1308 lines
29 KiB
Markdown
1308 lines
29 KiB
Markdown
---
|
|
title: Release 2023.3 - SCIM support
|
|
slug: "/releases/2023.3"
|
|
---
|
|
|
|
## New features
|
|
|
|
- SCIM support
|
|
|
|
:::info
|
|
This feature is still in technical preview, so please report any Bugs you run into on [GitHub](https://github.com/goauthentik/authentik/issues).
|
|
:::
|
|
|
|
authentik can now provision users from other IT systems via the SCIM (System for Cross-domain Identity Management) protocol. The provider synchronizes Users, Groups and the user membership. Objects are synced both when they are saved and based on a pre-defined schedule in the background.
|
|
|
|
- Theming improvements
|
|
|
|
- The custom.css file is now loaded in ShadowDOMs, allowing for much greater customization, as previously it was only possible to style elements outside of the ShadowDOM. See docs for [Flow](../../interfaces/flow/customization.mdx), [User](../../interfaces/user/customization.mdx) and [Admin](../../interfaces/admin/customization.mdx) interfaces.
|
|
- Previously, authentik would automatically switch between dark and light theme based on the users' browsers' settings. This can now be overridden to either force the light or dark theme, per user/group/tenant. See docs for [Flow](../../interfaces/flow/customization.mdx), [User](../../interfaces/user/customization.mdx) and [Admin](../../interfaces/admin/customization.mdx) interfaces.
|
|
|
|
## Upgrading
|
|
|
|
This release does not introduce any new requirements.
|
|
|
|
### docker-compose
|
|
|
|
Download the `docker-compose.yml` file for 2023.3 from [here](https://goauthentik.io/version/2023.3/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.
|
|
|
|
### Kubernetes
|
|
|
|
Update your values to use the new images:
|
|
|
|
```yaml
|
|
image:
|
|
repository: ghcr.io/goauthentik/server
|
|
tag: 2023.3.0
|
|
```
|
|
|
|
## Minor changes/fixes included in release 2023.3
|
|
|
|
- \*: add additional Prometheus metrics, remove unusable high entropy metrics
|
|
- blueprints: improve error handling in example flow
|
|
- core: Add `resolve_dns` and `reverse_dns` functions to evaluator (#4769)
|
|
- core: bootstrap email (#4788)
|
|
- core: enforce unique on names where it makes sense (#4866)
|
|
- core: fix bug causing whitespace-only names to raise exception when generating avatars (#4746)
|
|
- core: fix error when creating token without request in context
|
|
- core: improve service account creation (#4751)
|
|
- events: fix m2m_change events not being logged
|
|
- flows: change default flow stage binding settings (#4784)
|
|
- flows: planner error handling (#4812)
|
|
- internal: fix crash when port 9000 is in use (#4863)
|
|
- providers: SCIM (#4835)
|
|
- providers/ldap: improve compatibility with LDAP clients (#4750)
|
|
- providers/ldap: making LDAP compatible with Synology (#4694)
|
|
- providers/oauth2: fix missing information for revoked token access events
|
|
- providers/oauth2: OpenID conformance (#4758)
|
|
- providers/proxy: ensure issuer is correct when browser URL override is set
|
|
- providers/proxy: strip scheme when comparing redirect URL
|
|
- providers/scim: add option to filter out service accounts, parent group (#4862)
|
|
- providers/scim: customizable externalId, document behavior (#4868)
|
|
- sources/ldap: improve error handling for password complexity (#4780)
|
|
- sources/oauth: fix not all token errors being logged with response
|
|
- sources/plex: fix check_token error unusable if token is empty (#4834)
|
|
- stages/authenticator_sms: fix twilio sending (#4829)
|
|
- stages/user_login: add option to terminate other sessions (#4754)
|
|
- tests/e2e: use example blueprints for testing (#4805)
|
|
- web: fetch custom.css via fetch and add stylesheet (#4804)
|
|
- web: toggle dark/light theme manually (#4876)
|
|
- web/admin: fix chart display with no sources (#4782)
|
|
- web/admin: fix issue with wizard's Next button incorrectly disabled when radio button is already selected (#4821)
|
|
- web/admin: workaround for tenant certificate selection being cut off (#4820)
|
|
- web/elements: add loading spinner for charts, render middle text with CSS
|
|
- web/elements: fix center text not scrolling with container (#4853)
|
|
- web/flows: fix fa:// icons in sources not shown correctly
|
|
- web/user: fix source connections not being filtered (#4778)
|
|
|
|
## API Changes
|
|
|
|
#### What's New
|
|
|
|
---
|
|
|
|
##### `GET` /propertymappings/scim/
|
|
|
|
##### `POST` /propertymappings/scim/
|
|
|
|
##### `GET` /propertymappings/scim/{pm_uuid}/
|
|
|
|
##### `PUT` /propertymappings/scim/{pm_uuid}/
|
|
|
|
##### `DELETE` /propertymappings/scim/{pm_uuid}/
|
|
|
|
##### `PATCH` /propertymappings/scim/{pm_uuid}/
|
|
|
|
##### `GET` /propertymappings/scim/{pm_uuid}/used_by/
|
|
|
|
##### `GET` /providers/scim/
|
|
|
|
##### `POST` /providers/scim/
|
|
|
|
##### `GET` /providers/scim/{id}/
|
|
|
|
##### `PUT` /providers/scim/{id}/
|
|
|
|
##### `DELETE` /providers/scim/{id}/
|
|
|
|
##### `PATCH` /providers/scim/{id}/
|
|
|
|
##### `GET` /providers/scim/{id}/sync_status/
|
|
|
|
##### `GET` /providers/scim/{id}/used_by/
|
|
|
|
#### What's Changed
|
|
|
|
---
|
|
|
|
##### `POST` /core/users/service_account/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
- Added property `expiring` (boolean)
|
|
|
|
- Added property `expires` (string)
|
|
> If not provided, valid for 360 days
|
|
|
|
##### `GET` /policies/event_matcher/{policy_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `app` (string)
|
|
|
|
> Match events created by selected application. When left empty, all applications are matched.
|
|
|
|
Added enum value:
|
|
|
|
- `authentik.providers.scim`
|
|
|
|
##### `PUT` /policies/event_matcher/{policy_uuid}/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
- Changed property `app` (string)
|
|
|
|
> Match events created by selected application. When left empty, all applications are matched.
|
|
|
|
Added enum value:
|
|
|
|
- `authentik.providers.scim`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `app` (string)
|
|
|
|
> Match events created by selected application. When left empty, all applications are matched.
|
|
|
|
Added enum value:
|
|
|
|
- `authentik.providers.scim`
|
|
|
|
##### `PATCH` /policies/event_matcher/{policy_uuid}/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
- Changed property `app` (string)
|
|
|
|
> Match events created by selected application. When left empty, all applications are matched.
|
|
|
|
Added enum value:
|
|
|
|
- `authentik.providers.scim`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `app` (string)
|
|
|
|
> Match events created by selected application. When left empty, all applications are matched.
|
|
|
|
Added enum value:
|
|
|
|
- `authentik.providers.scim`
|
|
|
|
##### `GET` /providers/oauth2/{id}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `PUT` /providers/oauth2/{id}/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `PATCH` /providers/oauth2/{id}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /providers/proxy/{id}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `PUT` /providers/proxy/{id}/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `PATCH` /providers/proxy/{id}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /core/groups/{group_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `PUT` /core/groups/{group_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `PATCH` /core/groups/{group_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `GET` /core/tenants/current/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New required properties:
|
|
|
|
- `ui_theme`
|
|
|
|
* Added property `ui_theme` (object)
|
|
|
|
Enum values:
|
|
|
|
- `automatic`
|
|
- `light`
|
|
- `dark`
|
|
|
|
##### `GET` /events/rules/{pbm_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `group_obj` (object)
|
|
|
|
> Group Serializer
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `PUT` /events/rules/{pbm_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `group_obj` (object)
|
|
|
|
> Group Serializer
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `PATCH` /events/rules/{pbm_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `group_obj` (object)
|
|
|
|
> Group Serializer
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `GET` /policies/bindings/{policy_binding_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `group_obj` (object)
|
|
|
|
> Group Serializer
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `PUT` /policies/bindings/{policy_binding_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `group_obj` (object)
|
|
|
|
> Group Serializer
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `PATCH` /policies/bindings/{policy_binding_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `group_obj` (object)
|
|
|
|
> Group Serializer
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `POST` /policies/event_matcher/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
- Changed property `app` (string)
|
|
|
|
> Match events created by selected application. When left empty, all applications are matched.
|
|
|
|
Added enum value:
|
|
|
|
- `authentik.providers.scim`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **201 Created**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `app` (string)
|
|
|
|
> Match events created by selected application. When left empty, all applications are matched.
|
|
|
|
Added enum value:
|
|
|
|
- `authentik.providers.scim`
|
|
|
|
##### `GET` /policies/event_matcher/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > Event Matcher Policy Serializer
|
|
|
|
- Changed property `app` (string)
|
|
|
|
> Match events created by selected application. When left empty, all applications are matched.
|
|
|
|
Added enum value:
|
|
|
|
- `authentik.providers.scim`
|
|
|
|
##### `GET` /providers/ldap/{id}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `PUT` /providers/ldap/{id}/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `PATCH` /providers/ldap/{id}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `POST` /providers/oauth2/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **201 Created**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /providers/oauth2/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > OAuth2Provider Serializer
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `POST` /providers/proxy/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **201 Created**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /providers/proxy/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > ProxyProvider Serializer
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /providers/saml/{id}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `PUT` /providers/saml/{id}/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `PATCH` /providers/saml/{id}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /stages/invitation/invitations/{invite_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `created_by` (object)
|
|
|
|
> Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `PUT` /stages/invitation/invitations/{invite_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `created_by` (object)
|
|
|
|
> Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `PATCH` /stages/invitation/invitations/{invite_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `created_by` (object)
|
|
|
|
> Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `POST` /core/groups/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **201 Created**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `GET` /core/groups/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > Group Serializer
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `POST` /events/rules/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **201 Created**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `group_obj` (object)
|
|
|
|
> Group Serializer
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `GET` /events/rules/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > NotificationRule Serializer
|
|
|
|
- Changed property `group_obj` (object)
|
|
|
|
> Group Serializer
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `GET` /flows/bindings/{fsb_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `evaluate_on_plan` (boolean)
|
|
> Evaluate policies during the Flow planning process.
|
|
|
|
##### `PUT` /flows/bindings/{fsb_uuid}/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
- Changed property `evaluate_on_plan` (boolean)
|
|
> Evaluate policies during the Flow planning process.
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `evaluate_on_plan` (boolean)
|
|
> Evaluate policies during the Flow planning process.
|
|
|
|
##### `PATCH` /flows/bindings/{fsb_uuid}/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
- Changed property `evaluate_on_plan` (boolean)
|
|
> Evaluate policies during the Flow planning process.
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `evaluate_on_plan` (boolean)
|
|
> Evaluate policies during the Flow planning process.
|
|
|
|
##### `GET` /oauth2/access_tokens/{id}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `provider` (object)
|
|
|
|
> OAuth2Provider Serializer
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /oauth2/authorization_codes/{id}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `provider` (object)
|
|
|
|
> OAuth2Provider Serializer
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /oauth2/refresh_tokens/{id}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `provider` (object)
|
|
|
|
> OAuth2Provider Serializer
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `POST` /policies/bindings/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **201 Created**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `group_obj` (object)
|
|
|
|
> Group Serializer
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `GET` /policies/bindings/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > PolicyBinding Serializer
|
|
|
|
- Changed property `group_obj` (object)
|
|
|
|
> Group Serializer
|
|
|
|
- Changed property `users_obj` (array)
|
|
|
|
Changed items (object): > Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `POST` /providers/ldap/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **201 Created**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /providers/ldap/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > LDAPProvider Serializer
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `POST` /providers/saml/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **201 Created**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /providers/saml/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > SAMLProvider Serializer
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /sources/user_connections/all/
|
|
|
|
###### Parameters:
|
|
|
|
Added: `user` in `query`
|
|
|
|
##### `POST` /stages/invitation/invitations/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **201 Created**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `created_by` (object)
|
|
|
|
> Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `GET` /stages/invitation/invitations/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > Invitation Serializer
|
|
|
|
- Changed property `created_by` (object)
|
|
|
|
> Stripped down user serializer to show relevant users for groups
|
|
|
|
New optional properties:
|
|
|
|
- `avatar`
|
|
|
|
* Deleted property `avatar` (string)
|
|
|
|
##### `GET` /stages/user_login/{stage_uuid}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Added property `terminate_other_sessions` (boolean)
|
|
> Terminate all other sessions of the user logging in.
|
|
|
|
##### `PUT` /stages/user_login/{stage_uuid}/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
- Added property `terminate_other_sessions` (boolean)
|
|
> Terminate all other sessions of the user logging in.
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Added property `terminate_other_sessions` (boolean)
|
|
> Terminate all other sessions of the user logging in.
|
|
|
|
##### `PATCH` /stages/user_login/{stage_uuid}/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
- Added property `terminate_other_sessions` (boolean)
|
|
> Terminate all other sessions of the user logging in.
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Added property `terminate_other_sessions` (boolean)
|
|
> Terminate all other sessions of the user logging in.
|
|
|
|
##### `POST` /flows/bindings/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
- Changed property `evaluate_on_plan` (boolean)
|
|
> Evaluate policies during the Flow planning process.
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **201 Created**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `evaluate_on_plan` (boolean)
|
|
> Evaluate policies during the Flow planning process.
|
|
|
|
##### `GET` /flows/bindings/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > FlowStageBinding Serializer
|
|
|
|
- Changed property `evaluate_on_plan` (boolean)
|
|
> Evaluate policies during the Flow planning process.
|
|
|
|
##### `GET` /flows/inspector/{flow_slug}/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `plans` (array)
|
|
|
|
Changed items (object): > Serializer for an active FlowPlan
|
|
|
|
- Changed property `next_planned_stage` (object)
|
|
|
|
> FlowStageBinding Serializer
|
|
|
|
- Changed property `evaluate_on_plan` (boolean)
|
|
> Evaluate policies during the Flow planning process.
|
|
|
|
- Changed property `current_stage` (object)
|
|
|
|
> FlowStageBinding Serializer
|
|
|
|
- Changed property `evaluate_on_plan` (boolean)
|
|
> Evaluate policies during the Flow planning process.
|
|
|
|
##### `GET` /oauth2/access_tokens/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
|
|
|
|
- Changed property `provider` (object)
|
|
|
|
> OAuth2Provider Serializer
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /oauth2/authorization_codes/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant
|
|
|
|
- Changed property `provider` (object)
|
|
|
|
> OAuth2Provider Serializer
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `GET` /oauth2/refresh_tokens/
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > Serializer for BaseGrantModel and RefreshToken
|
|
|
|
- Changed property `provider` (object)
|
|
|
|
> OAuth2Provider Serializer
|
|
|
|
New optional properties:
|
|
|
|
- `authorization_flow`
|
|
|
|
##### `POST` /stages/user_login/
|
|
|
|
###### Request:
|
|
|
|
Changed content type : `application/json`
|
|
|
|
- Added property `terminate_other_sessions` (boolean)
|
|
> Terminate all other sessions of the user logging in.
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **201 Created**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Added property `terminate_other_sessions` (boolean)
|
|
> Terminate all other sessions of the user logging in.
|
|
|
|
##### `GET` /stages/user_login/
|
|
|
|
###### Parameters:
|
|
|
|
Added: `terminate_other_sessions` in `query`
|
|
|
|
###### Return Type:
|
|
|
|
Changed response : **200 OK**
|
|
|
|
- Changed content type : `application/json`
|
|
|
|
- Changed property `results` (array)
|
|
|
|
Changed items (object): > UserLoginStage Serializer
|
|
|
|
- Added property `terminate_other_sessions` (boolean)
|
|
> Terminate all other sessions of the user logging in.
|