|
minLength: 1
|
|
AuthenticatorSMSStage:
|
|
type: object
|
|
description: AuthenticatorSMSStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
provider:
|
|
$ref: '#/components/schemas/ProviderEnum'
|
|
from_number:
|
|
type: string
|
|
account_sid:
|
|
type: string
|
|
auth:
|
|
type: string
|
|
auth_password:
|
|
type: string
|
|
auth_type:
|
|
$ref: '#/components/schemas/AuthTypeEnum'
|
|
verify_only:
|
|
type: boolean
|
|
description: When enabled, the Phone number is only used during enrollment
|
|
to verify the users authenticity. Only a hash of the phone number is saved
|
|
to ensure it is not reused in the future.
|
|
mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally modify the payload being sent to custom providers.
|
|
required:
|
|
- account_sid
|
|
- auth
|
|
- component
|
|
- from_number
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- provider
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorSMSStageRequest:
|
|
type: object
|
|
description: AuthenticatorSMSStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
provider:
|
|
$ref: '#/components/schemas/ProviderEnum'
|
|
from_number:
|
|
type: string
|
|
minLength: 1
|
|
account_sid:
|
|
type: string
|
|
minLength: 1
|
|
auth:
|
|
type: string
|
|
minLength: 1
|
|
auth_password:
|
|
type: string
|
|
auth_type:
|
|
$ref: '#/components/schemas/AuthTypeEnum'
|
|
verify_only:
|
|
type: boolean
|
|
description: When enabled, the Phone number is only used during enrollment
|
|
to verify the users authenticity. Only a hash of the phone number is saved
|
|
to ensure it is not reused in the future.
|
|
mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally modify the payload being sent to custom providers.
|
|
required:
|
|
- account_sid
|
|
- auth
|
|
- from_number
|
|
- name
|
|
- provider
|
|
AuthenticatorStaticChallenge:
|
|
type: object
|
|
description: Static authenticator challenge
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-static
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
codes:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- codes
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- type
|
|
AuthenticatorStaticChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for static response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-static
|
|
AuthenticatorStaticStage:
|
|
type: object
|
|
description: AuthenticatorStaticStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
token_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
token_length:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorStaticStageRequest:
|
|
type: object
|
|
description: AuthenticatorStaticStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
token_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
token_length:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
required:
|
|
- name
|
|
AuthenticatorTOTPChallenge:
|
|
type: object
|
|
description: TOTP Setup challenge
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-totp
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
config_url:
|
|
type: string
|
|
required:
|
|
- config_url
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- type
|
|
AuthenticatorTOTPChallengeResponseRequest:
|
|
type: object
|
|
description: TOTP Challenge response, device is set by get_response_instance
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-totp
|
|
code:
|
|
type: integer
|
|
required:
|
|
- code
|
|
AuthenticatorTOTPStage:
|
|
type: object
|
|
description: AuthenticatorTOTPStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
digits:
|
|
$ref: '#/components/schemas/DigitsEnum'
|
|
required:
|
|
- component
|
|
- digits
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorTOTPStageRequest:
|
|
type: object
|
|
description: AuthenticatorTOTPStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
digits:
|
|
$ref: '#/components/schemas/DigitsEnum'
|
|
required:
|
|
- digits
|
|
- name
|
|
AuthenticatorValidateStage:
|
|
type: object
|
|
description: AuthenticatorValidateStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
not_configured_action:
|
|
$ref: '#/components/schemas/NotConfiguredActionEnum'
|
|
device_classes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
description: Device classes which can be used to authenticate
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Stages used to configure Authenticator when user doesn't have
|
|
any compatible devices. After this configuration Stage passes, the user
|
|
is not prompted again.
|
|
last_auth_threshold:
|
|
type: string
|
|
description: If any of the user's device has been used within this threshold,
|
|
this stage will be skipped
|
|
webauthn_user_verification:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserVerificationEnum'
|
|
description: |-
|
|
Enforce user verification for WebAuthn devices.
|
|
|
|
* `required` - Required
|
|
* `preferred` - Preferred
|
|
* `discouraged` - Discouraged
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorValidateStageRequest:
|
|
type: object
|
|
description: AuthenticatorValidateStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
not_configured_action:
|
|
$ref: '#/components/schemas/NotConfiguredActionEnum'
|
|
device_classes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
description: Device classes which can be used to authenticate
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Stages used to configure Authenticator when user doesn't have
|
|
any compatible devices. After this configuration Stage passes, the user
|
|
is not prompted again.
|
|
last_auth_threshold:
|
|
type: string
|
|
minLength: 1
|
|
description: If any of the user's device has been used within this threshold,
|
|
this stage will be skipped
|
|
webauthn_user_verification:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserVerificationEnum'
|
|
description: |-
|
|
Enforce user verification for WebAuthn devices.
|
|
|
|
* `required` - Required
|
|
* `preferred` - Preferred
|
|
* `discouraged` - Discouraged
|
|
required:
|
|
- name
|
|
AuthenticatorValidationChallenge:
|
|
type: object
|
|
description: Authenticator challenge
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-validate
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
device_challenges:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceChallenge'
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SelectableStage'
|
|
required:
|
|
- configuration_stages
|
|
- device_challenges
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- type
|
|
AuthenticatorValidationChallengeResponseRequest:
|
|
type: object
|
|
description: Challenge used for Code-based and WebAuthn authenticators
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-validate
|
|
selected_challenge:
|
|
$ref: '#/components/schemas/DeviceChallengeRequest'
|
|
selected_stage:
|
|
type: string
|
|
minLength: 1
|
|
code:
|
|
type: string
|
|
minLength: 1
|
|
webauthn:
|
|
type: object
|
|
additionalProperties: {}
|
|
duo:
|
|
type: integer
|
|
AuthenticatorWebAuthnChallenge:
|
|
type: object
|
|
description: WebAuthn Challenge
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-webauthn
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
registration:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- registration
|
|
- type
|
|
AuthenticatorWebAuthnChallengeResponseRequest:
|
|
type: object
|
|
description: WebAuthn Challenge response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-webauthn
|
|
response:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- response
|
|
AutoSubmitChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for autosubmit response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-autosubmit
|
|
AutosubmitChallenge:
|
|
type: object
|
|
description: Autosubmit challenge used to send and navigate a POST request
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-autosubmit
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
url:
|
|
type: string
|
|
attrs:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
title:
|
|
type: string
|
|
required:
|
|
- attrs
|
|
- type
|
|
- url
|
|
BackendsEnum:
|
|
enum:
|
|
- authentik.core.auth.InbuiltBackend
|
|
- authentik.core.auth.TokenBackend
|
|
- authentik.sources.ldap.auth.LDAPBackend
|
|
type: string
|
|
description: |-
|
|
* `authentik.core.auth.InbuiltBackend` - User database + standard password
|
|
* `authentik.core.auth.TokenBackend` - User database + app passwords
|
|
* `authentik.sources.ldap.auth.LDAPBackend` - User database + LDAP password
|
|
BindingTypeEnum:
|
|
enum:
|
|
- REDIRECT
|
|
- POST
|
|
- POST_AUTO
|
|
type: string
|
|
description: |-
|
|
* `REDIRECT` - Redirect Binding
|
|
* `POST` - POST Binding
|
|
* `POST_AUTO` - POST Binding with auto-confirmation
|
|
BlueprintFile:
|
|
type: object
|
|
properties:
|
|
path:
|
|
type: string
|
|
last_m:
|
|
type: string
|
|
format: date-time
|
|
hash:
|
|
type: string
|
|
meta:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Metadata'
|
|
readOnly: true
|
|
required:
|
|
- hash
|
|
- last_m
|
|
- meta
|
|
- path
|
|
BlueprintInstance:
|
|
type: object
|
|
description: Info about a single blueprint instance file
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Instance uuid
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
default: ''
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
last_applied:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_applied_hash:
|
|
type: string
|
|
readOnly: true
|
|
status:
|
|
allOf:
|
|
- $ref: '#/components/schemas/BlueprintInstanceStatusEnum'
|
|
readOnly: true
|
|
enabled:
|
|
type: boolean
|
|
managed_models:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
metadata:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
content:
|
|
type: string
|
|
required:
|
|
- last_applied
|
|
- last_applied_hash
|
|
- managed_models
|
|
- metadata
|
|
- name
|
|
- pk
|
|
- status
|
|
BlueprintInstanceRequest:
|
|
type: object
|
|
description: Info about a single blueprint instance file
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
path:
|
|
type: string
|
|
default: ''
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
enabled:
|
|
type: boolean
|
|
content:
|
|
type: string
|
|
required:
|
|
- name
|
|
BlueprintInstanceStatusEnum:
|
|
enum:
|
|
- successful
|
|
- warning
|
|
- error
|
|
- orphaned
|
|
- unknown
|
|
type: string
|
|
description: |-
|
|
* `successful` - Successful
|
|
* `warning` - Warning
|
|
* `error` - Error
|
|
* `orphaned` - Orphaned
|
|
* `unknown` - Unknown
|
|
Brand:
|
|
type: object
|
|
description: Brand Serializer
|
|
properties:
|
|
brand_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
domain:
|
|
type: string
|
|
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
|
|
for `aa.b` and `ba.b`
|
|
default:
|
|
type: boolean
|
|
branding_title:
|
|
type: string
|
|
branding_logo:
|
|
type: string
|
|
branding_favicon:
|
|
type: string
|
|
flow_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_invalidation:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_recovery:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_unenrollment:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_user_settings:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_device_code:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
event_retention:
|
|
type: string
|
|
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
|
|
web_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Web Certificate used by the authentik Core webserver.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- brand_uuid
|
|
- domain
|
|
BrandRequest:
|
|
type: object
|
|
description: Brand Serializer
|
|
properties:
|
|
domain:
|
|
type: string
|
|
minLength: 1
|
|
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
|
|
for `aa.b` and `ba.b`
|
|
default:
|
|
type: boolean
|
|
branding_title:
|
|
type: string
|
|
minLength: 1
|
|
branding_logo:
|
|
type: string
|
|
minLength: 1
|
|
branding_favicon:
|
|
type: string
|
|
minLength: 1
|
|
flow_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_invalidation:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_recovery:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_unenrollment:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_user_settings:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_device_code:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
event_retention:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
|
|
web_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Web Certificate used by the authentik Core webserver.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- domain
|
|
Cache:
|
|
type: object
|
|
description: Generic cache stats for an object
|
|
properties:
|
|
count:
|
|
type: integer
|
|
readOnly: true
|
|
required:
|
|
- count
|
|
CapabilitiesEnum:
|
|
enum:
|
|
- can_save_media
|
|
- can_geo_ip
|
|
- can_impersonate
|
|
- can_debug
|
|
- is_enterprise
|
|
type: string
|
|
description: |-
|
|
* `can_save_media` - Can Save Media
|
|
* `can_geo_ip` - Can Geo Ip
|
|
* `can_impersonate` - Can Impersonate
|
|
* `can_debug` - Can Debug
|
|
* `is_enterprise` - Is Enterprise
|
|
CaptchaChallenge:
|
|
type: object
|
|
description: Site public key
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-captcha
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
site_key:
|
|
type: string
|
|
js_url:
|
|
type: string
|
|
required:
|
|
- js_url
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- site_key
|
|
- type
|
|
CaptchaChallengeResponseRequest:
|
|
type: object
|
|
description: Validate captcha token
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-captcha
|
|
token:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- token
|
|
CaptchaStage:
|
|
type: object
|
|
description: CaptchaStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
public_key:
|
|
type: string
|
|
description: Public key, acquired your captcha Provider.
|
|
js_url:
|
|
type: string
|
|
api_url:
|
|
type: string
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- public_key
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
CaptchaStageRequest:
|
|
type: object
|
|
description: CaptchaStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
public_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Public key, acquired your captcha Provider.
|
|
private_key:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: Private key, acquired your captcha Provider.
|
|
js_url:
|
|
type: string
|
|
minLength: 1
|
|
api_url:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
- private_key
|
|
- public_key
|
|
CertificateData:
|
|
type: object
|
|
description: Get CertificateKeyPair's data
|
|
properties:
|
|
data:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- data
|
|
CertificateGenerationRequest:
|
|
type: object
|
|
description: Certificate generation parameters
|
|
properties:
|
|
common_name:
|
|
type: string
|
|
minLength: 1
|
|
subject_alt_name:
|
|
type: string
|
|
validity_days:
|
|
type: integer
|
|
required:
|
|
- common_name
|
|
- validity_days
|
|
CertificateKeyPair:
|
|
type: object
|
|
description: CertificateKeyPair Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Kp uuid
|
|
name:
|
|
type: string
|
|
fingerprint_sha256:
|
|
type: string
|
|
nullable: true
|
|
description: Get certificate Hash (SHA256)
|
|
readOnly: true
|
|
fingerprint_sha1:
|
|
type: string
|
|
nullable: true
|
|
description: Get certificate Hash (SHA1)
|
|
readOnly: true
|
|
cert_expiry:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
description: Get certificate expiry
|
|
readOnly: true
|
|
cert_subject:
|
|
type: string
|
|
nullable: true
|
|
description: Get certificate subject as full rfc4514
|
|
readOnly: true
|
|
private_key_available:
|
|
type: boolean
|
|
description: Show if this keypair has a private key configured or not
|
|
readOnly: true
|
|
private_key_type:
|
|
type: string
|
|
nullable: true
|
|
description: Get the private key's type, if set
|
|
readOnly: true
|
|
certificate_download_url:
|
|
type: string
|
|
description: Get URL to download certificate
|
|
readOnly: true
|
|
private_key_download_url:
|
|
type: string
|
|
description: Get URL to download private key
|
|
readOnly: true
|
|
managed:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
required:
|
|
- cert_expiry
|
|
- cert_subject
|
|
- certificate_download_url
|
|
- fingerprint_sha1
|
|
- fingerprint_sha256
|
|
- managed
|
|
- name
|
|
- pk
|
|
- private_key_available
|
|
- private_key_download_url
|
|
- private_key_type
|
|
CertificateKeyPairRequest:
|
|
type: object
|
|
description: CertificateKeyPair Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
certificate_data:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: PEM-encoded Certificate data
|
|
key_data:
|
|
type: string
|
|
writeOnly: true
|
|
description: Optional Private Key. If this is set, you can use this keypair
|
|
for encryption.
|
|
required:
|
|
- certificate_data
|
|
- name
|
|
ChallengeChoices:
|
|
enum:
|
|
- native
|
|
- shell
|
|
- redirect
|
|
type: string
|
|
description: |-
|
|
* `native` - NATIVE
|
|
* `shell` - SHELL
|
|
* `redirect` - REDIRECT
|
|
ChallengeTypes:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/AccessDeniedChallenge'
|
|
- $ref: '#/components/schemas/AppleLoginChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorDuoChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorSMSChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorStaticChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorTOTPChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorValidationChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorWebAuthnChallenge'
|
|
- $ref: '#/components/schemas/AutosubmitChallenge'
|
|
- $ref: '#/components/schemas/CaptchaChallenge'
|
|
- $ref: '#/components/schemas/ConsentChallenge'
|
|
- $ref: '#/components/schemas/DummyChallenge'
|
|
- $ref: '#/components/schemas/EmailChallenge'
|
|
- $ref: '#/components/schemas/FlowErrorChallenge'
|
|
- $ref: '#/components/schemas/IdentificationChallenge'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeChallenge'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
|
|
- $ref: '#/components/schemas/PasswordChallenge'
|
|
- $ref: '#/components/schemas/PlexAuthenticationChallenge'
|
|
- $ref: '#/components/schemas/PromptChallenge'
|
|
- $ref: '#/components/schemas/RedirectChallenge'
|
|
- $ref: '#/components/schemas/ShellChallenge'
|
|
- $ref: '#/components/schemas/UserLoginChallenge'
|
|
discriminator:
|
|
propertyName: component
|
|
mapping:
|
|
ak-stage-access-denied: '#/components/schemas/AccessDeniedChallenge'
|
|
ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
|
|
ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallenge'
|
|
ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallenge'
|
|
ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallenge'
|
|
ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallenge'
|
|
ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallenge'
|
|
ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallenge'
|
|
ak-stage-autosubmit: '#/components/schemas/AutosubmitChallenge'
|
|
ak-stage-captcha: '#/components/schemas/CaptchaChallenge'
|
|
ak-stage-consent: '#/components/schemas/ConsentChallenge'
|
|
ak-stage-dummy: '#/components/schemas/DummyChallenge'
|
|
ak-stage-email: '#/components/schemas/EmailChallenge'
|
|
ak-stage-flow-error: '#/components/schemas/FlowErrorChallenge'
|
|
ak-stage-identification: '#/components/schemas/IdentificationChallenge'
|
|
ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallenge'
|
|
ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
|
|
ak-stage-password: '#/components/schemas/PasswordChallenge'
|
|
ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
|
|
ak-stage-prompt: '#/components/schemas/PromptChallenge'
|
|
xak-flow-redirect: '#/components/schemas/RedirectChallenge'
|
|
xak-flow-shell: '#/components/schemas/ShellChallenge'
|
|
ak-stage-user-login: '#/components/schemas/UserLoginChallenge'
|
|
ClientTypeEnum:
|
|
enum:
|
|
- confidential
|
|
- public
|
|
type: string
|
|
description: |-
|
|
* `confidential` - Confidential
|
|
* `public` - Public
|
|
Config:
|
|
type: object
|
|
description: Serialize authentik Config into DRF Object
|
|
properties:
|
|
error_reporting:
|
|
$ref: '#/components/schemas/ErrorReportingConfig'
|
|
capabilities:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CapabilitiesEnum'
|
|
cache_timeout:
|
|
type: integer
|
|
cache_timeout_flows:
|
|
type: integer
|
|
cache_timeout_policies:
|
|
type: integer
|
|
cache_timeout_reputation:
|
|
type: integer
|
|
required:
|
|
- cache_timeout
|
|
- cache_timeout_flows
|
|
- cache_timeout_policies
|
|
- cache_timeout_reputation
|
|
- capabilities
|
|
- error_reporting
|
|
ConsentChallenge:
|
|
type: object
|
|
description: Challenge info for consent screens
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-consent
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
header_text:
|
|
type: string
|
|
permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ConsentPermission'
|
|
additional_permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ConsentPermission'
|
|
token:
|
|
type: string
|
|
required:
|
|
- additional_permissions
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- permissions
|
|
- token
|
|
- type
|
|
ConsentChallengeResponseRequest:
|
|
type: object
|
|
description: Consent challenge response, any valid response request is valid
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-consent
|
|
token:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- token
|
|
ConsentPermission:
|
|
type: object
|
|
description: Permission used for consent
|
|
properties:
|
|
name:
|
|
type: string
|
|
id:
|
|
type: string
|
|
required:
|
|
- id
|
|
- name
|
|
ConsentStage:
|
|
type: object
|
|
description: ConsentStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
mode:
|
|
$ref: '#/components/schemas/ConsentStageModeEnum'
|
|
consent_expire_in:
|
|
type: string
|
|
title: Consent expires in
|
|
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ConsentStageModeEnum:
|
|
enum:
|
|
- always_require
|
|
- permanent
|
|
- expiring
|
|
type: string
|
|
description: |-
|
|
* `always_require` - Always Require
|
|
* `permanent` - Permanent
|
|
* `expiring` - Expiring
|
|
ConsentStageRequest:
|
|
type: object
|
|
description: ConsentStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
mode:
|
|
$ref: '#/components/schemas/ConsentStageModeEnum'
|
|
consent_expire_in:
|
|
type: string
|
|
minLength: 1
|
|
title: Consent expires in
|
|
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- name
|
|
ContextualFlowInfo:
|
|
type: object
|
|
description: Contextual flow information for a challenge
|
|
properties:
|
|
title:
|
|
type: string
|
|
background:
|
|
type: string
|
|
cancel_url:
|
|
type: string
|
|
layout:
|
|
$ref: '#/components/schemas/LayoutEnum'
|
|
required:
|
|
- cancel_url
|
|
- layout
|
|
Coordinate:
|
|
type: object
|
|
description: Coordinates for diagrams
|
|
properties:
|
|
x_cord:
|
|
type: integer
|
|
readOnly: true
|
|
y_cord:
|
|
type: integer
|
|
readOnly: true
|
|
required:
|
|
- x_cord
|
|
- y_cord
|
|
CurrentBrand:
|
|
type: object
|
|
description: Partial brand information for styling
|
|
properties:
|
|
matched_domain:
|
|
type: string
|
|
branding_title:
|
|
type: string
|
|
branding_logo:
|
|
type: string
|
|
branding_favicon:
|
|
type: string
|
|
ui_footer_links:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FooterLink'
|
|
readOnly: true
|
|
ui_theme:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UiThemeEnum'
|
|
readOnly: true
|
|
default: automatic
|
|
flow_authentication:
|
|
type: string
|
|
flow_invalidation:
|
|
type: string
|
|
flow_recovery:
|
|
type: string
|
|
flow_unenrollment:
|
|
type: string
|
|
flow_user_settings:
|
|
type: string
|
|
flow_device_code:
|
|
type: string
|
|
default_locale:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- branding_favicon
|
|
- branding_logo
|
|
- branding_title
|
|
- default_locale
|
|
- matched_domain
|
|
- ui_footer_links
|
|
- ui_theme
|
|
DeniedActionEnum:
|
|
enum:
|
|
- message_continue
|
|
- message
|
|
- continue
|
|
type: string
|
|
description: |-
|
|
* `message_continue` - Message Continue
|
|
* `message` - Message
|
|
* `continue` - Continue
|
|
DenyStage:
|
|
type: object
|
|
description: DenyStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
deny_message:
|
|
type: string
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DenyStageRequest:
|
|
type: object
|
|
description: DenyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
deny_message:
|
|
type: string
|
|
required:
|
|
- name
|
|
Device:
|
|
type: object
|
|
description: Serializer for Duo authenticator devices
|
|
properties:
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
pk:
|
|
type: integer
|
|
name:
|
|
type: string
|
|
type:
|
|
type: string
|
|
description: Get type of device
|
|
readOnly: true
|
|
confirmed:
|
|
type: boolean
|
|
required:
|
|
- confirmed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- type
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DeviceChallenge:
|
|
type: object
|
|
description: Single device challenge
|
|
properties:
|
|
device_class:
|
|
type: string
|
|
device_uid:
|
|
type: string
|
|
challenge:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- challenge
|
|
- device_class
|
|
- device_uid
|
|
DeviceChallengeRequest:
|
|
type: object
|
|
description: Single device challenge
|
|
properties:
|
|
device_class:
|
|
type: string
|
|
minLength: 1
|
|
device_uid:
|
|
type: string
|
|
minLength: 1
|
|
challenge:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- challenge
|
|
- device_class
|
|
- device_uid
|
|
DeviceClassesEnum:
|
|
enum:
|
|
- static
|
|
- totp
|
|
- webauthn
|
|
- duo
|
|
- sms
|
|
type: string
|
|
description: |-
|
|
* `static` - Static
|
|
* `totp` - TOTP
|
|
* `webauthn` - WebAuthn
|
|
* `duo` - Duo
|
|
* `sms` - SMS
|
|
DigestAlgorithmEnum:
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#sha1
|
|
- http://www.w3.org/2001/04/xmlenc#sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#sha384
|
|
- http://www.w3.org/2001/04/xmlenc#sha512
|
|
type: string
|
|
description: |-
|
|
* `http://www.w3.org/2000/09/xmldsig#sha1` - SHA1
|
|
* `http://www.w3.org/2001/04/xmlenc#sha256` - SHA256
|
|
* `http://www.w3.org/2001/04/xmldsig-more#sha384` - SHA384
|
|
* `http://www.w3.org/2001/04/xmlenc#sha512` - SHA512
|
|
DigitsEnum:
|
|
enum:
|
|
- '6'
|
|
- '8'
|
|
type: string
|
|
description: |-
|
|
* `6` - 6 digits, widely compatible
|
|
* `8` - 8 digits, not compatible with apps like Google Authenticator
|
|
DockerServiceConnection:
|
|
type: object
|
|
description: DockerServiceConnection Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
component:
|
|
type: string
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
url:
|
|
type: string
|
|
description: Can be in the format of 'unix://<path>' when connecting to
|
|
a local docker daemon, or 'https://<hostname>:2376' when connecting to
|
|
a remote system.
|
|
tls_verification:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: CA which the endpoint's Certificate is verified against. Can
|
|
be left empty for no validation.
|
|
tls_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Certificate/Key used for authentication. Can be left empty
|
|
for no authentication.
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- url
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DockerServiceConnectionRequest:
|
|
type: object
|
|
description: DockerServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Can be in the format of 'unix://<path>' when connecting to
|
|
a local docker daemon, or 'https://<hostname>:2376' when connecting to
|
|
a remote system.
|
|
tls_verification:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: CA which the endpoint's Certificate is verified against. Can
|
|
be left empty for no validation.
|
|
tls_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Certificate/Key used for authentication. Can be left empty
|
|
for no authentication.
|
|
required:
|
|
- name
|
|
- url
|
|
Domain:
|
|
type: object
|
|
description: Domain Serializer
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
domain:
|
|
type: string
|
|
maxLength: 253
|
|
is_primary:
|
|
type: boolean
|
|
tenant:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- domain
|
|
- id
|
|
- tenant
|
|
DomainRequest:
|
|
type: object
|
|
description: Domain Serializer
|
|
properties:
|
|
domain:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 253
|
|
is_primary:
|
|
type: boolean
|
|
tenant:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- domain
|
|
- tenant
|
|
DummyChallenge:
|
|
type: object
|
|
description: Dummy challenge
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-dummy
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
required:
|
|
- type
|
|
DummyChallengeResponseRequest:
|
|
type: object
|
|
description: Dummy challenge response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-dummy
|
|
DummyPolicy:
|
|
type: object
|
|
description: Dummy Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
result:
|
|
type: boolean
|
|
wait_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
wait_max:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DummyPolicyRequest:
|
|
type: object
|
|
description: Dummy Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
result:
|
|
type: boolean
|
|
wait_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
wait_max:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- name
|
|
DummyStage:
|
|
type: object
|
|
description: DummyStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
throw_error:
|
|
type: boolean
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DummyStageRequest:
|
|
type: object
|
|
description: DummyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
throw_error:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
DuoDevice:
|
|
type: object
|
|
description: Serializer for Duo authenticator devices
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
- pk
|
|
DuoDeviceEnrollmentStatus:
|
|
type: object
|
|
properties:
|
|
duo_response:
|
|
$ref: '#/components/schemas/DuoResponseEnum'
|
|
required:
|
|
- duo_response
|
|
DuoDeviceRequest:
|
|
type: object
|
|
description: Serializer for Duo authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
DuoResponseEnum:
|
|
enum:
|
|
- success
|
|
- waiting
|
|
- invalid
|
|
type: string
|
|
description: |-
|
|
* `success` - Success
|
|
* `waiting` - Waiting
|
|
* `invalid` - Invalid
|
|
EmailChallenge:
|
|
type: object
|
|
description: Email challenge
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-email
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
required:
|
|
- type
|
|
EmailChallengeResponseRequest:
|
|
type: object
|
|
description: |-
|
|
Email challenge resposen. No fields. This challenge is
|
|
always declared invalid to give the user a chance to retry
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-email
|
|
EmailStage:
|
|
type: object
|
|
description: EmailStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
maxLength: 254
|
|
token_expiry:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: Time in minutes the token sent is valid.
|
|
subject:
|
|
type: string
|
|
template:
|
|
type: string
|
|
activate_user_on_success:
|
|
type: boolean
|
|
description: Activate users upon completion of stage.
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
EmailStageRequest:
|
|
type: object
|
|
description: EmailStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
writeOnly: true
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
token_expiry:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: Time in minutes the token sent is valid.
|
|
subject:
|
|
type: string
|
|
minLength: 1
|
|
template:
|
|
type: string
|
|
minLength: 1
|
|
activate_user_on_success:
|
|
type: boolean
|
|
description: Activate users upon completion of stage.
|
|
required:
|
|
- name
|
|
ErrorDetail:
|
|
type: object
|
|
description: Serializer for rest_framework's error messages
|
|
properties:
|
|
string:
|
|
type: string
|
|
code:
|
|
type: string
|
|
required:
|
|
- code
|
|
- string
|
|
ErrorReportingConfig:
|
|
type: object
|
|
description: Config for error reporting
|
|
properties:
|
|
enabled:
|
|
type: boolean
|
|
readOnly: true
|
|
sentry_dsn:
|
|
type: string
|
|
readOnly: true
|
|
environment:
|
|
type: string
|
|
readOnly: true
|
|
send_pii:
|
|
type: boolean
|
|
readOnly: true
|
|
traces_sample_rate:
|
|
type: number
|
|
format: double
|
|
readOnly: true
|
|
required:
|
|
- enabled
|
|
- environment
|
|
- send_pii
|
|
- sentry_dsn
|
|
- traces_sample_rate
|
|
Event:
|
|
type: object
|
|
description: Event Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Event uuid
|
|
user:
|
|
type: object
|
|
additionalProperties: {}
|
|
action:
|
|
$ref: '#/components/schemas/EventActions'
|
|
app:
|
|
type: string
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
brand:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- action
|
|
- app
|
|
- created
|
|
- pk
|
|
EventActions:
|
|
enum:
|
|
- login
|
|
- login_failed
|
|
- logout
|
|
- user_write
|
|
- suspicious_request
|
|
- password_set
|
|
- secret_view
|
|
- secret_rotate
|
|
- invitation_used
|
|
- authorize_application
|
|
- source_linked
|
|
- impersonation_started
|
|
- impersonation_ended
|
|
- flow_execution
|
|
- policy_execution
|
|
- policy_exception
|
|
- property_mapping_exception
|
|
- system_task_execution
|
|
- system_task_exception
|
|
- system_exception
|
|
- configuration_error
|
|
- model_created
|
|
- model_updated
|
|
- model_deleted
|
|
- email_sent
|
|
- update_available
|
|
- custom_
|
|
type: string
|
|
description: |-
|
|
* `login` - Login
|
|
* `login_failed` - Login Failed
|
|
* `logout` - Logout
|
|
* `user_write` - User Write
|
|
* `suspicious_request` - Suspicious Request
|
|
* `password_set` - Password Set
|
|
* `secret_view` - Secret View
|
|
* `secret_rotate` - Secret Rotate
|
|
* `invitation_used` - Invite Used
|
|
* `authorize_application` - Authorize Application
|
|
* `source_linked` - Source Linked
|
|
* `impersonation_started` - Impersonation Started
|
|
* `impersonation_ended` - Impersonation Ended
|
|
* `flow_execution` - Flow Execution
|
|
* `policy_execution` - Policy Execution
|
|
* `policy_exception` - Policy Exception
|
|
* `property_mapping_exception` - Property Mapping Exception
|
|
* `system_task_execution` - System Task Execution
|
|
* `system_task_exception` - System Task Exception
|
|
* `system_exception` - System Exception
|
|
* `configuration_error` - Configuration Error
|
|
* `model_created` - Model Created
|
|
* `model_updated` - Model Updated
|
|
* `model_deleted` - Model Deleted
|
|
* `email_sent` - Email Sent
|
|
* `update_available` - Update Available
|
|
* `custom_` - Custom Prefix
|
|
EventMatcherPolicy:
|
|
type: object
|
|
description: Event Matcher Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/EventActions'
|
|
nullable: true
|
|
description: |-
|
|
Match created events with this action type. When left empty, all action types will be matched.
|
|
|
|
* `login` - Login
|
|
* `login_failed` - Login Failed
|
|
* `logout` - Logout
|
|
* `user_write` - User Write
|
|
* `suspicious_request` - Suspicious Request
|
|
* `password_set` - Password Set
|
|
* `secret_view` - Secret View
|
|
* `secret_rotate` - Secret Rotate
|
|
* `invitation_used` - Invite Used
|
|
* `authorize_application` - Authorize Application
|
|
* `source_linked` - Source Linked
|
|
* `impersonation_started` - Impersonation Started
|
|
* `impersonation_ended` - Impersonation Ended
|
|
* `flow_execution` - Flow Execution
|
|
* `policy_execution` - Policy Execution
|
|
* `policy_exception` - Policy Exception
|
|
* `property_mapping_exception` - Property Mapping Exception
|
|
* `system_task_execution` - System Task Execution
|
|
* `system_task_exception` - System Task Exception
|
|
* `system_exception` - System Exception
|
|
* `configuration_error` - Configuration Error
|
|
* `model_created` - Model Created
|
|
* `model_updated` - Model Updated
|
|
* `model_deleted` - Model Deleted
|
|
* `email_sent` - Email Sent
|
|
* `update_available` - Update Available
|
|
* `custom_` - Custom Prefix
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
description: Matches Event's Client IP (strict matching, for network matching
|
|
use an Expression Policy)
|
|
app:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AppEnum'
|
|
nullable: true
|
|
description: |-
|
|
Match events created by selected application. When left empty, all applications are matched.
|
|
|
|
* `authentik.tenants` - authentik Tenants
|
|
* `authentik.admin` - authentik Admin
|
|
* `authentik.api` - authentik API
|
|
* `authentik.crypto` - authentik Crypto
|
|
* `authentik.events` - authentik Events
|
|
* `authentik.flows` - authentik Flows
|
|
* `authentik.outposts` - authentik Outpost
|
|
* `authentik.policies.dummy` - authentik Policies.Dummy
|
|
* `authentik.policies.event_matcher` - authentik Policies.Event Matcher
|
|
* `authentik.policies.expiry` - authentik Policies.Expiry
|
|
* `authentik.policies.expression` - authentik Policies.Expression
|
|
* `authentik.policies.password` - authentik Policies.Password
|
|
* `authentik.policies.reputation` - authentik Policies.Reputation
|
|
* `authentik.policies` - authentik Policies
|
|
* `authentik.providers.ldap` - authentik Providers.LDAP
|
|
* `authentik.providers.oauth2` - authentik Providers.OAuth2
|
|
* `authentik.providers.proxy` - authentik Providers.Proxy
|
|
* `authentik.providers.radius` - authentik Providers.Radius
|
|
* `authentik.providers.saml` - authentik Providers.SAML
|
|
* `authentik.providers.scim` - authentik Providers.SCIM
|
|
* `authentik.rbac` - authentik RBAC
|
|
* `authentik.recovery` - authentik Recovery
|
|
* `authentik.sources.ldap` - authentik Sources.LDAP
|
|
* `authentik.sources.oauth` - authentik Sources.OAuth
|
|
* `authentik.sources.plex` - authentik Sources.Plex
|
|
* `authentik.sources.saml` - authentik Sources.SAML
|
|
* `authentik.stages.authenticator` - authentik Stages.Authenticator
|
|
* `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
|
|
* `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
|
|
* `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
|
|
* `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
|
|
* `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
|
|
* `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
|
|
* `authentik.stages.captcha` - authentik Stages.Captcha
|
|
* `authentik.stages.consent` - authentik Stages.Consent
|
|
* `authentik.stages.deny` - authentik Stages.Deny
|
|
* `authentik.stages.dummy` - authentik Stages.Dummy
|
|
* `authentik.stages.email` - authentik Stages.Email
|
|
* `authentik.stages.identification` - authentik Stages.Identification
|
|
* `authentik.stages.invitation` - authentik Stages.User Invitation
|
|
* `authentik.stages.password` - authentik Stages.Password
|
|
* `authentik.stages.prompt` - authentik Stages.Prompt
|
|
* `authentik.stages.user_delete` - authentik Stages.User Delete
|
|
* `authentik.stages.user_login` - authentik Stages.User Login
|
|
* `authentik.stages.user_logout` - authentik Stages.User Logout
|
|
* `authentik.stages.user_write` - authentik Stages.User Write
|
|
* `authentik.brands` - authentik Brands
|
|
* `authentik.blueprints` - authentik Blueprints
|
|
* `authentik.core` - authentik Core
|
|
* `authentik.enterprise` - authentik Enterprise
|
|
model:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ModelEnum'
|
|
nullable: true
|
|
description: |-
|
|
Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
|
|
|
|
* `authentik_tenants.tenant` - Tenant
|
|
* `authentik_tenants.domain` - Domain
|
|
* `authentik_crypto.certificatekeypair` - Certificate-Key Pair
|
|
* `authentik_events.event` - Event
|
|
* `authentik_events.notificationtransport` - Notification Transport
|
|
* `authentik_events.notification` - Notification
|
|
* `authentik_events.notificationrule` - Notification Rule
|
|
* `authentik_events.notificationwebhookmapping` - Webhook Mapping
|
|
* `authentik_flows.flow` - Flow
|
|
* `authentik_flows.flowstagebinding` - Flow Stage Binding
|
|
* `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
|
|
* `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
|
|
* `authentik_outposts.outpost` - Outpost
|
|
* `authentik_policies_dummy.dummypolicy` - Dummy Policy
|
|
* `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
|
|
* `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
|
|
* `authentik_policies_expression.expressionpolicy` - Expression Policy
|
|
* `authentik_policies_password.passwordpolicy` - Password Policy
|
|
* `authentik_policies_reputation.reputationpolicy` - Reputation Policy
|
|
* `authentik_policies_reputation.reputation` - Reputation Score
|
|
* `authentik_policies.policybinding` - Policy Binding
|
|
* `authentik_providers_ldap.ldapprovider` - LDAP Provider
|
|
* `authentik_providers_oauth2.scopemapping` - Scope Mapping
|
|
* `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
|
|
* `authentik_providers_oauth2.authorizationcode` - Authorization Code
|
|
* `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
|
|
* `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
|
|
* `authentik_providers_proxy.proxyprovider` - Proxy Provider
|
|
* `authentik_providers_radius.radiusprovider` - Radius Provider
|
|
* `authentik_providers_saml.samlprovider` - SAML Provider
|
|
* `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
|
|
* `authentik_providers_scim.scimprovider` - SCIM Provider
|
|
* `authentik_providers_scim.scimmapping` - SCIM Mapping
|
|
* `authentik_rbac.role` - Role
|
|
* `authentik_sources_ldap.ldapsource` - LDAP Source
|
|
* `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
|
|
* `authentik_sources_oauth.oauthsource` - OAuth Source
|
|
* `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
|
|
* `authentik_sources_plex.plexsource` - Plex Source
|
|
* `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
|
|
* `authentik_sources_saml.samlsource` - SAML Source
|
|
* `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
|
|
* `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_duo.duodevice` - Duo Device
|
|
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
|
|
* `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
|
|
* `authentik_stages_authenticator_static.staticdevice` - Static Device
|
|
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
|
|
* `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
|
|
* `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
|
|
* `authentik_stages_captcha.captchastage` - Captcha Stage
|
|
* `authentik_stages_consent.consentstage` - Consent Stage
|
|
* `authentik_stages_consent.userconsent` - User Consent
|
|
* `authentik_stages_deny.denystage` - Deny Stage
|
|
* `authentik_stages_dummy.dummystage` - Dummy Stage
|
|
* `authentik_stages_email.emailstage` - Email Stage
|
|
* `authentik_stages_identification.identificationstage` - Identification Stage
|
|
* `authentik_stages_invitation.invitationstage` - Invitation Stage
|
|
* `authentik_stages_invitation.invitation` - Invitation
|
|
* `authentik_stages_password.passwordstage` - Password Stage
|
|
* `authentik_stages_prompt.prompt` - Prompt
|
|
* `authentik_stages_prompt.promptstage` - Prompt Stage
|
|
* `authentik_stages_user_delete.userdeletestage` - User Delete Stage
|
|
* `authentik_stages_user_login.userloginstage` - User Login Stage
|
|
* `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
|
|
* `authentik_stages_user_write.userwritestage` - User Write Stage
|
|
* `authentik_brands.brand` - Brand
|
|
* `authentik_blueprints.blueprintinstance` - Blueprint Instance
|
|
* `authentik_core.group` - Group
|
|
* `authentik_core.user` - User
|
|
* `authentik_core.application` - Application
|
|
* `authentik_core.token` - Token
|
|
* `authentik_enterprise.license` - License
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
EventMatcherPolicyRequest:
|
|
type: object
|
|
description: Event Matcher Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/EventActions'
|
|
nullable: true
|
|
description: |-
|
|
Match created events with this action type. When left empty, all action types will be matched.
|
|
|
|
* `login` - Login
|
|
* `login_failed` - Login Failed
|
|
* `logout` - Logout
|
|
* `user_write` - User Write
|
|
* `suspicious_request` - Suspicious Request
|
|
* `password_set` - Password Set
|
|
* `secret_view` - Secret View
|
|
* `secret_rotate` - Secret Rotate
|
|
* `invitation_used` - Invite Used
|
|
* `authorize_application` - Authorize Application
|
|
* `source_linked` - Source Linked
|
|
* `impersonation_started` - Impersonation Started
|
|
* `impersonation_ended` - Impersonation Ended
|
|
* `flow_execution` - Flow Execution
|
|
* `policy_execution` - Policy Execution
|
|
* `policy_exception` - Policy Exception
|
|
* `property_mapping_exception` - Property Mapping Exception
|
|
* `system_task_execution` - System Task Execution
|
|
* `system_task_exception` - System Task Exception
|
|
* `system_exception` - System Exception
|
|
* `configuration_error` - Configuration Error
|
|
* `model_created` - Model Created
|
|
* `model_updated` - Model Updated
|
|
* `model_deleted` - Model Deleted
|
|
* `email_sent` - Email Sent
|
|
* `update_available` - Update Available
|
|
* `custom_` - Custom Prefix
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: Matches Event's Client IP (strict matching, for network matching
|
|
use an Expression Policy)
|
|
app:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AppEnum'
|
|
nullable: true
|
|
description: |-
|
|
Match events created by selected application. When left empty, all applications are matched.
|
|
|
|
* `authentik.tenants` - authentik Tenants
|
|
* `authentik.admin` - authentik Admin
|
|
* `authentik.api` - authentik API
|
|
* `authentik.crypto` - authentik Crypto
|
|
* `authentik.events` - authentik Events
|
|
* `authentik.flows` - authentik Flows
|
|
* `authentik.outposts` - authentik Outpost
|
|
* `authentik.policies.dummy` - authentik Policies.Dummy
|
|
* `authentik.policies.event_matcher` - authentik Policies.Event Matcher
|
|
* `authentik.policies.expiry` - authentik Policies.Expiry
|
|
* `authentik.policies.expression` - authentik Policies.Expression
|
|
* `authentik.policies.password` - authentik Policies.Password
|
|
* `authentik.policies.reputation` - authentik Policies.Reputation
|
|
* `authentik.policies` - authentik Policies
|
|
* `authentik.providers.ldap` - authentik Providers.LDAP
|
|
* `authentik.providers.oauth2` - authentik Providers.OAuth2
|
|
* `authentik.providers.proxy` - authentik Providers.Proxy
|
|
* `authentik.providers.radius` - authentik Providers.Radius
|
|
* `authentik.providers.saml` - authentik Providers.SAML
|
|
* `authentik.providers.scim` - authentik Providers.SCIM
|
|
* `authentik.rbac` - authentik RBAC
|
|
* `authentik.recovery` - authentik Recovery
|
|
* `authentik.sources.ldap` - authentik Sources.LDAP
|
|
* `authentik.sources.oauth` - authentik Sources.OAuth
|
|
* `authentik.sources.plex` - authentik Sources.Plex
|
|
* `authentik.sources.saml` - authentik Sources.SAML
|
|
* `authentik.stages.authenticator` - authentik Stages.Authenticator
|
|
* `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
|
|
* `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
|
|
* `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
|
|
* `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
|
|
* `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
|
|
* `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
|
|
* `authentik.stages.captcha` - authentik Stages.Captcha
|
|
* `authentik.stages.consent` - authentik Stages.Consent
|
|
* `authentik.stages.deny` - authentik Stages.Deny
|
|
* `authentik.stages.dummy` - authentik Stages.Dummy
|
|
* `authentik.stages.email` - authentik Stages.Email
|
|
* `authentik.stages.identification` - authentik Stages.Identification
|
|
* `authentik.stages.invitation` - authentik Stages.User Invitation
|
|
* `authentik.stages.password` - authentik Stages.Password
|
|
* `authentik.stages.prompt` - authentik Stages.Prompt
|
|
* `authentik.stages.user_delete` - authentik Stages.User Delete
|
|
* `authentik.stages.user_login` - authentik Stages.User Login
|
|
* `authentik.stages.user_logout` - authentik Stages.User Logout
|
|
* `authentik.stages.user_write` - authentik Stages.User Write
|
|
* `authentik.brands` - authentik Brands
|
|
* `authentik.blueprints` - authentik Blueprints
|
|
* `authentik.core` - authentik Core
|
|
* `authentik.enterprise` - authentik Enterprise
|
|
model:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ModelEnum'
|
|
nullable: true
|
|
description: |-
|
|
Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
|
|
|
|
* `authentik_tenants.tenant` - Tenant
|
|
* `authentik_tenants.domain` - Domain
|
|
* `authentik_crypto.certificatekeypair` - Certificate-Key Pair
|
|
* `authentik_events.event` - Event
|
|
* `authentik_events.notificationtransport` - Notification Transport
|
|
* `authentik_events.notification` - Notification
|
|
* `authentik_events.notificationrule` - Notification Rule
|
|
* `authentik_events.notificationwebhookmapping` - Webhook Mapping
|
|
* `authentik_flows.flow` - Flow
|
|
* `authentik_flows.flowstagebinding` - Flow Stage Binding
|
|
* `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
|
|
* `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
|
|
* `authentik_outposts.outpost` - Outpost
|
|
* `authentik_policies_dummy.dummypolicy` - Dummy Policy
|
|
* `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
|
|
* `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
|
|
* `authentik_policies_expression.expressionpolicy` - Expression Policy
|
|
* `authentik_policies_password.passwordpolicy` - Password Policy
|
|
* `authentik_policies_reputation.reputationpolicy` - Reputation Policy
|
|
* `authentik_policies_reputation.reputation` - Reputation Score
|
|
* `authentik_policies.policybinding` - Policy Binding
|
|
* `authentik_providers_ldap.ldapprovider` - LDAP Provider
|
|
* `authentik_providers_oauth2.scopemapping` - Scope Mapping
|
|
* `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
|
|
* `authentik_providers_oauth2.authorizationcode` - Authorization Code
|
|
* `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
|
|
* `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
|
|
* `authentik_providers_proxy.proxyprovider` - Proxy Provider
|
|
* `authentik_providers_radius.radiusprovider` - Radius Provider
|
|
* `authentik_providers_saml.samlprovider` - SAML Provider
|
|
* `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
|
|
* `authentik_providers_scim.scimprovider` - SCIM Provider
|
|
* `authentik_providers_scim.scimmapping` - SCIM Mapping
|
|
* `authentik_rbac.role` - Role
|
|
* `authentik_sources_ldap.ldapsource` - LDAP Source
|
|
* `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
|
|
* `authentik_sources_oauth.oauthsource` - OAuth Source
|
|
* `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
|
|
* `authentik_sources_plex.plexsource` - Plex Source
|
|
* `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
|
|
* `authentik_sources_saml.samlsource` - SAML Source
|
|
* `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
|
|
* `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_duo.duodevice` - Duo Device
|
|
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
|
|
* `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
|
|
* `authentik_stages_authenticator_static.staticdevice` - Static Device
|
|
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
|
|
* `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
|
|
* `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
|
|
* `authentik_stages_captcha.captchastage` - Captcha Stage
|
|
* `authentik_stages_consent.consentstage` - Consent Stage
|
|
* `authentik_stages_consent.userconsent` - User Consent
|
|
* `authentik_stages_deny.denystage` - Deny Stage
|
|
* `authentik_stages_dummy.dummystage` - Dummy Stage
|
|
* `authentik_stages_email.emailstage` - Email Stage
|
|
* `authentik_stages_identification.identificationstage` - Identification Stage
|
|
* `authentik_stages_invitation.invitationstage` - Invitation Stage
|
|
* `authentik_stages_invitation.invitation` - Invitation
|
|
* `authentik_stages_password.passwordstage` - Password Stage
|
|
* `authentik_stages_prompt.prompt` - Prompt
|
|
* `authentik_stages_prompt.promptstage` - Prompt Stage
|
|
* `authentik_stages_user_delete.userdeletestage` - User Delete Stage
|
|
* `authentik_stages_user_login.userloginstage` - User Login Stage
|
|
* `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
|
|
* `authentik_stages_user_write.userwritestage` - User Write Stage
|
|
* `authentik_brands.brand` - Brand
|
|
* `authentik_blueprints.blueprintinstance` - Blueprint Instance
|
|
* `authentik_core.group` - Group
|
|
* `authentik_core.user` - User
|
|
* `authentik_core.application` - Application
|
|
* `authentik_core.token` - Token
|
|
* `authentik_enterprise.license` - License
|
|
required:
|
|
- name
|
|
EventRequest:
|
|
type: object
|
|
description: Event Serializer
|
|
properties:
|
|
user:
|
|
type: object
|
|
additionalProperties: {}
|
|
action:
|
|
$ref: '#/components/schemas/EventActions'
|
|
app:
|
|
type: string
|
|
minLength: 1
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
brand:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- action
|
|
- app
|
|
EventTopPerUser:
|
|
type: object
|
|
description: Response object of Event's top_per_user
|
|
properties:
|
|
application:
|
|
type: object
|
|
additionalProperties: {}
|
|
counted_events:
|
|
type: integer
|
|
unique_users:
|
|
type: integer
|
|
required:
|
|
- application
|
|
- counted_events
|
|
- unique_users
|
|
ExpiringBaseGrantModel:
|
|
type: object
|
|
description: Serializer for BaseGrantModel and ExpiringBaseGrant
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
provider:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
user:
|
|
$ref: '#/components/schemas/User'
|
|
is_expired:
|
|
type: boolean
|
|
description: Check if token is expired yet.
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
scope:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- is_expired
|
|
- pk
|
|
- provider
|
|
- scope
|
|
- user
|
|
ExpressionPolicy:
|
|
type: object
|
|
description: Group Membership Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
expression:
|
|
type: string
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ExpressionPolicyRequest:
|
|
type: object
|
|
description: Group Membership Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
ExtraRoleObjectPermission:
|
|
type: object
|
|
description: User permission with additional object-related data
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
codename:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
object_pk:
|
|
type: string
|
|
title: Object ID
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
app_label_verbose:
|
|
type: string
|
|
description: Get app label from permission's model
|
|
readOnly: true
|
|
model_verbose:
|
|
type: string
|
|
description: Get model label from permission's model
|
|
readOnly: true
|
|
object_description:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Get model description from attached model. This operation takes at least
|
|
one additional query, and the description is only shown if the user/role has the
|
|
view_ permission on the object
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- app_label_verbose
|
|
- codename
|
|
- id
|
|
- model
|
|
- model_verbose
|
|
- name
|
|
- object_description
|
|
- object_pk
|
|
ExtraUserObjectPermission:
|
|
type: object
|
|
description: User permission with additional object-related data
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
codename:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
object_pk:
|
|
type: string
|
|
title: Object ID
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
app_label_verbose:
|
|
type: string
|
|
description: Get app label from permission's model
|
|
readOnly: true
|
|
model_verbose:
|
|
type: string
|
|
description: Get model label from permission's model
|
|
readOnly: true
|
|
object_description:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Get model description from attached model. This operation takes at least
|
|
one additional query, and the description is only shown if the user/role has the
|
|
view_ permission on the object
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- app_label_verbose
|
|
- codename
|
|
- id
|
|
- model
|
|
- model_verbose
|
|
- name
|
|
- object_description
|
|
- object_pk
|
|
FilePathRequest:
|
|
type: object
|
|
description: Serializer to upload file
|
|
properties:
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- url
|
|
FileUploadRequest:
|
|
type: object
|
|
description: Serializer to upload file
|
|
properties:
|
|
file:
|
|
type: string
|
|
format: binary
|
|
clear:
|
|
type: boolean
|
|
default: false
|
|
Flow:
|
|
type: object
|
|
description: Flow Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Flow uuid
|
|
policybindingmodel_ptr_id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
slug:
|
|
type: string
|
|
description: Visible in the URL.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: |-
|
|
Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
|
|
|
|
* `authentication` - Authentication
|
|
* `authorization` - Authorization
|
|
* `invalidation` - Invalidation
|
|
* `enrollment` - Enrollment
|
|
* `unenrollment` - Unrenollment
|
|
* `recovery` - Recovery
|
|
* `stage_configuration` - Stage Configuration
|
|
background:
|
|
type: string
|
|
description: |-
|
|
Get the URL to the background image. If the name is /static or starts with http
|
|
it is returned as-is
|
|
readOnly: true
|
|
stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
cache_count:
|
|
type: integer
|
|
description: Get count of cached flows
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
export_url:
|
|
type: string
|
|
description: Get export URL for flow
|
|
readOnly: true
|
|
layout:
|
|
$ref: '#/components/schemas/LayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: |-
|
|
Configure what should happen when a flow denies access to a user.
|
|
|
|
* `message_continue` - Message Continue
|
|
* `message` - Message
|
|
* `continue` - Continue
|
|
authentication:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticationEnum'
|
|
description: |-
|
|
Required level of authentication and authorization to access a flow.
|
|
|
|
* `none` - None
|
|
* `require_authenticated` - Require Authenticated
|
|
* `require_unauthenticated` - Require Unauthenticated
|
|
* `require_superuser` - Require Superuser
|
|
required:
|
|
- background
|
|
- cache_count
|
|
- designation
|
|
- export_url
|
|
- name
|
|
- pk
|
|
- policies
|
|
- policybindingmodel_ptr_id
|
|
- slug
|
|
- stages
|
|
- title
|
|
FlowChallengeResponseRequest:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/AppleChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AutoSubmitChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/CaptchaChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/ConsentChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/DummyChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/EmailChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/IdentificationChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/PasswordChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/PromptChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/UserLoginChallengeResponseRequest'
|
|
discriminator:
|
|
propertyName: component
|
|
mapping:
|
|
ak-source-oauth-apple: '#/components/schemas/AppleChallengeResponseRequest'
|
|
ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
|
|
ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
|
|
ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
|
|
ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
|
|
ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
|
|
ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
|
|
ak-stage-autosubmit: '#/components/schemas/AutoSubmitChallengeResponseRequest'
|
|
ak-stage-captcha: '#/components/schemas/CaptchaChallengeResponseRequest'
|
|
ak-stage-consent: '#/components/schemas/ConsentChallengeResponseRequest'
|
|
ak-stage-dummy: '#/components/schemas/DummyChallengeResponseRequest'
|
|
ak-stage-email: '#/components/schemas/EmailChallengeResponseRequest'
|
|
ak-stage-identification: '#/components/schemas/IdentificationChallengeResponseRequest'
|
|
ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
|
|
ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
|
|
ak-stage-password: '#/components/schemas/PasswordChallengeResponseRequest'
|
|
ak-source-plex: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
|
|
ak-stage-prompt: '#/components/schemas/PromptChallengeResponseRequest'
|
|
ak-stage-user-login: '#/components/schemas/UserLoginChallengeResponseRequest'
|
|
FlowDesignationEnum:
|
|
enum:
|
|
- authentication
|
|
- authorization
|
|
- invalidation
|
|
- enrollment
|
|
- unenrollment
|
|
- recovery
|
|
- stage_configuration
|
|
type: string
|
|
description: |-
|
|
* `authentication` - Authentication
|
|
* `authorization` - Authorization
|
|
* `invalidation` - Invalidation
|
|
* `enrollment` - Enrollment
|
|
* `unenrollment` - Unrenollment
|
|
* `recovery` - Recovery
|
|
* `stage_configuration` - Stage Configuration
|
|
FlowDiagram:
|
|
type: object
|
|
description: response of the flow's diagram action
|
|
properties:
|
|
diagram:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- diagram
|
|
FlowErrorChallenge:
|
|
type: object
|
|
description: |-
|
|
Challenge class when an unhandled error occurs during a stage. Normal users
|
|
are shown an error message, superusers are shown a full stacktrace.
|
|
properties:
|
|
type:
|
|
type: string
|
|
default: native
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-flow-error
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
request_id:
|
|
type: string
|
|
error:
|
|
type: string
|
|
traceback:
|
|
type: string
|
|
required:
|
|
- request_id
|
|
FlowImportResult:
|
|
type: object
|
|
description: Logs of an attempted flow import
|
|
properties:
|
|
logs:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
success:
|
|
type: boolean
|
|
readOnly: true
|
|
required:
|
|
- logs
|
|
- success
|
|
FlowInspection:
|
|
type: object
|
|
description: Serializer for inspect endpoint
|
|
properties:
|
|
plans:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowInspectorPlan'
|
|
current_plan:
|
|
$ref: '#/components/schemas/FlowInspectorPlan'
|
|
is_completed:
|
|
type: boolean
|
|
required:
|
|
- is_completed
|
|
- plans
|
|
FlowInspectorPlan:
|
|
type: object
|
|
description: Serializer for an active FlowPlan
|
|
properties:
|
|
current_stage:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowStageBinding'
|
|
readOnly: true
|
|
next_planned_stage:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowStageBinding'
|
|
readOnly: true
|
|
plan_context:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Get the plan's context, sanitized
|
|
readOnly: true
|
|
session_id:
|
|
type: string
|
|
description: Get a unique session ID
|
|
readOnly: true
|
|
required:
|
|
- current_stage
|
|
- next_planned_stage
|
|
- plan_context
|
|
- session_id
|
|
FlowRequest:
|
|
type: object
|
|
description: Flow Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Visible in the URL.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
minLength: 1
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: |-
|
|
Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
|
|
|
|
* `authentication` - Authentication
|
|
* `authorization` - Authorization
|
|
* `invalidation` - Invalidation
|
|
* `enrollment` - Enrollment
|
|
* `unenrollment` - Unrenollment
|
|
* `recovery` - Recovery
|
|
* `stage_configuration` - Stage Configuration
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
layout:
|
|
$ref: '#/components/schemas/LayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: |-
|
|
Configure what should happen when a flow denies access to a user.
|
|
|
|
* `message_continue` - Message Continue
|
|
* `message` - Message
|
|
* `continue` - Continue
|
|
authentication:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticationEnum'
|
|
description: |-
|
|
Required level of authentication and authorization to access a flow.
|
|
|
|
* `none` - None
|
|
* `require_authenticated` - Require Authenticated
|
|
* `require_unauthenticated` - Require Unauthenticated
|
|
* `require_superuser` - Require Superuser
|
|
required:
|
|
- designation
|
|
- name
|
|
- slug
|
|
- title
|
|
FlowSet:
|
|
type: object
|
|
description: Stripped down flow serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Flow uuid
|
|
policybindingmodel_ptr_id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
slug:
|
|
type: string
|
|
description: Visible in the URL.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: |-
|
|
Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
|
|
|
|
* `authentication` - Authentication
|
|
* `authorization` - Authorization
|
|
* `invalidation` - Invalidation
|
|
* `enrollment` - Enrollment
|
|
* `unenrollment` - Unrenollment
|
|
* `recovery` - Recovery
|
|
* `stage_configuration` - Stage Configuration
|
|
background:
|
|
type: string
|
|
description: |-
|
|
Get the URL to the background image. If the name is /static or starts with http
|
|
it is returned as-is
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
export_url:
|
|
type: string
|
|
description: Get export URL for flow
|
|
readOnly: true
|
|
layout:
|
|
$ref: '#/components/schemas/LayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: |-
|
|
Configure what should happen when a flow denies access to a user.
|
|
|
|
* `message_continue` - Message Continue
|
|
* `message` - Message
|
|
* `continue` - Continue
|
|
required:
|
|
- background
|
|
- designation
|
|
- export_url
|
|
- name
|
|
- pk
|
|
- policybindingmodel_ptr_id
|
|
- slug
|
|
- title
|
|
FlowSetRequest:
|
|
type: object
|
|
description: Stripped down flow serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Visible in the URL.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
minLength: 1
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: |-
|
|
Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
|
|
|
|
* `authentication` - Authentication
|
|
* `authorization` - Authorization
|
|
* `invalidation` - Invalidation
|
|
* `enrollment` - Enrollment
|
|
* `unenrollment` - Unrenollment
|
|
* `recovery` - Recovery
|
|
* `stage_configuration` - Stage Configuration
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
layout:
|
|
$ref: '#/components/schemas/LayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: |-
|
|
Configure what should happen when a flow denies access to a user.
|
|
|
|
* `message_continue` - Message Continue
|
|
* `message` - Message
|
|
* `continue` - Continue
|
|
required:
|
|
- designation
|
|
- name
|
|
- slug
|
|
- title
|
|
FlowStageBinding:
|
|
type: object
|
|
description: FlowStageBinding Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Fsb uuid
|
|
policybindingmodel_ptr_id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
stage:
|
|
type: string
|
|
format: uuid
|
|
stage_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Stage'
|
|
readOnly: true
|
|
evaluate_on_plan:
|
|
type: boolean
|
|
description: Evaluate policies during the Flow planning process.
|
|
re_evaluate_policies:
|
|
type: boolean
|
|
description: Evaluate policies when the Stage is present to the user.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
invalid_response_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/InvalidResponseActionEnum'
|
|
description: |-
|
|
Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
|
|
|
|
* `retry` - Retry
|
|
* `restart` - Restart
|
|
* `restart_with_context` - Restart With Context
|
|
required:
|
|
- order
|
|
- pk
|
|
- policybindingmodel_ptr_id
|
|
- stage
|
|
- stage_obj
|
|
- target
|
|
FlowStageBindingRequest:
|
|
type: object
|
|
description: FlowStageBinding Serializer
|
|
properties:
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
stage:
|
|
type: string
|
|
format: uuid
|
|
evaluate_on_plan:
|
|
type: boolean
|
|
description: Evaluate policies during the Flow planning process.
|
|
re_evaluate_policies:
|
|
type: boolean
|
|
description: Evaluate policies when the Stage is present to the user.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
invalid_response_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/InvalidResponseActionEnum'
|
|
description: |-
|
|
Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
|
|
|
|
* `retry` - Retry
|
|
* `restart` - Restart
|
|
* `restart_with_context` - Restart With Context
|
|
required:
|
|
- order
|
|
- stage
|
|
- target
|
|
FooterLink:
|
|
type: object
|
|
description: Links returned in Config API
|
|
properties:
|
|
href:
|
|
type: string
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- href
|
|
- name
|
|
GenericError:
|
|
type: object
|
|
description: Generic API Error
|
|
properties:
|
|
detail:
|
|
type: string
|
|
code:
|
|
type: string
|
|
required:
|
|
- detail
|
|
Group:
|
|
type: object
|
|
description: Group Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Group uuid
|
|
num_pk:
|
|
type: integer
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
maxLength: 80
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
parent:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
parent_name:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
users:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
users_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupMember'
|
|
readOnly: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
roles_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Role'
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- num_pk
|
|
- parent_name
|
|
- pk
|
|
- roles_obj
|
|
- users_obj
|
|
GroupMember:
|
|
type: object
|
|
description: Stripped down user serializer to show relevant users for groups
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
username:
|
|
type: string
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
pattern: ^[\w.@+-]+$
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
- uid
|
|
- username
|
|
GroupMemberRequest:
|
|
type: object
|
|
description: Stripped down user serializer to show relevant users for groups
|
|
properties:
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
pattern: ^[\w.@+-]+$
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
- username
|
|
GroupRequest:
|
|
type: object
|
|
description: Group Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 80
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
parent:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
users:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- name
|
|
IdentificationChallenge:
|
|
type: object
|
|
description: Identification challenges with all UI elements
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-identification
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
nullable: true
|
|
password_fields:
|
|
type: boolean
|
|
application_pre:
|
|
type: string
|
|
enroll_url:
|
|
type: string
|
|
recovery_url:
|
|
type: string
|
|
passwordless_url:
|
|
type: string
|
|
primary_action:
|
|
type: string
|
|
sources:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LoginSource'
|
|
show_source_labels:
|
|
type: boolean
|
|
required:
|
|
- password_fields
|
|
- primary_action
|
|
- show_source_labels
|
|
- type
|
|
- user_fields
|
|
IdentificationChallengeResponseRequest:
|
|
type: object
|
|
description: Identification challenge
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-identification
|
|
uid_field:
|
|
type: string
|
|
minLength: 1
|
|
password:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- uid_field
|
|
IdentificationStage:
|
|
type: object
|
|
description: IdentificationStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserFieldsEnum'
|
|
description: Fields of the user object to match against. (Hold shift to
|
|
select multiple options)
|
|
password_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, shows a password field, instead of showing the password
|
|
field as seaprate step.
|
|
case_insensitive_matching:
|
|
type: boolean
|
|
description: When enabled, user fields are matched regardless of their casing.
|
|
show_matched_user:
|
|
type: boolean
|
|
description: When a valid username/email has been entered, and this option
|
|
is enabled, the user's username and avatar will be shown. Otherwise, the
|
|
text that the user entered will be shown
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional enrollment flow, which is linked at the bottom of
|
|
the page.
|
|
recovery_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional recovery flow, which is linked at the bottom of the
|
|
page.
|
|
passwordless_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional passwordless flow, which is linked at the bottom of
|
|
the page.
|
|
sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Specify which sources should be shown.
|
|
show_source_labels:
|
|
type: boolean
|
|
pretend_user_exists:
|
|
type: boolean
|
|
description: When enabled, the stage will succeed and continue even when
|
|
incorrect user info is entered.
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
IdentificationStageRequest:
|
|
type: object
|
|
description: IdentificationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserFieldsEnum'
|
|
description: Fields of the user object to match against. (Hold shift to
|
|
select multiple options)
|
|
password_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, shows a password field, instead of showing the password
|
|
field as seaprate step.
|
|
case_insensitive_matching:
|
|
type: boolean
|
|
description: When enabled, user fields are matched regardless of their casing.
|
|
show_matched_user:
|
|
type: boolean
|
|
description: When a valid username/email has been entered, and this option
|
|
is enabled, the user's username and avatar will be shown. Otherwise, the
|
|
text that the user entered will be shown
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional enrollment flow, which is linked at the bottom of
|
|
the page.
|
|
recovery_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional recovery flow, which is linked at the bottom of the
|
|
page.
|
|
passwordless_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional passwordless flow, which is linked at the bottom of
|
|
the page.
|
|
sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Specify which sources should be shown.
|
|
show_source_labels:
|
|
type: boolean
|
|
pretend_user_exists:
|
|
type: boolean
|
|
description: When enabled, the stage will succeed and continue even when
|
|
incorrect user info is entered.
|
|
required:
|
|
- name
|
|
InstallID:
|
|
type: object
|
|
properties:
|
|
install_id:
|
|
type: string
|
|
required:
|
|
- install_id
|
|
IntentEnum:
|
|
enum:
|
|
- verification
|
|
- api
|
|
- recovery
|
|
- app_password
|
|
type: string
|
|
description: |-
|
|
* `verification` - Intent Verification
|
|
* `api` - Intent Api
|
|
* `recovery` - Intent Recovery
|
|
* `app_password` - Intent App Password
|
|
InvalidResponseActionEnum:
|
|
enum:
|
|
- retry
|
|
- restart
|
|
- restart_with_context
|
|
type: string
|
|
description: |-
|
|
* `retry` - Retry
|
|
* `restart` - Restart
|
|
* `restart_with_context` - Restart With Context
|
|
Invitation:
|
|
type: object
|
|
description: Invitation Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Invite uuid
|
|
name:
|
|
type: string
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
fixed_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
created_by:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMember'
|
|
readOnly: true
|
|
single_use:
|
|
type: boolean
|
|
description: When enabled, the invitation will be deleted after usage.
|
|
flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, only the configured flow can use this invitation.
|
|
flow_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Flow'
|
|
readOnly: true
|
|
required:
|
|
- created_by
|
|
- flow_obj
|
|
- name
|
|
- pk
|
|
InvitationRequest:
|
|
type: object
|
|
description: Invitation Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
fixed_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
single_use:
|
|
type: boolean
|
|
description: When enabled, the invitation will be deleted after usage.
|
|
flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, only the configured flow can use this invitation.
|
|
required:
|
|
- name
|
|
InvitationStage:
|
|
type: object
|
|
description: InvitationStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
continue_flow_without_invitation:
|
|
type: boolean
|
|
description: If this flag is set, this Stage will jump to the next Stage
|
|
when no Invitation is given. By default this Stage will cancel the Flow
|
|
when no invitation is given.
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
InvitationStageRequest:
|
|
type: object
|
|
description: InvitationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
continue_flow_without_invitation:
|
|
type: boolean
|
|
description: If this flag is set, this Stage will jump to the next Stage
|
|
when no Invitation is given. By default this Stage will cancel the Flow
|
|
when no invitation is given.
|
|
required:
|
|
- name
|
|
IssuerModeEnum:
|
|
enum:
|
|
- global
|
|
- per_provider
|
|
type: string
|
|
description: |-
|
|
* `global` - Same identifier is used for all providers
|
|
* `per_provider` - Each provider has a different issuer, based on the application slug.
|
|
KubernetesServiceConnection:
|
|
type: object
|
|
description: KubernetesServiceConnection Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
component:
|
|
type: string
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
kubeconfig:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Paste your kubeconfig here. authentik will automatically use
|
|
the currently selected context.
|
|
verify_ssl:
|
|
type: boolean
|
|
description: Verify SSL Certificates of the Kubernetes API endpoint
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
KubernetesServiceConnectionRequest:
|
|
type: object
|
|
description: KubernetesServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
kubeconfig:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Paste your kubeconfig here. authentik will automatically use
|
|
the currently selected context.
|
|
verify_ssl:
|
|
type: boolean
|
|
description: Verify SSL Certificates of the Kubernetes API endpoint
|
|
required:
|
|
- name
|
|
LDAPAPIAccessMode:
|
|
enum:
|
|
- direct
|
|
- cached
|
|
type: string
|
|
description: |-
|
|
* `direct` - Direct
|
|
* `cached` - Cached
|
|
LDAPDebug:
|
|
type: object
|
|
properties:
|
|
user:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
group:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
membership:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- group
|
|
- membership
|
|
- user
|
|
LDAPOutpostConfig:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
base_dn:
|
|
type: string
|
|
description: DN under which objects are accessible.
|
|
bind_flow_slug:
|
|
type: string
|
|
application_slug:
|
|
type: string
|
|
description: Prioritise backchannel slug over direct application slug
|
|
readOnly: true
|
|
search_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Users in this group can do search queries. If not set, every
|
|
user can execute search queries.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- application_slug
|
|
- bind_flow_slug
|
|
- name
|
|
- pk
|
|
LDAPPropertyMapping:
|
|
type: object
|
|
description: LDAP PropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
object_field:
|
|
type: string
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- object_field
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
LDAPPropertyMappingRequest:
|
|
type: object
|
|
description: LDAP PropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
object_field:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
- object_field
|
|
LDAPProvider:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
base_dn:
|
|
type: string
|
|
description: DN under which objects are accessible.
|
|
search_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Users in this group can do search queries. If not set, every
|
|
user can execute search queries.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
outpost_set:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- outpost_set
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
LDAPProviderRequest:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
description: DN under which objects are accessible.
|
|
search_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Users in this group can do search queries. If not set, every
|
|
user can execute search queries.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- authorization_flow
|
|
- name
|
|
LDAPSource:
|
|
type: object
|
|
description: LDAP Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Get the URL to the Icon. If the name is /static or
|
|
starts with http it is returned as-is
|
|
readOnly: true
|
|
server_uri:
|
|
type: string
|
|
format: uri
|
|
peer_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally verify the LDAP Server's Certificate against the
|
|
CA Chain in this keypair.
|
|
client_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Client certificate to authenticate against the LDAP Server's
|
|
Certificate.
|
|
bind_cn:
|
|
type: string
|
|
start_tls:
|
|
type: boolean
|
|
title: Enable Start TLS
|
|
sni:
|
|
type: boolean
|
|
title: Use Server URI for SNI verification
|
|
base_dn:
|
|
type: string
|
|
additional_user_dn:
|
|
type: string
|
|
title: Addition User DN
|
|
description: Prepended to Base DN for User-queries.
|
|
additional_group_dn:
|
|
type: string
|
|
title: Addition Group DN
|
|
description: Prepended to Base DN for Group-queries.
|
|
user_object_filter:
|
|
type: string
|
|
description: Consider Objects matching this filter to be Users.
|
|
group_object_filter:
|
|
type: string
|
|
description: Consider Objects matching this filter to be Groups.
|
|
group_membership_field:
|
|
type: string
|
|
description: Field which contains members of a group.
|
|
object_uniqueness_field:
|
|
type: string
|
|
description: Field which contains a unique Identifier.
|
|
sync_users:
|
|
type: boolean
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to LDAP. This
|
|
can only be enabled on a single LDAP source.
|
|
sync_groups:
|
|
type: boolean
|
|
sync_parent_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
connectivity:
|
|
type: object
|
|
additionalProperties:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
nullable: true
|
|
description: Get cached source connectivity
|
|
readOnly: true
|
|
required:
|
|
- base_dn
|
|
- component
|
|
- connectivity
|
|
- icon
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- server_uri
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
LDAPSourceRequest:
|
|
type: object
|
|
description: LDAP Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
server_uri:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
peer_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally verify the LDAP Server's Certificate against the
|
|
CA Chain in this keypair.
|
|
client_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Client certificate to authenticate against the LDAP Server's
|
|
Certificate.
|
|
bind_cn:
|
|
type: string
|
|
bind_password:
|
|
type: string
|
|
writeOnly: true
|
|
start_tls:
|
|
type: boolean
|
|
title: Enable Start TLS
|
|
sni:
|
|
type: boolean
|
|
title: Use Server URI for SNI verification
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
additional_user_dn:
|
|
type: string
|
|
title: Addition User DN
|
|
description: Prepended to Base DN for User-queries.
|
|
additional_group_dn:
|
|
type: string
|
|
title: Addition Group DN
|
|
description: Prepended to Base DN for Group-queries.
|
|
user_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Users.
|
|
group_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Groups.
|
|
group_membership_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains members of a group.
|
|
object_uniqueness_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains a unique Identifier.
|
|
sync_users:
|
|
type: boolean
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to LDAP. This
|
|
can only be enabled on a single LDAP source.
|
|
sync_groups:
|
|
type: boolean
|
|
sync_parent_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
required:
|
|
- base_dn
|
|
- name
|
|
- server_uri
|
|
- slug
|
|
LDAPSyncStatus:
|
|
type: object
|
|
description: LDAP Source sync status
|
|
properties:
|
|
is_running:
|
|
type: boolean
|
|
readOnly: true
|
|
tasks:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Task'
|
|
readOnly: true
|
|
required:
|
|
- is_running
|
|
- tasks
|
|
LayoutEnum:
|
|
enum:
|
|
- stacked
|
|
- content_left
|
|
- content_right
|
|
- sidebar_left
|
|
- sidebar_right
|
|
type: string
|
|
description: |-
|
|
* `stacked` - STACKED
|
|
* `content_left` - CONTENT_LEFT
|
|
* `content_right` - CONTENT_RIGHT
|
|
* `sidebar_left` - SIDEBAR_LEFT
|
|
* `sidebar_right` - SIDEBAR_RIGHT
|
|
License:
|
|
type: object
|
|
description: License Serializer
|
|
properties:
|
|
license_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
key:
|
|
type: string
|
|
expiry:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
internal_users:
|
|
type: integer
|
|
readOnly: true
|
|
external_users:
|
|
type: integer
|
|
readOnly: true
|
|
required:
|
|
- expiry
|
|
- external_users
|
|
- internal_users
|
|
- key
|
|
- license_uuid
|
|
- name
|
|
LicenseForecast:
|
|
type: object
|
|
description: Serializer for license forecast
|
|
properties:
|
|
internal_users:
|
|
type: integer
|
|
external_users:
|
|
type: integer
|
|
forecasted_internal_users:
|
|
type: integer
|
|
forecasted_external_users:
|
|
type: integer
|
|
required:
|
|
- external_users
|
|
- forecasted_external_users
|
|
- forecasted_internal_users
|
|
- internal_users
|
|
LicenseRequest:
|
|
type: object
|
|
description: License Serializer
|
|
properties:
|
|
key:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- key
|
|
LicenseSummary:
|
|
type: object
|
|
description: Serializer for license status
|
|
properties:
|
|
internal_users:
|
|
type: integer
|
|
external_users:
|
|
type: integer
|
|
valid:
|
|
type: boolean
|
|
show_admin_warning:
|
|
type: boolean
|
|
show_user_warning:
|
|
type: boolean
|
|
read_only:
|
|
type: boolean
|
|
latest_valid:
|
|
type: string
|
|
format: date-time
|
|
has_license:
|
|
type: boolean
|
|
required:
|
|
- external_users
|
|
- has_license
|
|
- internal_users
|
|
- latest_valid
|
|
- read_only
|
|
- show_admin_warning
|
|
- show_user_warning
|
|
- valid
|
|
Link:
|
|
type: object
|
|
description: Returns a single link
|
|
properties:
|
|
link:
|
|
type: string
|
|
required:
|
|
- link
|
|
LoginChallengeTypes:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/RedirectChallenge'
|
|
- $ref: '#/components/schemas/PlexAuthenticationChallenge'
|
|
- $ref: '#/components/schemas/AppleLoginChallenge'
|
|
discriminator:
|
|
propertyName: component
|
|
mapping:
|
|
xak-flow-redirect: '#/components/schemas/RedirectChallenge'
|
|
ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
|
|
ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
|
|
LoginMetrics:
|
|
type: object
|
|
description: Login Metrics per 1h
|
|
properties:
|
|
logins:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Coordinate'
|
|
readOnly: true
|
|
logins_failed:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Coordinate'
|
|
readOnly: true
|
|
authorizations:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Coordinate'
|
|
readOnly: true
|
|
required:
|
|
- authorizations
|
|
- logins
|
|
- logins_failed
|
|
LoginSource:
|
|
type: object
|
|
description: Serializer for Login buttons of sources
|
|
properties:
|
|
name:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
nullable: true
|
|
challenge:
|
|
$ref: '#/components/schemas/LoginChallengeTypes'
|
|
required:
|
|
- challenge
|
|
- name
|
|
Metadata:
|
|
type: object
|
|
description: Serializer for blueprint metadata
|
|
properties:
|
|
name:
|
|
type: string
|
|
labels:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- labels
|
|
- name
|
|
ModelEnum:
|
|
enum:
|
|
- authentik_tenants.tenant
|
|
- authentik_tenants.domain
|
|
- authentik_crypto.certificatekeypair
|
|
- authentik_events.event
|
|
- authentik_events.notificationtransport
|
|
- authentik_events.notification
|
|
- authentik_events.notificationrule
|
|
- authentik_events.notificationwebhookmapping
|
|
- authentik_flows.flow
|
|
- authentik_flows.flowstagebinding
|
|
- authentik_outposts.dockerserviceconnection
|
|
- authentik_outposts.kubernetesserviceconnection
|
|
- authentik_outposts.outpost
|
|
- authentik_policies_dummy.dummypolicy
|
|
- authentik_policies_event_matcher.eventmatcherpolicy
|
|
- authentik_policies_expiry.passwordexpirypolicy
|
|
- authentik_policies_expression.expressionpolicy
|
|
- authentik_policies_password.passwordpolicy
|
|
- authentik_policies_reputation.reputationpolicy
|
|
- authentik_policies_reputation.reputation
|
|
- authentik_policies.policybinding
|
|
- authentik_providers_ldap.ldapprovider
|
|
- authentik_providers_oauth2.scopemapping
|
|
- authentik_providers_oauth2.oauth2provider
|
|
- authentik_providers_oauth2.authorizationcode
|
|
- authentik_providers_oauth2.accesstoken
|
|
- authentik_providers_oauth2.refreshtoken
|
|
- authentik_providers_proxy.proxyprovider
|
|
- authentik_providers_radius.radiusprovider
|
|
- authentik_providers_saml.samlprovider
|
|
- authentik_providers_saml.samlpropertymapping
|
|
- authentik_providers_scim.scimprovider
|
|
- authentik_providers_scim.scimmapping
|
|
- authentik_rbac.role
|
|
- authentik_sources_ldap.ldapsource
|
|
- authentik_sources_ldap.ldappropertymapping
|
|
- authentik_sources_oauth.oauthsource
|
|
- authentik_sources_oauth.useroauthsourceconnection
|
|
- authentik_sources_plex.plexsource
|
|
- authentik_sources_plex.plexsourceconnection
|
|
- authentik_sources_saml.samlsource
|
|
- authentik_sources_saml.usersamlsourceconnection
|
|
- authentik_stages_authenticator_duo.authenticatorduostage
|
|
- authentik_stages_authenticator_duo.duodevice
|
|
- authentik_stages_authenticator_sms.authenticatorsmsstage
|
|
- authentik_stages_authenticator_sms.smsdevice
|
|
- authentik_stages_authenticator_static.authenticatorstaticstage
|
|
- authentik_stages_authenticator_static.staticdevice
|
|
- authentik_stages_authenticator_totp.authenticatortotpstage
|
|
- authentik_stages_authenticator_totp.totpdevice
|
|
- authentik_stages_authenticator_validate.authenticatorvalidatestage
|
|
- authentik_stages_authenticator_webauthn.authenticatewebauthnstage
|
|
- authentik_stages_authenticator_webauthn.webauthndevice
|
|
- authentik_stages_captcha.captchastage
|
|
- authentik_stages_consent.consentstage
|
|
- authentik_stages_consent.userconsent
|
|
- authentik_stages_deny.denystage
|
|
- authentik_stages_dummy.dummystage
|
|
- authentik_stages_email.emailstage
|
|
- authentik_stages_identification.identificationstage
|
|
- authentik_stages_invitation.invitationstage
|
|
- authentik_stages_invitation.invitation
|
|
- authentik_stages_password.passwordstage
|
|
- authentik_stages_prompt.prompt
|
|
- authentik_stages_prompt.promptstage
|
|
- authentik_stages_user_delete.userdeletestage
|
|
- authentik_stages_user_login.userloginstage
|
|
- authentik_stages_user_logout.userlogoutstage
|
|
- authentik_stages_user_write.userwritestage
|
|
- authentik_brands.brand
|
|
- authentik_blueprints.blueprintinstance
|
|
- authentik_core.group
|
|
- authentik_core.user
|
|
- authentik_core.application
|
|
- authentik_core.token
|
|
- authentik_enterprise.license
|
|
type: string
|
|
description: |-
|
|
* `authentik_tenants.tenant` - Tenant
|
|
* `authentik_tenants.domain` - Domain
|
|
* `authentik_crypto.certificatekeypair` - Certificate-Key Pair
|
|
* `authentik_events.event` - Event
|
|
* `authentik_events.notificationtransport` - Notification Transport
|
|
* `authentik_events.notification` - Notification
|
|
* `authentik_events.notificationrule` - Notification Rule
|
|
* `authentik_events.notificationwebhookmapping` - Webhook Mapping
|
|
* `authentik_flows.flow` - Flow
|
|
* `authentik_flows.flowstagebinding` - Flow Stage Binding
|
|
* `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
|
|
* `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
|
|
* `authentik_outposts.outpost` - Outpost
|
|
* `authentik_policies_dummy.dummypolicy` - Dummy Policy
|
|
* `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
|
|
* `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
|
|
* `authentik_policies_expression.expressionpolicy` - Expression Policy
|
|
* `authentik_policies_password.passwordpolicy` - Password Policy
|
|
* `authentik_policies_reputation.reputationpolicy` - Reputation Policy
|
|
* `authentik_policies_reputation.reputation` - Reputation Score
|
|
* `authentik_policies.policybinding` - Policy Binding
|
|
* `authentik_providers_ldap.ldapprovider` - LDAP Provider
|
|
* `authentik_providers_oauth2.scopemapping` - Scope Mapping
|
|
* `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
|
|
* `authentik_providers_oauth2.authorizationcode` - Authorization Code
|
|
* `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
|
|
* `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
|
|
* `authentik_providers_proxy.proxyprovider` - Proxy Provider
|
|
* `authentik_providers_radius.radiusprovider` - Radius Provider
|
|
* `authentik_providers_saml.samlprovider` - SAML Provider
|
|
* `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
|
|
* `authentik_providers_scim.scimprovider` - SCIM Provider
|
|
* `authentik_providers_scim.scimmapping` - SCIM Mapping
|
|
* `authentik_rbac.role` - Role
|
|
* `authentik_sources_ldap.ldapsource` - LDAP Source
|
|
* `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
|
|
* `authentik_sources_oauth.oauthsource` - OAuth Source
|
|
* `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
|
|
* `authentik_sources_plex.plexsource` - Plex Source
|
|
* `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
|
|
* `authentik_sources_saml.samlsource` - SAML Source
|
|
* `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
|
|
* `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_duo.duodevice` - Duo Device
|
|
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
|
|
* `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
|
|
* `authentik_stages_authenticator_static.staticdevice` - Static Device
|
|
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
|
|
* `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
|
|
* `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
|
|
* `authentik_stages_captcha.captchastage` - Captcha Stage
|
|
* `authentik_stages_consent.consentstage` - Consent Stage
|
|
* `authentik_stages_consent.userconsent` - User Consent
|
|
* `authentik_stages_deny.denystage` - Deny Stage
|
|
* `authentik_stages_dummy.dummystage` - Dummy Stage
|
|
* `authentik_stages_email.emailstage` - Email Stage
|
|
* `authentik_stages_identification.identificationstage` - Identification Stage
|
|
* `authentik_stages_invitation.invitationstage` - Invitation Stage
|
|
* `authentik_stages_invitation.invitation` - Invitation
|
|
* `authentik_stages_password.passwordstage` - Password Stage
|
|
* `authentik_stages_prompt.prompt` - Prompt
|
|
* `authentik_stages_prompt.promptstage` - Prompt Stage
|
|
* `authentik_stages_user_delete.userdeletestage` - User Delete Stage
|
|
* `authentik_stages_user_login.userloginstage` - User Login Stage
|
|
* `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
|
|
* `authentik_stages_user_write.userwritestage` - User Write Stage
|
|
* `authentik_brands.brand` - Brand
|
|
* `authentik_blueprints.blueprintinstance` - Blueprint Instance
|
|
* `authentik_core.group` - Group
|
|
* `authentik_core.user` - User
|
|
* `authentik_core.application` - Application
|
|
* `authentik_core.token` - Token
|
|
* `authentik_enterprise.license` - License
|
|
NameIdPolicyEnum:
|
|
enum:
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
|
type: string
|
|
description: |-
|
|
* `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
|
|
NotConfiguredActionEnum:
|
|
enum:
|
|
- skip
|
|
- deny
|
|
- configure
|
|
type: string
|
|
description: |-
|
|
* `skip` - Skip
|
|
* `deny` - Deny
|
|
* `configure` - Configure
|
|
Notification:
|
|
type: object
|
|
description: Notification Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
readOnly: true
|
|
body:
|
|
type: string
|
|
readOnly: true
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
event:
|
|
$ref: '#/components/schemas/Event'
|
|
seen:
|
|
type: boolean
|
|
required:
|
|
- body
|
|
- created
|
|
- pk
|
|
- severity
|
|
NotificationRequest:
|
|
type: object
|
|
description: Notification Serializer
|
|
properties:
|
|
event:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
seen:
|
|
type: boolean
|
|
NotificationRule:
|
|
type: object
|
|
description: NotificationRule Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the user.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
description: |-
|
|
Controls which severity level the created notifications will have.
|
|
|
|
* `notice` - Notice
|
|
* `warning` - Warning
|
|
* `alert` - Alert
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Define which group of users this notification should be sent
|
|
and shown to. If left empty, Notification won't ben sent.
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Group'
|
|
readOnly: true
|
|
required:
|
|
- group_obj
|
|
- name
|
|
- pk
|
|
NotificationRuleRequest:
|
|
type: object
|
|
description: NotificationRule Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the user.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
description: |-
|
|
Controls which severity level the created notifications will have.
|
|
|
|
* `notice` - Notice
|
|
* `warning` - Warning
|
|
* `alert` - Alert
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Define which group of users this notification should be sent
|
|
and shown to. If left empty, Notification won't ben sent.
|
|
required:
|
|
- name
|
|
NotificationTransport:
|
|
type: object
|
|
description: NotificationTransport Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
mode:
|
|
$ref: '#/components/schemas/NotificationTransportModeEnum'
|
|
mode_verbose:
|
|
type: string
|
|
description: Return selected mode with a UI Label
|
|
readOnly: true
|
|
webhook_url:
|
|
type: string
|
|
format: uri
|
|
webhook_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
send_once:
|
|
type: boolean
|
|
description: Only send notification once, for example when sending a webhook
|
|
into a chat channel.
|
|
required:
|
|
- mode_verbose
|
|
- name
|
|
- pk
|
|
NotificationTransportModeEnum:
|
|
enum:
|
|
- local
|
|
- webhook
|
|
- webhook_slack
|
|
- email
|
|
type: string
|
|
description: |-
|
|
* `local` - authentik inbuilt notifications
|
|
* `webhook` - Generic Webhook
|
|
* `webhook_slack` - Slack Webhook (Slack/Discord)
|
|
* `email` - Email
|
|
NotificationTransportRequest:
|
|
type: object
|
|
description: NotificationTransport Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/NotificationTransportModeEnum'
|
|
webhook_url:
|
|
type: string
|
|
format: uri
|
|
webhook_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
send_once:
|
|
type: boolean
|
|
description: Only send notification once, for example when sending a webhook
|
|
into a chat channel.
|
|
required:
|
|
- name
|
|
NotificationTransportTest:
|
|
type: object
|
|
description: Notification test serializer
|
|
properties:
|
|
messages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- messages
|
|
NotificationWebhookMapping:
|
|
type: object
|
|
description: NotificationWebhookMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
required:
|
|
- expression
|
|
- name
|
|
- pk
|
|
NotificationWebhookMappingRequest:
|
|
type: object
|
|
description: NotificationWebhookMapping Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
OAuth2Provider:
|
|
type: object
|
|
description: OAuth2Provider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
client_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ClientTypeEnum'
|
|
description: |-
|
|
Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
|
|
|
|
* `confidential` - Confidential
|
|
* `public` - Public
|
|
client_id:
|
|
type: string
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
access_code_validity:
|
|
type: string
|
|
description: 'Access codes not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
access_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
include_claims_in_id_token:
|
|
type: boolean
|
|
description: Include User claims from scopes in the id_token, for applications
|
|
that don't access the userinfo endpoint.
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to sign the tokens. Only required when JWT Algorithm
|
|
is set to RS256.
|
|
redirect_uris:
|
|
type: string
|
|
description: Enter each URI on a new line.
|
|
sub_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SubModeEnum'
|
|
description: |-
|
|
Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
|
|
|
|
* `hashed_user_id` - Based on the Hashed User ID
|
|
* `user_id` - Based on user ID
|
|
* `user_uuid` - Based on user UUID
|
|
* `user_username` - Based on the username
|
|
* `user_email` - Based on the User's Email. This is recommended over the UPN method.
|
|
* `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
|
|
issuer_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/IssuerModeEnum'
|
|
description: |-
|
|
Configure how the issuer field of the ID Token should be filled.
|
|
|
|
* `global` - Same identifier is used for all providers
|
|
* `per_provider` - Each provider has a different issuer, based on the application slug.
|
|
jwks_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
OAuth2ProviderRequest:
|
|
type: object
|
|
description: OAuth2Provider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ClientTypeEnum'
|
|
description: |-
|
|
Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
|
|
|
|
* `confidential` - Confidential
|
|
* `public` - Public
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
access_code_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Access codes not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
include_claims_in_id_token:
|
|
type: boolean
|
|
description: Include User claims from scopes in the id_token, for applications
|
|
that don't access the userinfo endpoint.
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to sign the tokens. Only required when JWT Algorithm
|
|
is set to RS256.
|
|
redirect_uris:
|
|
type: string
|
|
description: Enter each URI on a new line.
|
|
sub_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SubModeEnum'
|
|
description: |-
|
|
Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
|
|
|
|
* `hashed_user_id` - Based on the Hashed User ID
|
|
* `user_id` - Based on user ID
|
|
* `user_uuid` - Based on user UUID
|
|
* `user_username` - Based on the username
|
|
* `user_email` - Based on the User's Email. This is recommended over the UPN method.
|
|
* `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
|
|
issuer_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/IssuerModeEnum'
|
|
description: |-
|
|
Configure how the issuer field of the ID Token should be filled.
|
|
|
|
* `global` - Same identifier is used for all providers
|
|
* `per_provider` - Each provider has a different issuer, based on the application slug.
|
|
jwks_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
required:
|
|
- authorization_flow
|
|
- name
|
|
OAuth2ProviderSetupURLs:
|
|
type: object
|
|
description: OAuth2 Provider Metadata serializer
|
|
properties:
|
|
issuer:
|
|
type: string
|
|
readOnly: true
|
|
authorize:
|
|
type: string
|
|
readOnly: true
|
|
token:
|
|
type: string
|
|
readOnly: true
|
|
user_info:
|
|
type: string
|
|
readOnly: true
|
|
provider_info:
|
|
type: string
|
|
readOnly: true
|
|
logout:
|
|
type: string
|
|
readOnly: true
|
|
jwks:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- authorize
|
|
- issuer
|
|
- jwks
|
|
- logout
|
|
- provider_info
|
|
- token
|
|
- user_info
|
|
OAuthDeviceCodeChallenge:
|
|
type: object
|
|
description: OAuth Device code challenge
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-provider-oauth2-device-code
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
required:
|
|
- type
|
|
OAuthDeviceCodeChallengeResponseRequest:
|
|
type: object
|
|
description: Response that includes the user-entered device code
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-provider-oauth2-device-code
|
|
code:
|
|
type: integer
|
|
required:
|
|
- code
|
|
OAuthDeviceCodeFinishChallenge:
|
|
type: object
|
|
description: Final challenge after user enters their code
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-provider-oauth2-device-code-finish
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
required:
|
|
- type
|
|
OAuthDeviceCodeFinishChallengeResponseRequest:
|
|
type: object
|
|
description: Response that device has been authenticated and tab can be closed
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-provider-oauth2-device-code-finish
|
|
OAuthSource:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Get the URL to the Icon. If the name is /static or
|
|
starts with http it is returned as-is
|
|
readOnly: true
|
|
provider_type:
|
|
$ref: '#/components/schemas/ProviderTypeEnum'
|
|
request_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used to request the initial token. This URL is only required
|
|
for OAuth 1.
|
|
maxLength: 255
|
|
authorization_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL the user is redirect to to conest the flow.
|
|
maxLength: 255
|
|
access_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to retrieve tokens.
|
|
maxLength: 255
|
|
profile_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to get user information.
|
|
maxLength: 255
|
|
consumer_key:
|
|
type: string
|
|
callback_url:
|
|
type: string
|
|
description: Get OAuth Callback URL
|
|
readOnly: true
|
|
additional_scopes:
|
|
type: string
|
|
type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SourceType'
|
|
readOnly: true
|
|
oidc_well_known_url:
|
|
type: string
|
|
oidc_jwks_url:
|
|
type: string
|
|
oidc_jwks:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- callback_url
|
|
- component
|
|
- consumer_key
|
|
- icon
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- provider_type
|
|
- slug
|
|
- type
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
OAuthSourceRequest:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
provider_type:
|
|
$ref: '#/components/schemas/ProviderTypeEnum'
|
|
request_token_url:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: URL used to request the initial token. This URL is only required
|
|
for OAuth 1.
|
|
maxLength: 255
|
|
authorization_url:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: URL the user is redirect to to conest the flow.
|
|
maxLength: 255
|
|
access_token_url:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: URL used by authentik to retrieve tokens.
|
|
maxLength: 255
|
|
profile_url:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: URL used by authentik to get user information.
|
|
maxLength: 255
|
|
consumer_key:
|
|
type: string
|
|
minLength: 1
|
|
consumer_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
additional_scopes:
|
|
type: string
|
|
oidc_well_known_url:
|
|
type: string
|
|
oidc_jwks_url:
|
|
type: string
|
|
oidc_jwks:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- consumer_key
|
|
- consumer_secret
|
|
- name
|
|
- provider_type
|
|
- slug
|
|
OpenIDConnectConfiguration:
|
|
type: object
|
|
description: rest_framework Serializer for OIDC Configuration
|
|
properties:
|
|
issuer:
|
|
type: string
|
|
authorization_endpoint:
|
|
type: string
|
|
token_endpoint:
|
|
type: string
|
|
userinfo_endpoint:
|
|
type: string
|
|
end_session_endpoint:
|
|
type: string
|
|
introspection_endpoint:
|
|
type: string
|
|
jwks_uri:
|
|
type: string
|
|
response_types_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
id_token_signing_alg_values_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
subject_types_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
token_endpoint_auth_methods_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- authorization_endpoint
|
|
- end_session_endpoint
|
|
- id_token_signing_alg_values_supported
|
|
- introspection_endpoint
|
|
- issuer
|
|
- jwks_uri
|
|
- response_types_supported
|
|
- subject_types_supported
|
|
- token_endpoint
|
|
- token_endpoint_auth_methods_supported
|
|
- userinfo_endpoint
|
|
Outpost:
|
|
type: object
|
|
description: Outpost Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/OutpostTypeEnum'
|
|
providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
providers_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Provider'
|
|
readOnly: true
|
|
service_connection:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Select Service-Connection authentik should use to manage this
|
|
outpost. Leave empty if authentik should not handle the deployment.
|
|
service_connection_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ServiceConnection'
|
|
readOnly: true
|
|
token_identifier:
|
|
type: string
|
|
description: Get Token identifier
|
|
readOnly: true
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
required:
|
|
- config
|
|
- name
|
|
- pk
|
|
- providers
|
|
- providers_obj
|
|
- service_connection_obj
|
|
- token_identifier
|
|
- type
|
|
OutpostDefaultConfig:
|
|
type: object
|
|
description: Global default outpost config
|
|
properties:
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- config
|
|
OutpostHealth:
|
|
type: object
|
|
description: Outpost health status
|
|
properties:
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
last_seen:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
version:
|
|
type: string
|
|
readOnly: true
|
|
version_should:
|
|
type: string
|
|
readOnly: true
|
|
version_outdated:
|
|
type: boolean
|
|
readOnly: true
|
|
build_hash:
|
|
type: string
|
|
readOnly: true
|
|
build_hash_should:
|
|
type: string
|
|
readOnly: true
|
|
hostname:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- build_hash
|
|
- build_hash_should
|
|
- hostname
|
|
- last_seen
|
|
- uid
|
|
- version
|
|
- version_outdated
|
|
- version_should
|
|
OutpostRequest:
|
|
type: object
|
|
description: Outpost Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/OutpostTypeEnum'
|
|
providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
service_connection:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Select Service-Connection authentik should use to manage this
|
|
outpost. Leave empty if authentik should not handle the deployment.
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
required:
|
|
- config
|
|
- name
|
|
- providers
|
|
- type
|
|
OutpostTypeEnum:
|
|
enum:
|
|
- proxy
|
|
- ldap
|
|
- radius
|
|
type: string
|
|
description: |-
|
|
* `proxy` - Proxy
|
|
* `ldap` - Ldap
|
|
* `radius` - Radius
|
|
PaginatedApplicationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Application'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticateWebAuthnStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticateWebAuthnStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatedSessionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatedSession'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorDuoStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorSMSStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorStaticStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorTOTPStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorValidateStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedBlueprintInstanceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedBrandList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Brand'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedCaptchaStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedCertificateKeyPairList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedConsentStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedDenyStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedDockerServiceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedDummyPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedDummyStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedDuoDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedEmailStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedEventList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Event'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedEventMatcherPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedExpiringBaseGrantModelList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ExpiringBaseGrantModel'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedExpressionPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedExtraRoleObjectPermissionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ExtraRoleObjectPermission'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedExtraUserObjectPermissionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ExtraUserObjectPermission'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedFlowList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Flow'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedFlowStageBindingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Group'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedIdentificationStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedInvitationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Invitation'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedInvitationStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedKubernetesServiceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedLDAPOutpostConfigList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPOutpostConfig'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedLDAPPropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPPropertyMapping'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedLDAPProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedLDAPSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedLicenseList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/License'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedNotificationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Notification'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedNotificationRuleList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedNotificationTransportList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedNotificationWebhookMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedOAuth2ProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedOAuthSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedOutpostList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Outpost'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedPasswordExpiryPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedPasswordPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedPasswordStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedPermissionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Permission'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedPlexSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PlexSourceConnection'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedPlexSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedPolicyBindingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Policy'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedPromptList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Prompt'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedPromptStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedPropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PropertyMapping'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Provider'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedProxyOutpostConfigList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ProxyOutpostConfig'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedProxyProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedRadiusOutpostConfigList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RadiusOutpostConfig'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedRadiusProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedReputationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Reputation'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedReputationPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedRoleAssignedObjectPermissionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RoleAssignedObjectPermission'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedRoleList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Role'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedSAMLPropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedSAMLProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedSAMLSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedSCIMMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedSCIMProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedSMSDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedScopeMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedServiceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ServiceConnection'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Source'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Stage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedStaticDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedTOTPDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedTenantList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Tenant'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedTokenList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Token'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedTokenModelList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TokenModel'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedUserAssignedObjectPermissionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserAssignedObjectPermission'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedUserConsentList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserConsent'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedUserDeleteStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedUserList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/User'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedUserLoginStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedUserLogoutStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedUserOAuthSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedUserSAMLSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedUserSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedUserWriteStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedWebAuthnDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
required:
|
|
- pagination
|
|
- results
|
|
Pagination:
|
|
type: object
|
|
properties:
|
|
next:
|
|
type: number
|
|
previous:
|
|
type: number
|
|
count:
|
|
type: number
|
|
current:
|
|
type: number
|
|
total_pages:
|
|
type: number
|
|
start_index:
|
|
type: number
|
|
end_index:
|
|
type: number
|
|
required:
|
|
- next
|
|
- previous
|
|
- count
|
|
- current
|
|
- total_pages
|
|
- start_index
|
|
- end_index
|
|
PasswordChallenge:
|
|
type: object
|
|
description: Password challenge UI fields
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-password
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
recovery_url:
|
|
type: string
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- type
|
|
PasswordChallengeResponseRequest:
|
|
type: object
|
|
description: Password challenge response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-password
|
|
password:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- password
|
|
PasswordExpiryPolicy:
|
|
type: object
|
|
description: Password Expiry Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
days:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
deny_only:
|
|
type: boolean
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- days
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PasswordExpiryPolicyRequest:
|
|
type: object
|
|
description: Password Expiry Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
days:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
deny_only:
|
|
type: boolean
|
|
required:
|
|
- days
|
|
- name
|
|
PasswordPolicy:
|
|
type: object
|
|
description: Password Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
password_field:
|
|
type: string
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
amount_digits:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_uppercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_lowercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_symbols:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
length_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
symbol_charset:
|
|
type: string
|
|
error_message:
|
|
type: string
|
|
check_static_rules:
|
|
type: boolean
|
|
check_have_i_been_pwned:
|
|
type: boolean
|
|
check_zxcvbn:
|
|
type: boolean
|
|
hibp_allowed_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: How many times the password hash is allowed to be on haveibeenpwned
|
|
zxcvbn_score_threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: If the zxcvbn score is equal or less than this value, the policy
|
|
will fail.
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PasswordPolicyRequest:
|
|
type: object
|
|
description: Password Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
password_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
amount_digits:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_uppercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_lowercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_symbols:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
length_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
symbol_charset:
|
|
type: string
|
|
minLength: 1
|
|
error_message:
|
|
type: string
|
|
check_static_rules:
|
|
type: boolean
|
|
check_have_i_been_pwned:
|
|
type: boolean
|
|
check_zxcvbn:
|
|
type: boolean
|
|
hibp_allowed_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: How many times the password hash is allowed to be on haveibeenpwned
|
|
zxcvbn_score_threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: If the zxcvbn score is equal or less than this value, the policy
|
|
will fail.
|
|
required:
|
|
- name
|
|
PasswordStage:
|
|
type: object
|
|
description: PasswordStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
backends:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BackendsEnum'
|
|
description: Selection of backends to test the password against.
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
failed_attempts_before_cancel:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: How many attempts a user has before the flow is canceled. To
|
|
lock the user out, use a reputation policy and a user_write stage.
|
|
required:
|
|
- backends
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PasswordStageRequest:
|
|
type: object
|
|
description: PasswordStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
backends:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BackendsEnum'
|
|
description: Selection of backends to test the password against.
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
failed_attempts_before_cancel:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: How many attempts a user has before the flow is canceled. To
|
|
lock the user out, use a reputation policy and a user_write stage.
|
|
required:
|
|
- backends
|
|
- name
|
|
PatchedApplicationRequest:
|
|
type: object
|
|
description: Application Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Application's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal application name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
provider:
|
|
type: integer
|
|
nullable: true
|
|
backchannel_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
open_in_new_tab:
|
|
type: boolean
|
|
description: Open launch URL in a new browser tab or window.
|
|
meta_launch_url:
|
|
type: string
|
|
format: uri
|
|
meta_description:
|
|
type: string
|
|
meta_publisher:
|
|
type: string
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
group:
|
|
type: string
|
|
PatchedAuthenticateWebAuthnStageRequest:
|
|
type: object
|
|
description: AuthenticateWebAuthnStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
user_verification:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
authenticator_attachment:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
|
|
nullable: true
|
|
resident_key_requirement:
|
|
$ref: '#/components/schemas/ResidentKeyRequirementEnum'
|
|
PatchedAuthenticatorDuoStageRequest:
|
|
type: object
|
|
description: AuthenticatorDuoStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
client_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
api_hostname:
|
|
type: string
|
|
minLength: 1
|
|
admin_integration_key:
|
|
type: string
|
|
admin_secret_key:
|
|
type: string
|
|
writeOnly: true
|
|
PatchedAuthenticatorSMSStageRequest:
|
|
type: object
|
|
description: AuthenticatorSMSStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
provider:
|
|
$ref: '#/components/schemas/ProviderEnum'
|
|
from_number:
|
|
type: string
|
|
minLength: 1
|
|
account_sid:
|
|
type: string
|
|
minLength: 1
|
|
auth:
|
|
type: string
|
|
minLength: 1
|
|
auth_password:
|
|
type: string
|
|
auth_type:
|
|
$ref: '#/components/schemas/AuthTypeEnum'
|
|
verify_only:
|
|
type: boolean
|
|
description: When enabled, the Phone number is only used during enrollment
|
|
to verify the users authenticity. Only a hash of the phone number is saved
|
|
to ensure it is not reused in the future.
|
|
mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally modify the payload being sent to custom providers.
|
|
PatchedAuthenticatorStaticStageRequest:
|
|
type: object
|
|
description: AuthenticatorStaticStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
token_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
token_length:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
PatchedAuthenticatorTOTPStageRequest:
|
|
type: object
|
|
description: AuthenticatorTOTPStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
digits:
|
|
$ref: '#/components/schemas/DigitsEnum'
|
|
PatchedAuthenticatorValidateStageRequest:
|
|
type: object
|
|
description: AuthenticatorValidateStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
not_configured_action:
|
|
$ref: '#/components/schemas/NotConfiguredActionEnum'
|
|
device_classes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
description: Device classes which can be used to authenticate
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Stages used to configure Authenticator when user doesn't have
|
|
any compatible devices. After this configuration Stage passes, the user
|
|
is not prompted again.
|
|
last_auth_threshold:
|
|
type: string
|
|
minLength: 1
|
|
description: If any of the user's device has been used within this threshold,
|
|
this stage will be skipped
|
|
webauthn_user_verification:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserVerificationEnum'
|
|
description: |-
|
|
Enforce user verification for WebAuthn devices.
|
|
|
|
* `required` - Required
|
|
* `preferred` - Preferred
|
|
* `discouraged` - Discouraged
|
|
PatchedBlueprintInstanceRequest:
|
|
type: object
|
|
description: Info about a single blueprint instance file
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
path:
|
|
type: string
|
|
default: ''
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
enabled:
|
|
type: boolean
|
|
content:
|
|
type: string
|
|
PatchedBrandRequest:
|
|
type: object
|
|
description: Brand Serializer
|
|
properties:
|
|
domain:
|
|
type: string
|
|
minLength: 1
|
|
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
|
|
for `aa.b` and `ba.b`
|
|
default:
|
|
type: boolean
|
|
branding_title:
|
|
type: string
|
|
minLength: 1
|
|
branding_logo:
|
|
type: string
|
|
minLength: 1
|
|
branding_favicon:
|
|
type: string
|
|
minLength: 1
|
|
flow_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_invalidation:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_recovery:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_unenrollment:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_user_settings:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_device_code:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
event_retention:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
|
|
web_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Web Certificate used by the authentik Core webserver.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedCaptchaStageRequest:
|
|
type: object
|
|
description: CaptchaStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
public_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Public key, acquired your captcha Provider.
|
|
private_key:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: Private key, acquired your captcha Provider.
|
|
js_url:
|
|
type: string
|
|
minLength: 1
|
|
api_url:
|
|
type: string
|
|
minLength: 1
|
|
PatchedCertificateKeyPairRequest:
|
|
type: object
|
|
description: CertificateKeyPair Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
certificate_data:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: PEM-encoded Certificate data
|
|
key_data:
|
|
type: string
|
|
writeOnly: true
|
|
description: Optional Private Key. If this is set, you can use this keypair
|
|
for encryption.
|
|
PatchedConsentStageRequest:
|
|
type: object
|
|
description: ConsentStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
mode:
|
|
$ref: '#/components/schemas/ConsentStageModeEnum'
|
|
consent_expire_in:
|
|
type: string
|
|
minLength: 1
|
|
title: Consent expires in
|
|
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
|
|
PatchedDenyStageRequest:
|
|
type: object
|
|
description: DenyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
deny_message:
|
|
type: string
|
|
PatchedDockerServiceConnectionRequest:
|
|
type: object
|
|
description: DockerServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Can be in the format of 'unix://<path>' when connecting to
|
|
a local docker daemon, or 'https://<hostname>:2376' when connecting to
|
|
a remote system.
|
|
tls_verification:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: CA which the endpoint's Certificate is verified against. Can
|
|
be left empty for no validation.
|
|
tls_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Certificate/Key used for authentication. Can be left empty
|
|
for no authentication.
|
|
PatchedDummyPolicyRequest:
|
|
type: object
|
|
description: Dummy Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
result:
|
|
type: boolean
|
|
wait_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
wait_max:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
PatchedDummyStageRequest:
|
|
type: object
|
|
description: DummyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
throw_error:
|
|
type: boolean
|
|
PatchedDuoDeviceRequest:
|
|
type: object
|
|
description: Serializer for Duo authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedEmailStageRequest:
|
|
type: object
|
|
description: EmailStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
writeOnly: true
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
token_expiry:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: Time in minutes the token sent is valid.
|
|
subject:
|
|
type: string
|
|
minLength: 1
|
|
template:
|
|
type: string
|
|
minLength: 1
|
|
activate_user_on_success:
|
|
type: boolean
|
|
description: Activate users upon completion of stage.
|
|
PatchedEventMatcherPolicyRequest:
|
|
type: object
|
|
description: Event Matcher Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/EventActions'
|
|
nullable: true
|
|
description: |-
|
|
Match created events with this action type. When left empty, all action types will be matched.
|
|
|
|
* `login` - Login
|
|
* `login_failed` - Login Failed
|
|
* `logout` - Logout
|
|
* `user_write` - User Write
|
|
* `suspicious_request` - Suspicious Request
|
|
* `password_set` - Password Set
|
|
* `secret_view` - Secret View
|
|
* `secret_rotate` - Secret Rotate
|
|
* `invitation_used` - Invite Used
|
|
* `authorize_application` - Authorize Application
|
|
* `source_linked` - Source Linked
|
|
* `impersonation_started` - Impersonation Started
|
|
* `impersonation_ended` - Impersonation Ended
|
|
* `flow_execution` - Flow Execution
|
|
* `policy_execution` - Policy Execution
|
|
* `policy_exception` - Policy Exception
|
|
* `property_mapping_exception` - Property Mapping Exception
|
|
* `system_task_execution` - System Task Execution
|
|
* `system_task_exception` - System Task Exception
|
|
* `system_exception` - System Exception
|
|
* `configuration_error` - Configuration Error
|
|
* `model_created` - Model Created
|
|
* `model_updated` - Model Updated
|
|
* `model_deleted` - Model Deleted
|
|
* `email_sent` - Email Sent
|
|
* `update_available` - Update Available
|
|
* `custom_` - Custom Prefix
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: Matches Event's Client IP (strict matching, for network matching
|
|
use an Expression Policy)
|
|
app:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AppEnum'
|
|
nullable: true
|
|
description: |-
|
|
Match events created by selected application. When left empty, all applications are matched.
|
|
|
|
* `authentik.tenants` - authentik Tenants
|
|
* `authentik.admin` - authentik Admin
|
|
* `authentik.api` - authentik API
|
|
* `authentik.crypto` - authentik Crypto
|
|
* `authentik.events` - authentik Events
|
|
* `authentik.flows` - authentik Flows
|
|
* `authentik.outposts` - authentik Outpost
|
|
* `authentik.policies.dummy` - authentik Policies.Dummy
|
|
* `authentik.policies.event_matcher` - authentik Policies.Event Matcher
|
|
* `authentik.policies.expiry` - authentik Policies.Expiry
|
|
* `authentik.policies.expression` - authentik Policies.Expression
|
|
* `authentik.policies.password` - authentik Policies.Password
|
|
* `authentik.policies.reputation` - authentik Policies.Reputation
|
|
* `authentik.policies` - authentik Policies
|
|
* `authentik.providers.ldap` - authentik Providers.LDAP
|
|
* `authentik.providers.oauth2` - authentik Providers.OAuth2
|
|
* `authentik.providers.proxy` - authentik Providers.Proxy
|
|
* `authentik.providers.radius` - authentik Providers.Radius
|
|
* `authentik.providers.saml` - authentik Providers.SAML
|
|
* `authentik.providers.scim` - authentik Providers.SCIM
|
|
* `authentik.rbac` - authentik RBAC
|
|
* `authentik.recovery` - authentik Recovery
|
|
* `authentik.sources.ldap` - authentik Sources.LDAP
|
|
* `authentik.sources.oauth` - authentik Sources.OAuth
|
|
* `authentik.sources.plex` - authentik Sources.Plex
|
|
* `authentik.sources.saml` - authentik Sources.SAML
|
|
* `authentik.stages.authenticator` - authentik Stages.Authenticator
|
|
* `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
|
|
* `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
|
|
* `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
|
|
* `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
|
|
* `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
|
|
* `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
|
|
* `authentik.stages.captcha` - authentik Stages.Captcha
|
|
* `authentik.stages.consent` - authentik Stages.Consent
|
|
* `authentik.stages.deny` - authentik Stages.Deny
|
|
* `authentik.stages.dummy` - authentik Stages.Dummy
|
|
* `authentik.stages.email` - authentik Stages.Email
|
|
* `authentik.stages.identification` - authentik Stages.Identification
|
|
* `authentik.stages.invitation` - authentik Stages.User Invitation
|
|
* `authentik.stages.password` - authentik Stages.Password
|
|
* `authentik.stages.prompt` - authentik Stages.Prompt
|
|
* `authentik.stages.user_delete` - authentik Stages.User Delete
|
|
* `authentik.stages.user_login` - authentik Stages.User Login
|
|
* `authentik.stages.user_logout` - authentik Stages.User Logout
|
|
* `authentik.stages.user_write` - authentik Stages.User Write
|
|
* `authentik.brands` - authentik Brands
|
|
* `authentik.blueprints` - authentik Blueprints
|
|
* `authentik.core` - authentik Core
|
|
* `authentik.enterprise` - authentik Enterprise
|
|
model:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ModelEnum'
|
|
nullable: true
|
|
description: |-
|
|
Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
|
|
|
|
* `authentik_tenants.tenant` - Tenant
|
|
* `authentik_tenants.domain` - Domain
|
|
* `authentik_crypto.certificatekeypair` - Certificate-Key Pair
|
|
* `authentik_events.event` - Event
|
|
* `authentik_events.notificationtransport` - Notification Transport
|
|
* `authentik_events.notification` - Notification
|
|
* `authentik_events.notificationrule` - Notification Rule
|
|
* `authentik_events.notificationwebhookmapping` - Webhook Mapping
|
|
* `authentik_flows.flow` - Flow
|
|
* `authentik_flows.flowstagebinding` - Flow Stage Binding
|
|
* `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
|
|
* `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
|
|
* `authentik_outposts.outpost` - Outpost
|
|
* `authentik_policies_dummy.dummypolicy` - Dummy Policy
|
|
* `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
|
|
* `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
|
|
* `authentik_policies_expression.expressionpolicy` - Expression Policy
|
|
* `authentik_policies_password.passwordpolicy` - Password Policy
|
|
* `authentik_policies_reputation.reputationpolicy` - Reputation Policy
|
|
* `authentik_policies_reputation.reputation` - Reputation Score
|
|
* `authentik_policies.policybinding` - Policy Binding
|
|
* `authentik_providers_ldap.ldapprovider` - LDAP Provider
|
|
* `authentik_providers_oauth2.scopemapping` - Scope Mapping
|
|
* `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
|
|
* `authentik_providers_oauth2.authorizationcode` - Authorization Code
|
|
* `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token
|
|
* `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token
|
|
* `authentik_providers_proxy.proxyprovider` - Proxy Provider
|
|
* `authentik_providers_radius.radiusprovider` - Radius Provider
|
|
* `authentik_providers_saml.samlprovider` - SAML Provider
|
|
* `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
|
|
* `authentik_providers_scim.scimprovider` - SCIM Provider
|
|
* `authentik_providers_scim.scimmapping` - SCIM Mapping
|
|
* `authentik_rbac.role` - Role
|
|
* `authentik_sources_ldap.ldapsource` - LDAP Source
|
|
* `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
|
|
* `authentik_sources_oauth.oauthsource` - OAuth Source
|
|
* `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
|
|
* `authentik_sources_plex.plexsource` - Plex Source
|
|
* `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
|
|
* `authentik_sources_saml.samlsource` - SAML Source
|
|
* `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
|
|
* `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_duo.duodevice` - Duo Device
|
|
* `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_sms.smsdevice` - SMS Device
|
|
* `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
|
|
* `authentik_stages_authenticator_static.staticdevice` - Static Device
|
|
* `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
|
|
* `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
|
|
* `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
|
|
* `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
|
|
* `authentik_stages_captcha.captchastage` - Captcha Stage
|
|
* `authentik_stages_consent.consentstage` - Consent Stage
|
|
* `authentik_stages_consent.userconsent` - User Consent
|
|
* `authentik_stages_deny.denystage` - Deny Stage
|
|
* `authentik_stages_dummy.dummystage` - Dummy Stage
|
|
* `authentik_stages_email.emailstage` - Email Stage
|
|
* `authentik_stages_identification.identificationstage` - Identification Stage
|
|
* `authentik_stages_invitation.invitationstage` - Invitation Stage
|
|
* `authentik_stages_invitation.invitation` - Invitation
|
|
* `authentik_stages_password.passwordstage` - Password Stage
|
|
* `authentik_stages_prompt.prompt` - Prompt
|
|
* `authentik_stages_prompt.promptstage` - Prompt Stage
|
|
* `authentik_stages_user_delete.userdeletestage` - User Delete Stage
|
|
* `authentik_stages_user_login.userloginstage` - User Login Stage
|
|
* `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
|
|
* `authentik_stages_user_write.userwritestage` - User Write Stage
|
|
* `authentik_brands.brand` - Brand
|
|
* `authentik_blueprints.blueprintinstance` - Blueprint Instance
|
|
* `authentik_core.group` - Group
|
|
* `authentik_core.user` - User
|
|
* `authentik_core.application` - Application
|
|
* `authentik_core.token` - Token
|
|
* `authentik_enterprise.license` - License
|
|
PatchedEventRequest:
|
|
type: object
|
|
description: Event Serializer
|
|
properties:
|
|
user:
|
|
type: object
|
|
additionalProperties: {}
|
|
action:
|
|
$ref: '#/components/schemas/EventActions'
|
|
app:
|
|
type: string
|
|
minLength: 1
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
brand:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedExpressionPolicyRequest:
|
|
type: object
|
|
description: Group Membership Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedFlowRequest:
|
|
type: object
|
|
description: Flow Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Visible in the URL.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
minLength: 1
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: |-
|
|
Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
|
|
|
|
* `authentication` - Authentication
|
|
* `authorization` - Authorization
|
|
* `invalidation` - Invalidation
|
|
* `enrollment` - Enrollment
|
|
* `unenrollment` - Unrenollment
|
|
* `recovery` - Recovery
|
|
* `stage_configuration` - Stage Configuration
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
layout:
|
|
$ref: '#/components/schemas/LayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: |-
|
|
Configure what should happen when a flow denies access to a user.
|
|
|
|
* `message_continue` - Message Continue
|
|
* `message` - Message
|
|
* `continue` - Continue
|
|
authentication:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticationEnum'
|
|
description: |-
|
|
Required level of authentication and authorization to access a flow.
|
|
|
|
* `none` - None
|
|
* `require_authenticated` - Require Authenticated
|
|
* `require_unauthenticated` - Require Unauthenticated
|
|
* `require_superuser` - Require Superuser
|
|
PatchedFlowStageBindingRequest:
|
|
type: object
|
|
description: FlowStageBinding Serializer
|
|
properties:
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
stage:
|
|
type: string
|
|
format: uuid
|
|
evaluate_on_plan:
|
|
type: boolean
|
|
description: Evaluate policies during the Flow planning process.
|
|
re_evaluate_policies:
|
|
type: boolean
|
|
description: Evaluate policies when the Stage is present to the user.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
invalid_response_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/InvalidResponseActionEnum'
|
|
description: |-
|
|
Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
|
|
|
|
* `retry` - Retry
|
|
* `restart` - Restart
|
|
* `restart_with_context` - Restart With Context
|
|
PatchedGroupRequest:
|
|
type: object
|
|
description: Group Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 80
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
parent:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
users:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
PatchedIdentificationStageRequest:
|
|
type: object
|
|
description: IdentificationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserFieldsEnum'
|
|
description: Fields of the user object to match against. (Hold shift to
|
|
select multiple options)
|
|
password_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, shows a password field, instead of showing the password
|
|
field as seaprate step.
|
|
case_insensitive_matching:
|
|
type: boolean
|
|
description: When enabled, user fields are matched regardless of their casing.
|
|
show_matched_user:
|
|
type: boolean
|
|
description: When a valid username/email has been entered, and this option
|
|
is enabled, the user's username and avatar will be shown. Otherwise, the
|
|
text that the user entered will be shown
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional enrollment flow, which is linked at the bottom of
|
|
the page.
|
|
recovery_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional recovery flow, which is linked at the bottom of the
|
|
page.
|
|
passwordless_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional passwordless flow, which is linked at the bottom of
|
|
the page.
|
|
sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Specify which sources should be shown.
|
|
show_source_labels:
|
|
type: boolean
|
|
pretend_user_exists:
|
|
type: boolean
|
|
description: When enabled, the stage will succeed and continue even when
|
|
incorrect user info is entered.
|
|
PatchedInvitationRequest:
|
|
type: object
|
|
description: Invitation Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
fixed_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
single_use:
|
|
type: boolean
|
|
description: When enabled, the invitation will be deleted after usage.
|
|
flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, only the configured flow can use this invitation.
|
|
PatchedInvitationStageRequest:
|
|
type: object
|
|
description: InvitationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
continue_flow_without_invitation:
|
|
type: boolean
|
|
description: If this flag is set, this Stage will jump to the next Stage
|
|
when no Invitation is given. By default this Stage will cancel the Flow
|
|
when no invitation is given.
|
|
PatchedKubernetesServiceConnectionRequest:
|
|
type: object
|
|
description: KubernetesServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
kubeconfig:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Paste your kubeconfig here. authentik will automatically use
|
|
the currently selected context.
|
|
verify_ssl:
|
|
type: boolean
|
|
description: Verify SSL Certificates of the Kubernetes API endpoint
|
|
PatchedLDAPPropertyMappingRequest:
|
|
type: object
|
|
description: LDAP PropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
object_field:
|
|
type: string
|
|
minLength: 1
|
|
PatchedLDAPProviderRequest:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
description: DN under which objects are accessible.
|
|
search_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Users in this group can do search queries. If not set, every
|
|
user can execute search queries.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
PatchedLDAPSourceRequest:
|
|
type: object
|
|
description: LDAP Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
server_uri:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
peer_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally verify the LDAP Server's Certificate against the
|
|
CA Chain in this keypair.
|
|
client_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Client certificate to authenticate against the LDAP Server's
|
|
Certificate.
|
|
bind_cn:
|
|
type: string
|
|
bind_password:
|
|
type: string
|
|
writeOnly: true
|
|
start_tls:
|
|
type: boolean
|
|
title: Enable Start TLS
|
|
sni:
|
|
type: boolean
|
|
title: Use Server URI for SNI verification
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
additional_user_dn:
|
|
type: string
|
|
title: Addition User DN
|
|
description: Prepended to Base DN for User-queries.
|
|
additional_group_dn:
|
|
type: string
|
|
title: Addition Group DN
|
|
description: Prepended to Base DN for Group-queries.
|
|
user_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Users.
|
|
group_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Groups.
|
|
group_membership_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains members of a group.
|
|
object_uniqueness_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains a unique Identifier.
|
|
sync_users:
|
|
type: boolean
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to LDAP. This
|
|
can only be enabled on a single LDAP source.
|
|
sync_groups:
|
|
type: boolean
|
|
sync_parent_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
PatchedLicenseRequest:
|
|
type: object
|
|
description: License Serializer
|
|
properties:
|
|
key:
|
|
type: string
|
|
minLength: 1
|
|
PatchedNotificationRequest:
|
|
type: object
|
|
description: Notification Serializer
|
|
properties:
|
|
event:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
seen:
|
|
type: boolean
|
|
PatchedNotificationRuleRequest:
|
|
type: object
|
|
description: NotificationRule Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the user.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
description: |-
|
|
Controls which severity level the created notifications will have.
|
|
|
|
* `notice` - Notice
|
|
* `warning` - Warning
|
|
* `alert` - Alert
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Define which group of users this notification should be sent
|
|
and shown to. If left empty, Notification won't ben sent.
|
|
PatchedNotificationTransportRequest:
|
|
type: object
|
|
description: NotificationTransport Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/NotificationTransportModeEnum'
|
|
webhook_url:
|
|
type: string
|
|
format: uri
|
|
webhook_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
send_once:
|
|
type: boolean
|
|
description: Only send notification once, for example when sending a webhook
|
|
into a chat channel.
|
|
PatchedNotificationWebhookMappingRequest:
|
|
type: object
|
|
description: NotificationWebhookMapping Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedOAuth2ProviderRequest:
|
|
type: object
|
|
description: OAuth2Provider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ClientTypeEnum'
|
|
description: |-
|
|
Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
|
|
|
|
* `confidential` - Confidential
|
|
* `public` - Public
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
access_code_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Access codes not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
include_claims_in_id_token:
|
|
type: boolean
|
|
description: Include User claims from scopes in the id_token, for applications
|
|
that don't access the userinfo endpoint.
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to sign the tokens. Only required when JWT Algorithm
|
|
is set to RS256.
|
|
redirect_uris:
|
|
type: string
|
|
description: Enter each URI on a new line.
|
|
sub_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SubModeEnum'
|
|
description: |-
|
|
Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
|
|
|
|
* `hashed_user_id` - Based on the Hashed User ID
|
|
* `user_id` - Based on user ID
|
|
* `user_uuid` - Based on user UUID
|
|
* `user_username` - Based on the username
|
|
* `user_email` - Based on the User's Email. This is recommended over the UPN method.
|
|
* `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
|
|
issuer_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/IssuerModeEnum'
|
|
description: |-
|
|
Configure how the issuer field of the ID Token should be filled.
|
|
|
|
* `global` - Same identifier is used for all providers
|
|
* `per_provider` - Each provider has a different issuer, based on the application slug.
|
|
jwks_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
PatchedOAuthSourceRequest:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
provider_type:
|
|
$ref: '#/components/schemas/ProviderTypeEnum'
|
|
request_token_url:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: URL used to request the initial token. This URL is only required
|
|
for OAuth 1.
|
|
maxLength: 255
|
|
authorization_url:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: URL the user is redirect to to conest the flow.
|
|
maxLength: 255
|
|
access_token_url:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: URL used by authentik to retrieve tokens.
|
|
maxLength: 255
|
|
profile_url:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: URL used by authentik to get user information.
|
|
maxLength: 255
|
|
consumer_key:
|
|
type: string
|
|
minLength: 1
|
|
consumer_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
additional_scopes:
|
|
type: string
|
|
oidc_well_known_url:
|
|
type: string
|
|
oidc_jwks_url:
|
|
type: string
|
|
oidc_jwks:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedOutpostRequest:
|
|
type: object
|
|
description: Outpost Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/OutpostTypeEnum'
|
|
providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
service_connection:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Select Service-Connection authentik should use to manage this
|
|
outpost. Leave empty if authentik should not handle the deployment.
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
PatchedPasswordExpiryPolicyRequest:
|
|
type: object
|
|
description: Password Expiry Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
days:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
deny_only:
|
|
type: boolean
|
|
PatchedPasswordPolicyRequest:
|
|
type: object
|
|
description: Password Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
password_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
amount_digits:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_uppercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_lowercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_symbols:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
length_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
symbol_charset:
|
|
type: string
|
|
minLength: 1
|
|
error_message:
|
|
type: string
|
|
check_static_rules:
|
|
type: boolean
|
|
check_have_i_been_pwned:
|
|
type: boolean
|
|
check_zxcvbn:
|
|
type: boolean
|
|
hibp_allowed_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: How many times the password hash is allowed to be on haveibeenpwned
|
|
zxcvbn_score_threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: If the zxcvbn score is equal or less than this value, the policy
|
|
will fail.
|
|
PatchedPasswordStageRequest:
|
|
type: object
|
|
description: PasswordStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
backends:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BackendsEnum'
|
|
description: Selection of backends to test the password against.
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
failed_attempts_before_cancel:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: How many attempts a user has before the flow is canceled. To
|
|
lock the user out, use a reputation policy and a user_write stage.
|
|
PatchedPermissionAssignRequest:
|
|
type: object
|
|
description: Request to assign a new permission
|
|
properties:
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
model:
|
|
$ref: '#/components/schemas/ModelEnum'
|
|
object_pk:
|
|
type: string
|
|
minLength: 1
|
|
PatchedPlexSourceConnectionRequest:
|
|
type: object
|
|
description: Plex Source connection Serializer
|
|
properties:
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
plex_token:
|
|
type: string
|
|
minLength: 1
|
|
PatchedPlexSourceRequest:
|
|
type: object
|
|
description: Plex Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
description: Client identifier used to talk to Plex.
|
|
allowed_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
description: Which servers a user has to be a member of to be granted access.
|
|
Empty list allows every server.
|
|
allow_friends:
|
|
type: boolean
|
|
description: Allow friends to authenticate, even if you don't share a server.
|
|
plex_token:
|
|
type: string
|
|
minLength: 1
|
|
description: Plex token used to check friends
|
|
PatchedPolicyBindingRequest:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
PatchedPromptRequest:
|
|
type: object
|
|
description: Prompt Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
field_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Name of the form field, also used to store the value
|
|
label:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
description: Optionally provide a short hint that describes the expected
|
|
input value. When creating a fixed choice field, enable interpreting as
|
|
expression and return a list to return multiple choices.
|
|
initial_value:
|
|
type: string
|
|
description: Optionally pre-fill the input with an initial value. When creating
|
|
a fixed choice field, enable interpreting as expression and return a list
|
|
to return multiple default choices.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
promptstage_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/StageRequest'
|
|
sub_text:
|
|
type: string
|
|
placeholder_expression:
|
|
type: boolean
|
|
initial_value_expression:
|
|
type: boolean
|
|
PatchedPromptStageRequest:
|
|
type: object
|
|
description: PromptStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
validation_policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
PatchedProxyProviderRequest:
|
|
type: object
|
|
description: ProxyProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: |-
|
|
Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
|
|
|
|
* `proxy` - Proxy
|
|
* `forward_single` - Forward Single
|
|
* `forward_domain` - Forward Domain
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
cookie_domain:
|
|
type: string
|
|
jwks_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
PatchedRadiusProviderRequest:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_networks:
|
|
type: string
|
|
minLength: 1
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
minLength: 1
|
|
description: Shared secret between clients and server to hash packets.
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
PatchedReputationPolicyRequest:
|
|
type: object
|
|
description: Reputation Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
check_ip:
|
|
type: boolean
|
|
check_username:
|
|
type: boolean
|
|
threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
PatchedRoleRequest:
|
|
type: object
|
|
description: Role serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
PatchedSAMLPropertyMappingRequest:
|
|
type: object
|
|
description: SAMLPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
saml_name:
|
|
type: string
|
|
minLength: 1
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
PatchedSAMLProviderRequest:
|
|
type: object
|
|
description: SAMLProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
acs_url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
maxLength: 200
|
|
audience:
|
|
type: string
|
|
description: Value of the audience restriction field of the assertion. When
|
|
left empty, no audience restriction will be added.
|
|
issuer:
|
|
type: string
|
|
minLength: 1
|
|
description: Also known as EntityID
|
|
assertion_valid_not_before:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
sp_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SpBindingEnum'
|
|
title: Service Provider Binding
|
|
description: |-
|
|
This determines how authentik sends the response back to the Service Provider.
|
|
|
|
* `redirect` - Redirect
|
|
* `post` - Post
|
|
default_relay_state:
|
|
type: string
|
|
description: Default relay_state value for IDP-initiated logins
|
|
PatchedSAMLSourceRequest:
|
|
type: object
|
|
description: SAMLSource Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
issuer:
|
|
type: string
|
|
description: Also known as Entity ID. Defaults the Metadata URL.
|
|
sso_url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
description: URL that the initial Login request is sent to.
|
|
maxLength: 200
|
|
slo_url:
|
|
type: string
|
|
format: uri
|
|
nullable: true
|
|
description: Optional URL if your IDP supports Single-Logout.
|
|
maxLength: 200
|
|
allow_idp_initiated:
|
|
type: boolean
|
|
description: Allows authentication flows initiated by the IdP. This can
|
|
be a security risk, as no validation of the request ID is done.
|
|
name_id_policy:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NameIdPolicyEnum'
|
|
description: |-
|
|
NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
|
|
|
|
* `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
|
|
binding_type:
|
|
$ref: '#/components/schemas/BindingTypeEnum'
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Identity
|
|
Provider.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
temporary_user_delete_after:
|
|
type: string
|
|
minLength: 1
|
|
title: Delete temporary users after
|
|
description: 'Time offset when temporary users should be deleted. This only
|
|
applies if your IDP uses the NameID Format ''transient'', and the user
|
|
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
|
|
PatchedSCIMMappingRequest:
|
|
type: object
|
|
description: SCIMMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedSCIMProviderRequest:
|
|
type: object
|
|
description: SCIMProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Base URL to SCIM requests, usually ends in /v2
|
|
token:
|
|
type: string
|
|
minLength: 1
|
|
description: Authentication token
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
PatchedSMSDeviceRequest:
|
|
type: object
|
|
description: Serializer for sms authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedScopeMappingRequest:
|
|
type: object
|
|
description: ScopeMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
scope_name:
|
|
type: string
|
|
minLength: 1
|
|
description: Scope name requested by the client
|
|
description:
|
|
type: string
|
|
description: Description shown to the user when consenting. If left empty,
|
|
the user won't be informed.
|
|
PatchedSettingsRequest:
|
|
type: object
|
|
description: Settings Serializer
|
|
properties:
|
|
avatars:
|
|
type: string
|
|
minLength: 1
|
|
description: Configure how authentik should show avatars for users.
|
|
default_user_change_name:
|
|
type: boolean
|
|
description: Enable the ability for users to change their name.
|
|
default_user_change_email:
|
|
type: boolean
|
|
description: Enable the ability for users to change their email address.
|
|
default_user_change_username:
|
|
type: boolean
|
|
description: Enable the ability for users to change their username.
|
|
gdpr_compliance:
|
|
type: boolean
|
|
description: When enabled, all the events caused by a user will be deleted
|
|
upon the user's deletion.
|
|
impersonation:
|
|
type: boolean
|
|
description: Globally enable/disable impersonation.
|
|
footer_links:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: The option configures the footer links on the flow executor
|
|
pages.
|
|
PatchedStaticDeviceRequest:
|
|
type: object
|
|
description: Serializer for static authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedTOTPDeviceRequest:
|
|
type: object
|
|
description: Serializer for totp authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedTenantRequest:
|
|
type: object
|
|
description: Tenant Serializer
|
|
properties:
|
|
schema_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 63
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
PatchedTokenRequest:
|
|
type: object
|
|
description: Token Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
intent:
|
|
$ref: '#/components/schemas/IntentEnum'
|
|
user:
|
|
type: integer
|
|
description:
|
|
type: string
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
expiring:
|
|
type: boolean
|
|
PatchedUserDeleteStageRequest:
|
|
type: object
|
|
description: UserDeleteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
PatchedUserLoginStageRequest:
|
|
type: object
|
|
description: UserLoginStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
session_duration:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
terminate_other_sessions:
|
|
type: boolean
|
|
description: Terminate all other sessions of the user logging in.
|
|
remember_me_offset:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Offset the session will be extended by when the user picks
|
|
the remember me option. Default of 0 means that the remember me option
|
|
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
PatchedUserLogoutStageRequest:
|
|
type: object
|
|
description: UserLogoutStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
PatchedUserOAuthSourceConnectionRequest:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
user:
|
|
type: integer
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
access_token:
|
|
type: string
|
|
writeOnly: true
|
|
nullable: true
|
|
PatchedUserRequest:
|
|
type: object
|
|
description: User Serializer
|
|
properties:
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
path:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
PatchedUserSAMLSourceConnectionRequest:
|
|
type: object
|
|
description: SAML Source Serializer
|
|
properties:
|
|
user:
|
|
type: integer
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserWriteStageRequest:
|
|
type: object
|
|
description: UserWriteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
user_creation_mode:
|
|
$ref: '#/components/schemas/UserCreationModeEnum'
|
|
create_users_as_inactive:
|
|
type: boolean
|
|
description: When set, newly created users are inactive and cannot login.
|
|
create_users_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally add newly created users to this group.
|
|
user_type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
user_path_template:
|
|
type: string
|
|
PatchedWebAuthnDeviceRequest:
|
|
type: object
|
|
description: Serializer for WebAuthn authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 200
|
|
Permission:
|
|
type: object
|
|
description: Global permission
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
maxLength: 255
|
|
codename:
|
|
type: string
|
|
maxLength: 100
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
app_label_verbose:
|
|
type: string
|
|
description: Human-readable app label
|
|
readOnly: true
|
|
model_verbose:
|
|
type: string
|
|
description: Human-readable model name
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- app_label_verbose
|
|
- codename
|
|
- id
|
|
- model
|
|
- model_verbose
|
|
- name
|
|
PermissionAssignRequest:
|
|
type: object
|
|
description: Request to assign a new permission
|
|
properties:
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
model:
|
|
$ref: '#/components/schemas/ModelEnum'
|
|
object_pk:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- permissions
|
|
PlexAuthenticationChallenge:
|
|
type: object
|
|
description: Challenge shown to the user in identification stage
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-source-plex
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
client_id:
|
|
type: string
|
|
slug:
|
|
type: string
|
|
required:
|
|
- client_id
|
|
- slug
|
|
- type
|
|
PlexAuthenticationChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for plex response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-source-plex
|
|
PlexSource:
|
|
type: object
|
|
description: Plex Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Get the URL to the Icon. If the name is /static or
|
|
starts with http it is returned as-is
|
|
readOnly: true
|
|
client_id:
|
|
type: string
|
|
description: Client identifier used to talk to Plex.
|
|
allowed_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: Which servers a user has to be a member of to be granted access.
|
|
Empty list allows every server.
|
|
allow_friends:
|
|
type: boolean
|
|
description: Allow friends to authenticate, even if you don't share a server.
|
|
plex_token:
|
|
type: string
|
|
description: Plex token used to check friends
|
|
required:
|
|
- component
|
|
- icon
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- plex_token
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PlexSourceConnection:
|
|
type: object
|
|
description: Plex Source connection Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
readOnly: true
|
|
source:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
plex_token:
|
|
type: string
|
|
required:
|
|
- identifier
|
|
- pk
|
|
- plex_token
|
|
- source
|
|
- user
|
|
PlexSourceConnectionRequest:
|
|
type: object
|
|
description: Plex Source connection Serializer
|
|
properties:
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
plex_token:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- plex_token
|
|
PlexSourceRequest:
|
|
type: object
|
|
description: Plex Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
description: Client identifier used to talk to Plex.
|
|
allowed_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
description: Which servers a user has to be a member of to be granted access.
|
|
Empty list allows every server.
|
|
allow_friends:
|
|
type: boolean
|
|
description: Allow friends to authenticate, even if you don't share a server.
|
|
plex_token:
|
|
type: string
|
|
minLength: 1
|
|
description: Plex token used to check friends
|
|
required:
|
|
- name
|
|
- plex_token
|
|
- slug
|
|
PlexTokenRedeemRequest:
|
|
type: object
|
|
description: Serializer to redeem a plex token
|
|
properties:
|
|
plex_token:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- plex_token
|
|
Policy:
|
|
type: object
|
|
description: Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PolicyBinding:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy binding uuid
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
policy_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Policy'
|
|
readOnly: true
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Group'
|
|
readOnly: true
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/User'
|
|
readOnly: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
required:
|
|
- group_obj
|
|
- order
|
|
- pk
|
|
- policy_obj
|
|
- target
|
|
- user_obj
|
|
PolicyBindingRequest:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
required:
|
|
- order
|
|
- target
|
|
PolicyEngineMode:
|
|
enum:
|
|
- all
|
|
- any
|
|
type: string
|
|
description: |-
|
|
* `all` - all, all policies must pass
|
|
* `any` - any, any policy must pass
|
|
PolicyRequest:
|
|
type: object
|
|
description: Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
required:
|
|
- name
|
|
PolicyTestRequest:
|
|
type: object
|
|
description: Test policy execution for a user with context
|
|
properties:
|
|
user:
|
|
type: integer
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- user
|
|
PolicyTestResult:
|
|
type: object
|
|
description: result of a policy test
|
|
properties:
|
|
passing:
|
|
type: boolean
|
|
messages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
log_messages:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- log_messages
|
|
- messages
|
|
- passing
|
|
Prompt:
|
|
type: object
|
|
description: Prompt Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Prompt uuid
|
|
name:
|
|
type: string
|
|
field_key:
|
|
type: string
|
|
description: Name of the form field, also used to store the value
|
|
label:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
description: Optionally provide a short hint that describes the expected
|
|
input value. When creating a fixed choice field, enable interpreting as
|
|
expression and return a list to return multiple choices.
|
|
initial_value:
|
|
type: string
|
|
description: Optionally pre-fill the input with an initial value. When creating
|
|
a fixed choice field, enable interpreting as expression and return a list
|
|
to return multiple default choices.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
promptstage_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Stage'
|
|
sub_text:
|
|
type: string
|
|
placeholder_expression:
|
|
type: boolean
|
|
initial_value_expression:
|
|
type: boolean
|
|
required:
|
|
- field_key
|
|
- label
|
|
- name
|
|
- pk
|
|
- type
|
|
PromptChallenge:
|
|
type: object
|
|
description: Initial challenge being sent, define fields
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-prompt
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/StagePrompt'
|
|
required:
|
|
- fields
|
|
- type
|
|
PromptChallengeResponseRequest:
|
|
type: object
|
|
description: |-
|
|
Validate response, fields are dynamically created based
|
|
on the stage
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-prompt
|
|
additionalProperties: {}
|
|
PromptRequest:
|
|
type: object
|
|
description: Prompt Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
field_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Name of the form field, also used to store the value
|
|
label:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
description: Optionally provide a short hint that describes the expected
|
|
input value. When creating a fixed choice field, enable interpreting as
|
|
expression and return a list to return multiple choices.
|
|
initial_value:
|
|
type: string
|
|
description: Optionally pre-fill the input with an initial value. When creating
|
|
a fixed choice field, enable interpreting as expression and return a list
|
|
to return multiple default choices.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
promptstage_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/StageRequest'
|
|
sub_text:
|
|
type: string
|
|
placeholder_expression:
|
|
type: boolean
|
|
initial_value_expression:
|
|
type: boolean
|
|
required:
|
|
- field_key
|
|
- label
|
|
- name
|
|
- type
|
|
PromptStage:
|
|
type: object
|
|
description: PromptStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
validation_policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- component
|
|
- fields
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PromptStageRequest:
|
|
type: object
|
|
description: PromptStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
validation_policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- fields
|
|
- name
|
|
PromptTypeEnum:
|
|
enum:
|
|
- text
|
|
- text_area
|
|
- text_read_only
|
|
- text_area_read_only
|
|
- username
|
|
- email
|
|
- password
|
|
- number
|
|
- checkbox
|
|
- radio-button-group
|
|
- dropdown
|
|
- date
|
|
- date-time
|
|
- file
|
|
- separator
|
|
- hidden
|
|
- static
|
|
- ak-locale
|
|
type: string
|
|
description: |-
|
|
* `text` - Text: Simple Text input
|
|
* `text_area` - Text area: Multiline Text Input.
|
|
* `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
|
|
* `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
|
|
* `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
|
|
* `email` - Email: Text field with Email type.
|
|
* `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
|
|
* `number` - Number
|
|
* `checkbox` - Checkbox
|
|
* `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
|
|
* `dropdown` - Fixed choice field rendered as a dropdown.
|
|
* `date` - Date
|
|
* `date-time` - Date Time
|
|
* `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
|
|
* `separator` - Separator: Static Separator Line
|
|
* `hidden` - Hidden: Hidden field, can be used to insert data into form.
|
|
* `static` - Static: Static value, displayed as-is.
|
|
* `ak-locale` - authentik: Selection of locales authentik supports
|
|
PropertyMapping:
|
|
type: object
|
|
description: PropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PropertyMappingPreview:
|
|
type: object
|
|
description: Preview how the current user is mapped via the property mappings
|
|
selected in a provider
|
|
properties:
|
|
preview:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- preview
|
|
PropertyMappingTestResult:
|
|
type: object
|
|
description: Result of a Property-mapping test
|
|
properties:
|
|
result:
|
|
type: string
|
|
readOnly: true
|
|
successful:
|
|
type: boolean
|
|
readOnly: true
|
|
required:
|
|
- result
|
|
- successful
|
|
Provider:
|
|
type: object
|
|
description: Provider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ProviderEnum:
|
|
enum:
|
|
- twilio
|
|
- generic
|
|
type: string
|
|
description: |-
|
|
* `twilio` - Twilio
|
|
* `generic` - Generic
|
|
ProviderModelEnum:
|
|
enum:
|
|
- authentik_providers_ldap.ldapprovider
|
|
- authentik_providers_oauth2.oauth2provider
|
|
- authentik_providers_proxy.proxyprovider
|
|
- authentik_providers_radius.radiusprovider
|
|
- authentik_providers_saml.samlprovider
|
|
- authentik_providers_scim.scimprovider
|
|
type: string
|
|
description: |-
|
|
* `authentik_providers_ldap.ldapprovider` - authentik_providers_ldap.ldapprovider
|
|
* `authentik_providers_oauth2.oauth2provider` - authentik_providers_oauth2.oauth2provider
|
|
* `authentik_providers_proxy.proxyprovider` - authentik_providers_proxy.proxyprovider
|
|
* `authentik_providers_radius.radiusprovider` - authentik_providers_radius.radiusprovider
|
|
* `authentik_providers_saml.samlprovider` - authentik_providers_saml.samlprovider
|
|
* `authentik_providers_scim.scimprovider` - authentik_providers_scim.scimprovider
|
|
ProviderRequest:
|
|
type: object
|
|
description: Provider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- authorization_flow
|
|
- name
|
|
ProviderTypeEnum:
|
|
enum:
|
|
- apple
|
|
- azuread
|
|
- discord
|
|
- facebook
|
|
- github
|
|
- google
|
|
- mailcow
|
|
- openidconnect
|
|
- okta
|
|
- patreon
|
|
- reddit
|
|
- twitch
|
|
- twitter
|
|
type: string
|
|
description: |-
|
|
* `apple` - Apple
|
|
* `azuread` - Azure AD
|
|
* `discord` - Discord
|
|
* `facebook` - Facebook
|
|
* `github` - GitHub
|
|
* `google` - Google
|
|
* `mailcow` - Mailcow
|
|
* `openidconnect` - OpenID Connect
|
|
* `okta` - Okta
|
|
* `patreon` - Patreon
|
|
* `reddit` - Reddit
|
|
* `twitch` - Twitch
|
|
* `twitter` - Twitter
|
|
ProxyMode:
|
|
enum:
|
|
- proxy
|
|
- forward_single
|
|
- forward_domain
|
|
type: string
|
|
description: |-
|
|
* `proxy` - Proxy
|
|
* `forward_single` - Forward Single
|
|
* `forward_domain` - Forward Domain
|
|
ProxyOutpostConfig:
|
|
type: object
|
|
description: Proxy provider serializer for outposts
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
client_id:
|
|
type: string
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
oidc_configuration:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OpenIDConnectConfiguration'
|
|
readOnly: true
|
|
cookie_secret:
|
|
type: string
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: |-
|
|
Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
|
|
|
|
* `proxy` - Proxy
|
|
* `forward_single` - Forward Single
|
|
* `forward_domain` - Forward Domain
|
|
cookie_domain:
|
|
type: string
|
|
access_token_validity:
|
|
type: number
|
|
format: double
|
|
nullable: true
|
|
description: Get token validity as second count
|
|
readOnly: true
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
scopes_to_request:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: |-
|
|
Get all the scope names the outpost should request,
|
|
including custom-defined ones
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
required:
|
|
- access_token_validity
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- external_host
|
|
- name
|
|
- oidc_configuration
|
|
- pk
|
|
- scopes_to_request
|
|
ProxyProvider:
|
|
type: object
|
|
description: ProxyProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
client_id:
|
|
type: string
|
|
readOnly: true
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: |-
|
|
Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
|
|
|
|
* `proxy` - Proxy
|
|
* `forward_single` - Forward Single
|
|
* `forward_domain` - Forward Domain
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
redirect_uris:
|
|
type: string
|
|
readOnly: true
|
|
cookie_domain:
|
|
type: string
|
|
jwks_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
access_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
outpost_set:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- client_id
|
|
- component
|
|
- external_host
|
|
- meta_model_name
|
|
- name
|
|
- outpost_set
|
|
- pk
|
|
- redirect_uris
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ProxyProviderRequest:
|
|
type: object
|
|
description: ProxyProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: |-
|
|
Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
|
|
|
|
* `proxy` - Proxy
|
|
* `forward_single` - Forward Single
|
|
* `forward_domain` - Forward Domain
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
cookie_domain:
|
|
type: string
|
|
jwks_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- authorization_flow
|
|
- external_host
|
|
- name
|
|
RadiusOutpostConfig:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
application_slug:
|
|
type: string
|
|
auth_flow_slug:
|
|
type: string
|
|
client_networks:
|
|
type: string
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
description: Shared secret between clients and server to hash packets.
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- application_slug
|
|
- auth_flow_slug
|
|
- name
|
|
- pk
|
|
RadiusProvider:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
client_networks:
|
|
type: string
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
description: Shared secret between clients and server to hash packets.
|
|
outpost_set:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- outpost_set
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
RadiusProviderRequest:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_networks:
|
|
type: string
|
|
minLength: 1
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
minLength: 1
|
|
description: Shared secret between clients and server to hash packets.
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- authorization_flow
|
|
- name
|
|
RedirectChallenge:
|
|
type: object
|
|
description: Challenge type to redirect the client
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: xak-flow-redirect
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
to:
|
|
type: string
|
|
required:
|
|
- to
|
|
- type
|
|
Reputation:
|
|
type: object
|
|
description: Reputation Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Reputation uuid
|
|
identifier:
|
|
type: string
|
|
ip:
|
|
type: string
|
|
ip_geo_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
score:
|
|
type: integer
|
|
maximum: 9223372036854775807
|
|
minimum: -9223372036854775808
|
|
format: int64
|
|
updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- identifier
|
|
- ip
|
|
- updated
|
|
ReputationPolicy:
|
|
type: object
|
|
description: Reputation Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
check_ip:
|
|
type: boolean
|
|
check_username:
|
|
type: boolean
|
|
threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ReputationPolicyRequest:
|
|
type: object
|
|
description: Reputation Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
check_ip:
|
|
type: boolean
|
|
check_username:
|
|
type: boolean
|
|
threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- name
|
|
ResidentKeyRequirementEnum:
|
|
enum:
|
|
- discouraged
|
|
- preferred
|
|
- required
|
|
type: string
|
|
description: |-
|
|
* `discouraged` - Discouraged
|
|
* `preferred` - Preferred
|
|
* `required` - Required
|
|
Role:
|
|
type: object
|
|
description: Role serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
maxLength: 150
|
|
required:
|
|
- name
|
|
- pk
|
|
RoleAssignedObjectPermission:
|
|
type: object
|
|
description: Roles assigned object permission serializer
|
|
properties:
|
|
role_pk:
|
|
type: string
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RoleObjectPermission'
|
|
required:
|
|
- name
|
|
- permissions
|
|
- role_pk
|
|
RoleObjectPermission:
|
|
type: object
|
|
description: Role-bound object level permission
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
codename:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
object_pk:
|
|
type: string
|
|
title: Object ID
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- codename
|
|
- id
|
|
- model
|
|
- name
|
|
- object_pk
|
|
RoleRequest:
|
|
type: object
|
|
description: Role serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
required:
|
|
- name
|
|
SAMLMetadata:
|
|
type: object
|
|
description: SAML Provider Metadata serializer
|
|
properties:
|
|
metadata:
|
|
type: string
|
|
readOnly: true
|
|
download_url:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- download_url
|
|
- metadata
|
|
SAMLPropertyMapping:
|
|
type: object
|
|
description: SAMLPropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
saml_name:
|
|
type: string
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- saml_name
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SAMLPropertyMappingRequest:
|
|
type: object
|
|
description: SAMLPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
saml_name:
|
|
type: string
|
|
minLength: 1
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- expression
|
|
- name
|
|
- saml_name
|
|
SAMLProvider:
|
|
type: object
|
|
description: SAMLProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
acs_url:
|
|
type: string
|
|
format: uri
|
|
maxLength: 200
|
|
audience:
|
|
type: string
|
|
description: Value of the audience restriction field of the assertion. When
|
|
left empty, no audience restriction will be added.
|
|
issuer:
|
|
type: string
|
|
description: Also known as EntityID
|
|
assertion_valid_not_before:
|
|
type: string
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
sp_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SpBindingEnum'
|
|
title: Service Provider Binding
|
|
description: |-
|
|
This determines how authentik sends the response back to the Service Provider.
|
|
|
|
* `redirect` - Redirect
|
|
* `post` - Post
|
|
default_relay_state:
|
|
type: string
|
|
description: Default relay_state value for IDP-initiated logins
|
|
url_download_metadata:
|
|
type: string
|
|
description: Get metadata download URL
|
|
readOnly: true
|
|
url_sso_post:
|
|
type: string
|
|
description: Get SSO Post URL
|
|
readOnly: true
|
|
url_sso_redirect:
|
|
type: string
|
|
description: Get SSO Redirect URL
|
|
readOnly: true
|
|
url_sso_init:
|
|
type: string
|
|
description: Get SSO IDP-Initiated URL
|
|
readOnly: true
|
|
url_slo_post:
|
|
type: string
|
|
description: Get SLO POST URL
|
|
readOnly: true
|
|
url_slo_redirect:
|
|
type: string
|
|
description: Get SLO redirect URL
|
|
readOnly: true
|
|
required:
|
|
- acs_url
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- url_download_metadata
|
|
- url_slo_post
|
|
- url_slo_redirect
|
|
- url_sso_init
|
|
- url_sso_post
|
|
- url_sso_redirect
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SAMLProviderImportRequest:
|
|
type: object
|
|
description: Import saml provider from XML Metadata
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
file:
|
|
type: string
|
|
format: binary
|
|
required:
|
|
- authorization_flow
|
|
- file
|
|
- name
|
|
SAMLProviderRequest:
|
|
type: object
|
|
description: SAMLProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
acs_url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
maxLength: 200
|
|
audience:
|
|
type: string
|
|
description: Value of the audience restriction field of the assertion. When
|
|
left empty, no audience restriction will be added.
|
|
issuer:
|
|
type: string
|
|
minLength: 1
|
|
description: Also known as EntityID
|
|
assertion_valid_not_before:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
sp_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SpBindingEnum'
|
|
title: Service Provider Binding
|
|
description: |-
|
|
This determines how authentik sends the response back to the Service Provider.
|
|
|
|
* `redirect` - Redirect
|
|
* `post` - Post
|
|
default_relay_state:
|
|
type: string
|
|
description: Default relay_state value for IDP-initiated logins
|
|
required:
|
|
- acs_url
|
|
- authorization_flow
|
|
- name
|
|
SAMLSource:
|
|
type: object
|
|
description: SAMLSource Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Get the URL to the Icon. If the name is /static or
|
|
starts with http it is returned as-is
|
|
readOnly: true
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
issuer:
|
|
type: string
|
|
description: Also known as Entity ID. Defaults the Metadata URL.
|
|
sso_url:
|
|
type: string
|
|
format: uri
|
|
description: URL that the initial Login request is sent to.
|
|
maxLength: 200
|
|
slo_url:
|
|
type: string
|
|
format: uri
|
|
nullable: true
|
|
description: Optional URL if your IDP supports Single-Logout.
|
|
maxLength: 200
|
|
allow_idp_initiated:
|
|
type: boolean
|
|
description: Allows authentication flows initiated by the IdP. This can
|
|
be a security risk, as no validation of the request ID is done.
|
|
name_id_policy:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NameIdPolicyEnum'
|
|
description: |-
|
|
NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
|
|
|
|
* `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
|
|
binding_type:
|
|
$ref: '#/components/schemas/BindingTypeEnum'
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Identity
|
|
Provider.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
temporary_user_delete_after:
|
|
type: string
|
|
title: Delete temporary users after
|
|
description: 'Time offset when temporary users should be deleted. This only
|
|
applies if your IDP uses the NameID Format ''transient'', and the user
|
|
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- component
|
|
- icon
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- pre_authentication_flow
|
|
- slug
|
|
- sso_url
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SAMLSourceRequest:
|
|
type: object
|
|
description: SAMLSource Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
issuer:
|
|
type: string
|
|
description: Also known as Entity ID. Defaults the Metadata URL.
|
|
sso_url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
description: URL that the initial Login request is sent to.
|
|
maxLength: 200
|
|
slo_url:
|
|
type: string
|
|
format: uri
|
|
nullable: true
|
|
description: Optional URL if your IDP supports Single-Logout.
|
|
maxLength: 200
|
|
allow_idp_initiated:
|
|
type: boolean
|
|
description: Allows authentication flows initiated by the IdP. This can
|
|
be a security risk, as no validation of the request ID is done.
|
|
name_id_policy:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NameIdPolicyEnum'
|
|
description: |-
|
|
NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
|
|
|
|
* `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
|
|
* `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
|
|
binding_type:
|
|
$ref: '#/components/schemas/BindingTypeEnum'
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Identity
|
|
Provider.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
temporary_user_delete_after:
|
|
type: string
|
|
minLength: 1
|
|
title: Delete temporary users after
|
|
description: 'Time offset when temporary users should be deleted. This only
|
|
applies if your IDP uses the NameID Format ''transient'', and the user
|
|
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- name
|
|
- pre_authentication_flow
|
|
- slug
|
|
- sso_url
|
|
SCIMMapping:
|
|
type: object
|
|
description: SCIMMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SCIMMappingRequest:
|
|
type: object
|
|
description: SCIMMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
SCIMProvider:
|
|
type: object
|
|
description: SCIMProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
url:
|
|
type: string
|
|
description: Base URL to SCIM requests, usually ends in /v2
|
|
token:
|
|
type: string
|
|
description: Authentication token
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- token
|
|
- url
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SCIMProviderRequest:
|
|
type: object
|
|
description: SCIMProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Base URL to SCIM requests, usually ends in /v2
|
|
token:
|
|
type: string
|
|
minLength: 1
|
|
description: Authentication token
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- name
|
|
- token
|
|
- url
|
|
SMSDevice:
|
|
type: object
|
|
description: Serializer for sms authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
phone_number:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- phone_number
|
|
- pk
|
|
SMSDeviceRequest:
|
|
type: object
|
|
description: Serializer for sms authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
ScopeMapping:
|
|
type: object
|
|
description: ScopeMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
scope_name:
|
|
type: string
|
|
description: Scope name requested by the client
|
|
description:
|
|
type: string
|
|
description: Description shown to the user when consenting. If left empty,
|
|
the user won't be informed.
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- scope_name
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ScopeMappingRequest:
|
|
type: object
|
|
description: ScopeMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
scope_name:
|
|
type: string
|
|
minLength: 1
|
|
description: Scope name requested by the client
|
|
description:
|
|
type: string
|
|
description: Description shown to the user when consenting. If left empty,
|
|
the user won't be informed.
|
|
required:
|
|
- expression
|
|
- name
|
|
- scope_name
|
|
SelectableStage:
|
|
type: object
|
|
description: Serializer for stages which can be selected by users
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
verbose_name:
|
|
type: string
|
|
meta_model_name:
|
|
type: string
|
|
required:
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
ServiceConnection:
|
|
type: object
|
|
description: ServiceConnection Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
component:
|
|
type: string
|
|
description: Return component used to edit this object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ServiceConnectionRequest:
|
|
type: object
|
|
description: ServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
required:
|
|
- name
|
|
ServiceConnectionState:
|
|
type: object
|
|
description: Serializer for Service connection state
|
|
properties:
|
|
healthy:
|
|
type: boolean
|
|
readOnly: true
|
|
version:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- healthy
|
|
- version
|
|
SessionUser:
|
|
type: object
|
|
description: |-
|
|
Response for the /user/me endpoint, returns the currently active user (as `user` property)
|
|
and, if this user is being impersonated, the original user in the `original` property.
|
|
properties:
|
|
user:
|
|
$ref: '#/components/schemas/UserSelf'
|
|
original:
|
|
$ref: '#/components/schemas/UserSelf'
|
|
required:
|
|
- user
|
|
Settings:
|
|
type: object
|
|
description: Settings Serializer
|
|
properties:
|
|
tenant_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
domains:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Domain'
|
|
readOnly: true
|
|
avatars:
|
|
type: string
|
|
description: Configure how authentik should show avatars for users.
|
|
default_user_change_name:
|
|
type: boolean
|
|
description: Enable the ability for users to change their name.
|
|
default_user_change_email:
|
|
type: boolean
|
|
description: Enable the ability for users to change their email address.
|
|
default_user_change_username:
|
|
type: boolean
|
|
description: Enable the ability for users to change their username.
|
|
gdpr_compliance:
|
|
type: boolean
|
|
description: When enabled, all the events caused by a user will be deleted
|
|
upon the user's deletion.
|
|
impersonation:
|
|
type: boolean
|
|
description: Globally enable/disable impersonation.
|
|
footer_links:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: The option configures the footer links on the flow executor
|
|
pages.
|
|
required:
|
|
- domains
|
|
- name
|
|
- tenant_uuid
|
|
SettingsRequest:
|
|
type: object
|
|
description: Settings Serializer
|
|
properties:
|
|
avatars:
|
|
type: string
|
|
minLength: 1
|
|
description: Configure how authentik should show avatars for users.
|
|
default_user_change_name:
|
|
type: boolean
|
|
description: Enable the ability for users to change their name.
|
|
default_user_change_email:
|
|
type: boolean
|
|
description: Enable the ability for users to change their email address.
|
|
default_user_change_username:
|
|
type: boolean
|
|
description: Enable the ability for users to change their username.
|
|
gdpr_compliance:
|
|
type: boolean
|
|
description: When enabled, all the events caused by a user will be deleted
|
|
upon the user's deletion.
|
|
impersonation:
|
|
type: boolean
|
|
description: Globally enable/disable impersonation.
|
|
footer_links:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: The option configures the footer links on the flow executor
|
|
pages.
|
|
SeverityEnum:
|
|
enum:
|
|
- notice
|
|
- warning
|
|
- alert
|
|
type: string
|
|
description: |-
|
|
* `notice` - Notice
|
|
* `warning` - Warning
|
|
* `alert` - Alert
|
|
ShellChallenge:
|
|
type: object
|
|
description: challenge type to render HTML as-is
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: xak-flow-shell
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
body:
|
|
type: string
|
|
required:
|
|
- body
|
|
- type
|
|
SignatureAlgorithmEnum:
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#rsa-sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
|
|
- http://www.w3.org/2000/09/xmldsig#dsa-sha1
|
|
type: string
|
|
description: |-
|
|
* `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - RSA-SHA1
|
|
* `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - RSA-SHA256
|
|
* `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - RSA-SHA384
|
|
* `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - RSA-SHA512
|
|
* `http://www.w3.org/2000/09/xmldsig#dsa-sha1` - DSA-SHA1
|
|
Source:
|
|
type: object
|
|
description: Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Get the URL to the Icon. If the name is /static or
|
|
starts with http it is returned as-is
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- icon
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SourceRequest:
|
|
type: object
|
|
description: Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
maxLength: 50
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |-
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
- slug
|
|
SourceType:
|
|
type: object
|
|
description: Serializer for SourceType
|
|
properties:
|
|
name:
|
|
type: string
|
|
slug:
|
|
type: string
|
|
urls_customizable:
|
|
type: boolean
|
|
request_token_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
authorization_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
access_token_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
profile_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
oidc_well_known_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
oidc_jwks_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
required:
|
|
- access_token_url
|
|
- authorization_url
|
|
- name
|
|
- oidc_jwks_url
|
|
- oidc_well_known_url
|
|
- profile_url
|
|
- request_token_url
|
|
- slug
|
|
- urls_customizable
|
|
SpBindingEnum:
|
|
enum:
|
|
- redirect
|
|
- post
|
|
type: string
|
|
description: |-
|
|
* `redirect` - Redirect
|
|
* `post` - Post
|
|
Stage:
|
|
type: object
|
|
description: Stage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
StagePrompt:
|
|
type: object
|
|
description: Serializer for a single Prompt field
|
|
properties:
|
|
field_key:
|
|
type: string
|
|
label:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
initial_value:
|
|
type: string
|
|
order:
|
|
type: integer
|
|
sub_text:
|
|
type: string
|
|
choices:
|
|
type: array
|
|
items:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- choices
|
|
- field_key
|
|
- initial_value
|
|
- label
|
|
- order
|
|
- placeholder
|
|
- required
|
|
- sub_text
|
|
- type
|
|
StageRequest:
|
|
type: object
|
|
description: Stage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
required:
|
|
- name
|
|
StaticDevice:
|
|
type: object
|
|
description: Serializer for static authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
token_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/StaticDeviceToken'
|
|
readOnly: true
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
required:
|
|
- name
|
|
- pk
|
|
- token_set
|
|
StaticDeviceRequest:
|
|
type: object
|
|
description: Serializer for static authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
StaticDeviceToken:
|
|
type: object
|
|
description: Serializer for static device's tokens
|
|
properties:
|
|
token:
|
|
type: string
|
|
maxLength: 16
|
|
required:
|
|
- token
|
|
StaticDeviceTokenRequest:
|
|
type: object
|
|
description: Serializer for static device's tokens
|
|
properties:
|
|
token:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 16
|
|
required:
|
|
- token
|
|
SubModeEnum:
|
|
enum:
|
|
- hashed_user_id
|
|
- user_id
|
|
- user_uuid
|
|
- user_username
|
|
- user_email
|
|
- user_upn
|
|
type: string
|
|
description: |-
|
|
* `hashed_user_id` - Based on the Hashed User ID
|
|
* `user_id` - Based on user ID
|
|
* `user_uuid` - Based on user UUID
|
|
* `user_username` - Based on the username
|
|
* `user_email` - Based on the User's Email. This is recommended over the UPN method.
|
|
* `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
|
|
SystemInfo:
|
|
type: object
|
|
description: Get system information.
|
|
properties:
|
|
http_headers:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
description: Get HTTP Request headers
|
|
readOnly: true
|
|
http_host:
|
|
type: string
|
|
description: Get HTTP host
|
|
readOnly: true
|
|
http_is_secure:
|
|
type: boolean
|
|
description: Get HTTP Secure flag
|
|
readOnly: true
|
|
runtime:
|
|
type: object
|
|
description: Get versions
|
|
properties:
|
|
python_version:
|
|
type: string
|
|
gunicorn_version:
|
|
type: string
|
|
environment:
|
|
type: string
|
|
architecture:
|
|
type: string
|
|
platform:
|
|
type: string
|
|
uname:
|
|
type: string
|
|
required:
|
|
- architecture
|
|
- environment
|
|
- gunicorn_version
|
|
- platform
|
|
- python_version
|
|
- uname
|
|
readOnly: true
|
|
brand:
|
|
type: string
|
|
description: Currently active brand
|
|
readOnly: true
|
|
server_time:
|
|
type: string
|
|
format: date-time
|
|
description: Current server time
|
|
readOnly: true
|
|
embedded_outpost_host:
|
|
type: string
|
|
description: Get the FQDN configured on the embedded outpost
|
|
readOnly: true
|
|
required:
|
|
- brand
|
|
- embedded_outpost_host
|
|
- http_headers
|
|
- http_host
|
|
- http_is_secure
|
|
- runtime
|
|
- server_time
|
|
TOTPDevice:
|
|
type: object
|
|
description: Serializer for totp authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
required:
|
|
- name
|
|
- pk
|
|
TOTPDeviceRequest:
|
|
type: object
|
|
description: Serializer for totp authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
Task:
|
|
type: object
|
|
description: Serialize TaskInfo and TaskResult
|
|
properties:
|
|
task_name:
|
|
type: string
|
|
task_description:
|
|
type: string
|
|
task_finish_timestamp:
|
|
type: string
|
|
format: date-time
|
|
task_duration:
|
|
type: integer
|
|
description: Get the duration a task took to run
|
|
readOnly: true
|
|
status:
|
|
$ref: '#/components/schemas/TaskStatusEnum'
|
|
messages:
|
|
type: array
|
|
items: {}
|
|
required:
|
|
- messages
|
|
- status
|
|
- task_description
|
|
- task_duration
|
|
- task_finish_timestamp
|
|
- task_name
|
|
TaskStatusEnum:
|
|
enum:
|
|
- SUCCESSFUL
|
|
- WARNING
|
|
- ERROR
|
|
- UNKNOWN
|
|
type: string
|
|
description: |-
|
|
* `SUCCESSFUL` - SUCCESSFUL
|
|
* `WARNING` - WARNING
|
|
* `ERROR` - ERROR
|
|
* `UNKNOWN` - UNKNOWN
|
|
Tenant:
|
|
type: object
|
|
description: Tenant Serializer
|
|
properties:
|
|
tenant_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
schema_name:
|
|
type: string
|
|
maxLength: 63
|
|
name:
|
|
type: string
|
|
required:
|
|
- name
|
|
- schema_name
|
|
- tenant_uuid
|
|
TenantRequest:
|
|
type: object
|
|
description: Tenant Serializer
|
|
properties:
|
|
schema_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 63
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
- schema_name
|
|
Token:
|
|
type: object
|
|
description: Token Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Token uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
identifier:
|
|
type: string
|
|
maxLength: 255
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
intent:
|
|
$ref: '#/components/schemas/IntentEnum'
|
|
user:
|
|
type: integer
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/User'
|
|
readOnly: true
|
|
description:
|
|
type: string
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
expiring:
|
|
type: boolean
|
|
required:
|
|
- identifier
|
|
- pk
|
|
- user_obj
|
|
TokenModel:
|
|
type: object
|
|
description: Serializer for BaseGrantModel and RefreshToken
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
provider:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
user:
|
|
$ref: '#/components/schemas/User'
|
|
is_expired:
|
|
type: boolean
|
|
description: Check if token is expired yet.
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
scope:
|
|
type: array
|
|
items:
|
|
type: string
|
|
id_token:
|
|
type: string
|
|
description: Get the token's id_token as JSON String
|
|
readOnly: true
|
|
revoked:
|
|
type: boolean
|
|
required:
|
|
- id_token
|
|
- is_expired
|
|
- pk
|
|
- provider
|
|
- scope
|
|
- user
|
|
TokenRequest:
|
|
type: object
|
|
description: Token Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
intent:
|
|
$ref: '#/components/schemas/IntentEnum'
|
|
user:
|
|
type: integer
|
|
description:
|
|
type: string
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
expiring:
|
|
type: boolean
|
|
required:
|
|
- identifier
|
|
TokenSetKeyRequest:
|
|
type: object
|
|
properties:
|
|
key:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- key
|
|
TokenView:
|
|
type: object
|
|
description: Show token's current key
|
|
properties:
|
|
key:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- key
|
|
TransactionApplicationRequest:
|
|
type: object
|
|
description: Serializer for creating a provider and an application in one transaction
|
|
properties:
|
|
app:
|
|
$ref: '#/components/schemas/ApplicationRequest'
|
|
provider_model:
|
|
$ref: '#/components/schemas/ProviderModelEnum'
|
|
provider:
|
|
$ref: '#/components/schemas/modelRequest'
|
|
required:
|
|
- app
|
|
- provider
|
|
- provider_model
|
|
TransactionApplicationResponse:
|
|
type: object
|
|
description: Transactional creation response
|
|
properties:
|
|
applied:
|
|
type: boolean
|
|
logs:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- applied
|
|
- logs
|
|
TypeCreate:
|
|
type: object
|
|
description: Types of an object that can be created
|
|
properties:
|
|
name:
|
|
type: string
|
|
description:
|
|
type: string
|
|
component:
|
|
type: string
|
|
model_name:
|
|
type: string
|
|
required:
|
|
- component
|
|
- description
|
|
- model_name
|
|
- name
|
|
UiThemeEnum:
|
|
enum:
|
|
- automatic
|
|
- light
|
|
- dark
|
|
type: string
|
|
description: |-
|
|
* `automatic` - Automatic
|
|
* `light` - Light
|
|
* `dark` - Dark
|
|
UsedBy:
|
|
type: object
|
|
description: A list of all objects referencing the queried object
|
|
properties:
|
|
app:
|
|
type: string
|
|
model_name:
|
|
type: string
|
|
pk:
|
|
type: string
|
|
name:
|
|
type: string
|
|
action:
|
|
$ref: '#/components/schemas/UsedByActionEnum'
|
|
required:
|
|
- action
|
|
- app
|
|
- model_name
|
|
- name
|
|
- pk
|
|
UsedByActionEnum:
|
|
enum:
|
|
- CASCADE
|
|
- CASCADE_MANY
|
|
- SET_NULL
|
|
- SET_DEFAULT
|
|
type: string
|
|
description: |-
|
|
* `CASCADE` - CASCADE
|
|
* `CASCADE_MANY` - CASCADE_MANY
|
|
* `SET_NULL` - SET_NULL
|
|
* `SET_DEFAULT` - SET_DEFAULT
|
|
User:
|
|
type: object
|
|
description: User Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
username:
|
|
type: string
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
is_superuser:
|
|
type: boolean
|
|
readOnly: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
groups_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserGroup'
|
|
readOnly: true
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
avatar:
|
|
type: string
|
|
readOnly: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
path:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
required:
|
|
- avatar
|
|
- groups_obj
|
|
- is_superuser
|
|
- name
|
|
- pk
|
|
- uid
|
|
- username
|
|
- uuid
|
|
UserAccountRequest:
|
|
type: object
|
|
description: Account adding/removing operations
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
required:
|
|
- pk
|
|
UserAssignedObjectPermission:
|
|
type: object
|
|
description: Users assigned object permission serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
username:
|
|
type: string
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
pattern: ^[\w.@+-]+$
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserObjectPermission'
|
|
is_superuser:
|
|
type: boolean
|
|
required:
|
|
- is_superuser
|
|
- name
|
|
- permissions
|
|
- pk
|
|
- uid
|
|
- username
|
|
UserConsent:
|
|
type: object
|
|
description: UserConsent Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
user:
|
|
$ref: '#/components/schemas/User'
|
|
application:
|
|
$ref: '#/components/schemas/Application'
|
|
permissions:
|
|
type: string
|
|
default: ''
|
|
required:
|
|
- application
|
|
- pk
|
|
- user
|
|
UserCreationModeEnum:
|
|
enum:
|
|
- never_create
|
|
- create_when_required
|
|
- always_create
|
|
type: string
|
|
description: |-
|
|
* `never_create` - Never Create
|
|
* `create_when_required` - Create When Required
|
|
* `always_create` - Always Create
|
|
UserDeleteStage:
|
|
type: object
|
|
description: UserDeleteStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserDeleteStageRequest:
|
|
type: object
|
|
description: UserDeleteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
required:
|
|
- name
|
|
UserFieldsEnum:
|
|
enum:
|
|
- email
|
|
- username
|
|
- upn
|
|
type: string
|
|
description: |-
|
|
* `email` - E Mail
|
|
* `username` - Username
|
|
* `upn` - Upn
|
|
UserGroup:
|
|
type: object
|
|
description: Simplified Group Serializer for user's groups
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Group uuid
|
|
num_pk:
|
|
type: integer
|
|
description: Get a numerical, int32 ID for the group
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
maxLength: 80
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
parent:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
parent_name:
|
|
type: string
|
|
readOnly: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
- num_pk
|
|
- parent_name
|
|
- pk
|
|
UserGroupRequest:
|
|
type: object
|
|
description: Simplified Group Serializer for user's groups
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 80
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
parent:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
UserLoginChallenge:
|
|
type: object
|
|
description: Empty challenge
|
|
properties:
|
|
type:
|
|
$ref: '#/components/schemas/ChallengeChoices'
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-user-login
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- type
|
|
UserLoginChallengeResponseRequest:
|
|
type: object
|
|
description: User login challenge
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-user-login
|
|
remember_me:
|
|
type: boolean
|
|
required:
|
|
- remember_me
|
|
UserLoginStage:
|
|
type: object
|
|
description: UserLoginStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
session_duration:
|
|
type: string
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
terminate_other_sessions:
|
|
type: boolean
|
|
description: Terminate all other sessions of the user logging in.
|
|
remember_me_offset:
|
|
type: string
|
|
description: 'Offset the session will be extended by when the user picks
|
|
the remember me option. Default of 0 means that the remember me option
|
|
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserLoginStageRequest:
|
|
type: object
|
|
description: UserLoginStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
session_duration:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
terminate_other_sessions:
|
|
type: boolean
|
|
description: Terminate all other sessions of the user logging in.
|
|
remember_me_offset:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Offset the session will be extended by when the user picks
|
|
the remember me option. Default of 0 means that the remember me option
|
|
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
required:
|
|
- name
|
|
UserLogoutStage:
|
|
type: object
|
|
description: UserLogoutStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserLogoutStageRequest:
|
|
type: object
|
|
description: UserLogoutStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
required:
|
|
- name
|
|
UserMatchingModeEnum:
|
|
enum:
|
|
- identifier
|
|
- email_link
|
|
- email_deny
|
|
- username_link
|
|
- username_deny
|
|
type: string
|
|
description: |-
|
|
* `identifier` - Use the source-specific identifier
|
|
* `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
|
|
* `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
|
|
* `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
|
|
* `username_deny` - Use the user's username, but deny enrollment when the username already exists.
|
|
UserMetrics:
|
|
type: object
|
|
description: User Metrics
|
|
properties:
|
|
logins:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Coordinate'
|
|
readOnly: true
|
|
logins_failed:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Coordinate'
|
|
readOnly: true
|
|
authorizations:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Coordinate'
|
|
readOnly: true
|
|
required:
|
|
- authorizations
|
|
- logins
|
|
- logins_failed
|
|
UserOAuthSourceConnection:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
maxLength: 255
|
|
required:
|
|
- identifier
|
|
- pk
|
|
- source
|
|
- user
|
|
UserOAuthSourceConnectionRequest:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
user:
|
|
type: integer
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
access_token:
|
|
type: string
|
|
writeOnly: true
|
|
nullable: true
|
|
required:
|
|
- identifier
|
|
- user
|
|
UserObjectPermission:
|
|
type: object
|
|
description: User-bound object level permission
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
codename:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
object_pk:
|
|
type: string
|
|
title: Object ID
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- codename
|
|
- id
|
|
- model
|
|
- name
|
|
- object_pk
|
|
UserPasswordSetRequest:
|
|
type: object
|
|
properties:
|
|
password:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- password
|
|
UserPath:
|
|
type: object
|
|
properties:
|
|
paths:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- paths
|
|
UserRequest:
|
|
type: object
|
|
description: User Serializer
|
|
properties:
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
path:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
required:
|
|
- name
|
|
- username
|
|
UserSAMLSourceConnection:
|
|
type: object
|
|
description: SAML Source Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
required:
|
|
- identifier
|
|
- pk
|
|
- source
|
|
- user
|
|
UserSAMLSourceConnectionRequest:
|
|
type: object
|
|
description: SAML Source Serializer
|
|
properties:
|
|
user:
|
|
type: integer
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- user
|
|
UserSelf:
|
|
type: object
|
|
description: User Serializer for information a user can retrieve about themselves
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
username:
|
|
type: string
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
pattern: ^[\w.@+-]+$
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
readOnly: true
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
is_superuser:
|
|
type: boolean
|
|
readOnly: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSelfGroups'
|
|
readOnly: true
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
avatar:
|
|
type: string
|
|
readOnly: true
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Get user settings with brand and group settings applied
|
|
readOnly: true
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
system_permissions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: Get all system permissions assigned to the user
|
|
readOnly: true
|
|
required:
|
|
- avatar
|
|
- groups
|
|
- is_active
|
|
- is_superuser
|
|
- name
|
|
- pk
|
|
- settings
|
|
- system_permissions
|
|
- uid
|
|
- username
|
|
UserSelfGroups:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
pk:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
UserServiceAccountRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
create_group:
|
|
type: boolean
|
|
default: false
|
|
expiring:
|
|
type: boolean
|
|
default: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
description: If not provided, valid for 360 days
|
|
required:
|
|
- name
|
|
UserServiceAccountResponse:
|
|
type: object
|
|
properties:
|
|
username:
|
|
type: string
|
|
token:
|
|
type: string
|
|
user_uid:
|
|
type: string
|
|
user_pk:
|
|
type: integer
|
|
group_pk:
|
|
type: string
|
|
required:
|
|
- token
|
|
- user_pk
|
|
- user_uid
|
|
- username
|
|
UserSetting:
|
|
type: object
|
|
description: Serializer for User settings for stages and sources
|
|
properties:
|
|
object_uid:
|
|
type: string
|
|
component:
|
|
type: string
|
|
title:
|
|
type: string
|
|
configure_url:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
required:
|
|
- component
|
|
- object_uid
|
|
- title
|
|
UserSourceConnection:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
readOnly: true
|
|
source:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- pk
|
|
- source
|
|
- user
|
|
UserTypeEnum:
|
|
enum:
|
|
- internal
|
|
- external
|
|
- service_account
|
|
- internal_service_account
|
|
type: string
|
|
description: |-
|
|
* `internal` - Internal
|
|
* `external` - External
|
|
* `service_account` - Service Account
|
|
* `internal_service_account` - Internal Service Account
|
|
UserVerificationEnum:
|
|
enum:
|
|
- required
|
|
- preferred
|
|
- discouraged
|
|
type: string
|
|
description: |-
|
|
* `required` - Required
|
|
* `preferred` - Preferred
|
|
* `discouraged` - Discouraged
|
|
UserWriteStage:
|
|
type: object
|
|
description: UserWriteStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
user_creation_mode:
|
|
$ref: '#/components/schemas/UserCreationModeEnum'
|
|
create_users_as_inactive:
|
|
type: boolean
|
|
description: When set, newly created users are inactive and cannot login.
|
|
create_users_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally add newly created users to this group.
|
|
user_type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
user_path_template:
|
|
type: string
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserWriteStageRequest:
|
|
type: object
|
|
description: UserWriteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSetRequest'
|
|
user_creation_mode:
|
|
$ref: '#/components/schemas/UserCreationModeEnum'
|
|
create_users_as_inactive:
|
|
type: boolean
|
|
description: When set, newly created users are inactive and cannot login.
|
|
create_users_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally add newly created users to this group.
|
|
user_type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
user_path_template:
|
|
type: string
|
|
required:
|
|
- name
|
|
ValidationError:
|
|
type: object
|
|
description: Validation Error
|
|
properties:
|
|
non_field_errors:
|
|
type: array
|
|
items:
|
|
type: string
|
|
code:
|
|
type: string
|
|
additionalProperties: {}
|
|
Version:
|
|
type: object
|
|
description: Get running and latest version.
|
|
properties:
|
|
version_current:
|
|
type: string
|
|
description: Get current version
|
|
readOnly: true
|
|
version_latest:
|
|
type: string
|
|
description: Get latest version from cache
|
|
readOnly: true
|
|
build_hash:
|
|
type: string
|
|
description: Get build hash, if version is not latest or released
|
|
readOnly: true
|
|
outdated:
|
|
type: boolean
|
|
description: Check if we're running the latest version
|
|
readOnly: true
|
|
required:
|
|
- build_hash
|
|
- outdated
|
|
- version_current
|
|
- version_latest
|
|
WebAuthnDevice:
|
|
type: object
|
|
description: Serializer for WebAuthn authenticator devices
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
maxLength: 200
|
|
created_on:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created_on
|
|
- name
|
|
- pk
|
|
WebAuthnDeviceRequest:
|
|
type: object
|
|
description: Serializer for WebAuthn authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 200
|
|
required:
|
|
- name
|
|
Workers:
|
|
type: object
|
|
properties:
|
|
count:
|
|
type: integer
|
|
required:
|
|
- count
|
|
modelRequest:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/LDAPProviderRequest'
|
|
- $ref: '#/components/schemas/OAuth2ProviderRequest'
|
|
- $ref: '#/components/schemas/ProxyProviderRequest'
|
|
- $ref: '#/components/schemas/RadiusProviderRequest'
|
|
- $ref: '#/components/schemas/SAMLProviderRequest'
|
|
- $ref: '#/components/schemas/SCIMProviderRequest'
|
|
discriminator:
|
|
propertyName: provider_model
|
|
mapping:
|
|
authentik_providers_ldap.ldapprovider: '#/components/schemas/LDAPProviderRequest'
|
|
authentik_providers_oauth2.oauth2provider: '#/components/schemas/OAuth2ProviderRequest'
|
|
authentik_providers_proxy.proxyprovider: '#/components/schemas/ProxyProviderRequest'
|
|
authentik_providers_radius.radiusprovider: '#/components/schemas/RadiusProviderRequest'
|
|
authentik_providers_saml.samlprovider: '#/components/schemas/SAMLProviderRequest'
|
|
authentik_providers_scim.scimprovider: '#/components/schemas/SCIMProviderRequest'
|
|
securitySchemes:
|
|
authentik:
|
|
type: apiKey
|
|
in: header
|
|
name: Authorization
|
|
scheme: bearer
|
|
servers:
|
|
- url: /api/v3/
|