authentik/website/docs/releases/2023/v2023.6.md

title	slug
Release 2023.6	/releases/2023.6

New features

• LDAP StartTLS support

  authentik's LDAP Provider now supports StartTLS in addition to supporting SSL. The StartTLS is a more modern method of encrypting LDAP traffic. With this added support, the LDAP Outpost can now support multiple certificates.

• LDAP Schema improvements

  In addition to the StartTLS support, the schema support in the LDAP provider has been drastically overhauled. This will improve support with applications and clients relying on the schema to parse data received. Additionally, the base DN is no longer required to be set when binding, as the outpost now finds the correct provider based on the bind DN.

• Event matcher policy can now match on individual models

  Previously the Event matcher policy was only able to match on event actions, client IPs and apps, which made it a requirement to use expression policies to match only on certain model actions.

Upgrading

This release does not introduce any new requirements.

docker-compose

To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands:

wget -O docker-compose.yml https://goauthentik.io/version/2023.6/docker-compose.yml
docker-compose up -d

The -O flag retains the downloaded file's name, overwriting any existing local file with the same name.

Kubernetes

Update your values to use the new images:

image:
    repository: ghcr.io/goauthentik/server
    tag: 2023.6.0

Minor changes/fixes

• *: use dataclass slots wherever applicable (#6005)
• blueprints: allow setting user's passwords from blueprints (#5797)
• blueprints: fix API validation with OCI blueprint path (#5822)
• blueprints: fix check for file path not being run on worker (#5703)
• blueprints: support custom ports for OCI blueprints (#5727)
• core: make groups field for user optional (#5702)
• core: prevent selecting a group as a parent of itself (#6016)
• events: fix ak_create_event using wrong request for event creation (#5731)
• lifecycle: Add depends_on for worker and server container (#5634)
• outposts/ldap: fix race condition when refreshing the provider
• outposts: fix missing radius outpost controller (#5730)
• policies/event_matcher: add model filter (#5802)
• policies/event_matcher: change empty values to null (#6032)
• providers/ldap: add StartTLS support (#5861)
• providers/ldap: fix LDAP Outpost application selection (#5812)
• providers/ldap: fix Outpost provider listing excluding backchannel providers (#5933)
• providers/ldap: improve password totp detection (#6006)
• providers/ldap: rework Schema and DSE (#5838)
• providers/oauth2: correctly advertise code_challenge_methods_supported (#6007)
• providers/oauth2: launch url: if URL parsing fails, return no launch URL (#5918)
• providers/proxy: add support for traefik.io API and CRD (#5801)
• security: cure53 fix (#6039)
• sources/ldap: add support for cert based auth (#5850)
• sources/ldap: fix duplicate bind when authenticating user directly to… (#5927)
• sources/ldap: include UnwillingToPerformError as possible exception (#6031)
• sources/saml: separate verification cert (#5699)
• web/admin: fix codemirror not working on safari (#5943)
• web/admin: theme adjustments (#5944)
• web/flows: fix RedirectStage not detecting absolute URLs correctly (#5781)
• web/user: fix MFA enroll dropdown broken when password stage has no configuration flow (#5744)
• web/user: fix broken search on application library (#5743)
• web/user: fix search input styling (#5745)
• web/user: refactor LibraryPage for testing, add CTA (#5665)
• web: Replace lingui.js with lit-localize (#5761)

API Changes

What's New

---

GET /admin/models/

What's Changed

---

GET /crypto/certificatekeypairs/{kp_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • managed
  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

PUT /crypto/certificatekeypairs/{kp_uuid}/

Request:

Changed content type : application/json

• Deleted property managed (string)

  Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • managed
  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

PATCH /crypto/certificatekeypairs/{kp_uuid}/

Request:

Changed content type : application/json

• Deleted property managed (string)

  Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • managed
  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

POST /crypto/certificatekeypairs/generate/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • managed
  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /policies/event_matcher/{policy_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property model (object)

    Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

    • authentik_crypto.certificatekeypair - Certificate-Key Pair
    • authentik_events.event - Event
    • authentik_events.notificationtransport - Notification Transport
    • authentik_events.notification - Notification
    • authentik_events.notificationrule - Notification Rule
    • authentik_events.notificationwebhookmapping - Webhook Mapping
    • authentik_flows.flow - Flow
    • authentik_flows.flowstagebinding - Flow Stage Binding
    • authentik_outposts.dockerserviceconnection - Docker Service-Connection
    • authentik_outposts.kubernetesserviceconnection - Kubernetes Service-Connection
    • authentik_outposts.outpost - outpost
    • authentik_policies_dummy.dummypolicy - Dummy Policy
    • authentik_policies_event_matcher.eventmatcherpolicy - Event Matcher Policy
    • authentik_policies_expiry.passwordexpirypolicy - Password Expiry Policy
    • authentik_policies_expression.expressionpolicy - Expression Policy
    • authentik_policies_password.passwordpolicy - Password Policy
    • authentik_policies_reputation.reputationpolicy - Reputation Policy
    • authentik_policies_reputation.reputation - reputation
    • authentik_policies.policybinding - Policy Binding
    • authentik_providers_ldap.ldapprovider - LDAP Provider
    • authentik_providers_oauth2.scopemapping - Scope Mapping
    • authentik_providers_oauth2.oauth2provider - OAuth2/OpenID Provider
    • authentik_providers_oauth2.authorizationcode - Authorization Code
    • authentik_providers_oauth2.accesstoken - OAuth2 Access Token
    • authentik_providers_oauth2.refreshtoken - OAuth2 Refresh Token
    • authentik_providers_proxy.proxyprovider - Proxy Provider
    • authentik_providers_radius.radiusprovider - Radius Provider
    • authentik_providers_saml.samlprovider - SAML Provider
    • authentik_providers_saml.samlpropertymapping - SAML Property Mapping
    • authentik_providers_scim.scimprovider - SCIM Provider
    • authentik_providers_scim.scimmapping - SCIM Mapping
    • authentik_sources_ldap.ldapsource - LDAP Source
    • authentik_sources_ldap.ldappropertymapping - LDAP Property Mapping
    • authentik_sources_oauth.oauthsource - OAuth Source
    • authentik_sources_oauth.useroauthsourceconnection - User OAuth Source Connection
    • authentik_sources_plex.plexsource - Plex Source
    • authentik_sources_plex.plexsourceconnection - User Plex Source Connection
    • authentik_sources_saml.samlsource - SAML Source
    • authentik_sources_saml.usersamlsourceconnection - User SAML Source Connection
    • authentik_stages_authenticator_duo.authenticatorduostage - Duo Authenticator Setup Stage
    • authentik_stages_authenticator_duo.duodevice - Duo Device
    • authentik_stages_authenticator_sms.authenticatorsmsstage - SMS Authenticator Setup Stage
    • authentik_stages_authenticator_sms.smsdevice - SMS Device
    • authentik_stages_authenticator_static.authenticatorstaticstage - Static Authenticator Stage
    • authentik_stages_authenticator_totp.authenticatortotpstage - TOTP Authenticator Setup Stage
    • authentik_stages_authenticator_validate.authenticatorvalidatestage - Authenticator Validation Stage
    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage - WebAuthn Authenticator Setup Stage
    • authentik_stages_authenticator_webauthn.webauthndevice - WebAuthn Device
    • authentik_stages_captcha.captchastage - Captcha Stage
    • authentik_stages_consent.consentstage - Consent Stage
    • authentik_stages_consent.userconsent - User Consent
    • authentik_stages_deny.denystage - Deny Stage
    • authentik_stages_dummy.dummystage - Dummy Stage
    • authentik_stages_email.emailstage - Email Stage
    • authentik_stages_identification.identificationstage - Identification Stage
    • authentik_stages_invitation.invitationstage - Invitation Stage
    • authentik_stages_invitation.invitation - Invitation
    • authentik_stages_password.passwordstage - Password Stage
    • authentik_stages_prompt.prompt - Prompt
    • authentik_stages_prompt.promptstage - Prompt Stage
    • authentik_stages_user_delete.userdeletestage - User Delete Stage
    • authentik_stages_user_login.userloginstage - User Login Stage
    • authentik_stages_user_logout.userlogoutstage - User Logout Stage
    • authentik_stages_user_write.userwritestage - User Write Stage
    • authentik_tenants.tenant - Tenant
    • authentik_blueprints.blueprintinstance - Blueprint Instance
    • authentik_core.group - group
    • authentik_core.user - User
    • authentik_core.application - Application
    • authentik_core.token - Token

    Enum values:

    • authentik_crypto.certificatekeypair
    • authentik_events.event
    • authentik_events.notificationtransport
    • authentik_events.notification
    • authentik_events.notificationrule
    • authentik_events.notificationwebhookmapping
    • authentik_flows.flow
    • authentik_flows.flowstagebinding
    • authentik_outposts.dockerserviceconnection
    • authentik_outposts.kubernetesserviceconnection
    • authentik_outposts.outpost
    • authentik_policies_dummy.dummypolicy
    • authentik_policies_event_matcher.eventmatcherpolicy
    • authentik_policies_expiry.passwordexpirypolicy
    • authentik_policies_expression.expressionpolicy
    • authentik_policies_password.passwordpolicy
    • authentik_policies_reputation.reputationpolicy
    • authentik_policies_reputation.reputation
    • authentik_policies.policybinding
    • authentik_providers_ldap.ldapprovider
    • authentik_providers_oauth2.scopemapping
    • authentik_providers_oauth2.oauth2provider
    • authentik_providers_oauth2.authorizationcode
    • authentik_providers_oauth2.accesstoken
    • authentik_providers_oauth2.refreshtoken
    • authentik_providers_proxy.proxyprovider
    • authentik_providers_radius.radiusprovider
    • authentik_providers_saml.samlprovider
    • authentik_providers_saml.samlpropertymapping
    • authentik_providers_scim.scimprovider
    • authentik_providers_scim.scimmapping
    • authentik_sources_ldap.ldapsource
    • authentik_sources_ldap.ldappropertymapping
    • authentik_sources_oauth.oauthsource
    • authentik_sources_oauth.useroauthsourceconnection
    • authentik_sources_plex.plexsource
    • authentik_sources_plex.plexsourceconnection
    • authentik_sources_saml.samlsource
    • authentik_sources_saml.usersamlsourceconnection
    • authentik_stages_authenticator_duo.authenticatorduostage
    • authentik_stages_authenticator_duo.duodevice
    • authentik_stages_authenticator_sms.authenticatorsmsstage
    • authentik_stages_authenticator_sms.smsdevice
    • authentik_stages_authenticator_static.authenticatorstaticstage
    • authentik_stages_authenticator_totp.authenticatortotpstage
    • authentik_stages_authenticator_validate.authenticatorvalidatestage
    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage
    • authentik_stages_authenticator_webauthn.webauthndevice
    • authentik_stages_captcha.captchastage
    • authentik_stages_consent.consentstage
    • authentik_stages_consent.userconsent
    • authentik_stages_deny.denystage
    • authentik_stages_dummy.dummystage
    • authentik_stages_email.emailstage
    • authentik_stages_identification.identificationstage
    • authentik_stages_invitation.invitationstage
    • authentik_stages_invitation.invitation
    • authentik_stages_password.passwordstage
    • authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage
    • authentik_stages_user_delete.userdeletestage
    • authentik_stages_user_login.userloginstage
    • authentik_stages_user_logout.userlogoutstage
    • authentik_stages_user_write.userwritestage
    • authentik_tenants.tenant
    • authentik_blueprints.blueprintinstance
    • authentik_core.group
    • authentik_core.user
    • authentik_core.application
    • authentik_core.token

  • Changed property app (string)

    • authentik.admin - authentik Admin
    • authentik.api - authentik API
    • authentik.crypto - authentik Crypto
    • authentik.events - authentik Events
    • authentik.flows - authentik Flows
    • authentik.lib - authentik lib
    • authentik.outposts - authentik Outpost
    • authentik.policies.dummy - authentik Policies.Dummy
    • authentik.policies.event_matcher - authentik Policies.Event Matcher
    • authentik.policies.expiry - authentik Policies.Expiry
    • authentik.policies.expression - authentik Policies.Expression
    • authentik.policies.password - authentik Policies.Password
    • authentik.policies.reputation - authentik Policies.Reputation
    • authentik.policies - authentik Policies
    • authentik.providers.ldap - authentik Providers.LDAP
    • authentik.providers.oauth2 - authentik Providers.OAuth2
    • authentik.providers.proxy - authentik Providers.Proxy
    • authentik.providers.radius - authentik Providers.Radius
    • authentik.providers.saml - authentik Providers.SAML
    • authentik.providers.scim - authentik Providers.SCIM
    • authentik.recovery - authentik Recovery
    • authentik.sources.ldap - authentik Sources.LDAP
    • authentik.sources.oauth - authentik Sources.OAuth
    • authentik.sources.plex - authentik Sources.Plex
    • authentik.sources.saml - authentik Sources.SAML
    • authentik.stages.authenticator_duo - authentik Stages.Authenticator.Duo
    • authentik.stages.authenticator_sms - authentik Stages.Authenticator.SMS
    • authentik.stages.authenticator_static - authentik Stages.Authenticator.Static
    • authentik.stages.authenticator_totp - authentik Stages.Authenticator.TOTP
    • authentik.stages.authenticator_validate - authentik Stages.Authenticator.Validate
    • authentik.stages.authenticator_webauthn - authentik Stages.Authenticator.WebAuthn
    • authentik.stages.captcha - authentik Stages.Captcha
    • authentik.stages.consent - authentik Stages.Consent
    • authentik.stages.deny - authentik Stages.Deny
    • authentik.stages.dummy - authentik Stages.Dummy
    • authentik.stages.email - authentik Stages.Email
    • authentik.stages.identification - authentik Stages.Identification
    • authentik.stages.invitation - authentik Stages.User Invitation
    • authentik.stages.password - authentik Stages.Password
    • authentik.stages.prompt - authentik Stages.Prompt
    • authentik.stages.user_delete - authentik Stages.User Delete
    • authentik.stages.user_login - authentik Stages.User Login
    • authentik.stages.user_logout - authentik Stages.User Logout
    • authentik.stages.user_write - authentik Stages.User Write
    • authentik.tenants - authentik Tenants
    • authentik.blueprints - authentik Blueprints
    • authentik.core - authentik Core
    • authentik.enterprise - authentik Enterprise

    Added enum value:

    • authentik.enterprise

PUT /policies/event_matcher/{policy_uuid}/

Request:

Changed content type : application/json

• Added property model (object)

  Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

  • authentik_crypto.certificatekeypair - Certificate-Key Pair
  • authentik_events.event - Event
  • authentik_events.notificationtransport - Notification Transport
  • authentik_events.notification - Notification
  • authentik_events.notificationrule - Notification Rule
  • authentik_events.notificationwebhookmapping - Webhook Mapping
  • authentik_flows.flow - Flow
  • authentik_flows.flowstagebinding - Flow Stage Binding
  • authentik_outposts.dockerserviceconnection - Docker Service-Connection
  • authentik_outposts.kubernetesserviceconnection - Kubernetes Service-Connection
  • authentik_outposts.outpost - outpost
  • authentik_policies_dummy.dummypolicy - Dummy Policy
  • authentik_policies_event_matcher.eventmatcherpolicy - Event Matcher Policy
  • authentik_policies_expiry.passwordexpirypolicy - Password Expiry Policy
  • authentik_policies_expression.expressionpolicy - Expression Policy
  • authentik_policies_password.passwordpolicy - Password Policy
  • authentik_policies_reputation.reputationpolicy - Reputation Policy
  • authentik_policies_reputation.reputation - reputation
  • authentik_policies.policybinding - Policy Binding
  • authentik_providers_ldap.ldapprovider - LDAP Provider
  • authentik_providers_oauth2.scopemapping - Scope Mapping
  • authentik_providers_oauth2.oauth2provider - OAuth2/OpenID Provider
  • authentik_providers_oauth2.authorizationcode - Authorization Code
  • authentik_providers_oauth2.accesstoken - OAuth2 Access Token
  • authentik_providers_oauth2.refreshtoken - OAuth2 Refresh Token
  • authentik_providers_proxy.proxyprovider - Proxy Provider
  • authentik_providers_radius.radiusprovider - Radius Provider
  • authentik_providers_saml.samlprovider - SAML Provider
  • authentik_providers_saml.samlpropertymapping - SAML Property Mapping
  • authentik_providers_scim.scimprovider - SCIM Provider
  • authentik_providers_scim.scimmapping - SCIM Mapping
  • authentik_sources_ldap.ldapsource - LDAP Source
  • authentik_sources_ldap.ldappropertymapping - LDAP Property Mapping
  • authentik_sources_oauth.oauthsource - OAuth Source
  • authentik_sources_oauth.useroauthsourceconnection - User OAuth Source Connection
  • authentik_sources_plex.plexsource - Plex Source
  • authentik_sources_plex.plexsourceconnection - User Plex Source Connection
  • authentik_sources_saml.samlsource - SAML Source
  • authentik_sources_saml.usersamlsourceconnection - User SAML Source Connection
  • authentik_stages_authenticator_duo.authenticatorduostage - Duo Authenticator Setup Stage
  • authentik_stages_authenticator_duo.duodevice - Duo Device
  • authentik_stages_authenticator_sms.authenticatorsmsstage - SMS Authenticator Setup Stage
  • authentik_stages_authenticator_sms.smsdevice - SMS Device
  • authentik_stages_authenticator_static.authenticatorstaticstage - Static Authenticator Stage
  • authentik_stages_authenticator_totp.authenticatortotpstage - TOTP Authenticator Setup Stage
  • authentik_stages_authenticator_validate.authenticatorvalidatestage - Authenticator Validation Stage
  • authentik_stages_authenticator_webauthn.authenticatewebauthnstage - WebAuthn Authenticator Setup Stage
  • authentik_stages_authenticator_webauthn.webauthndevice - WebAuthn Device
  • authentik_stages_captcha.captchastage - Captcha Stage
  • authentik_stages_consent.consentstage - Consent Stage
  • authentik_stages_consent.userconsent - User Consent
  • authentik_stages_deny.denystage - Deny Stage
  • authentik_stages_dummy.dummystage - Dummy Stage
  • authentik_stages_email.emailstage - Email Stage
  • authentik_stages_identification.identificationstage - Identification Stage
  • authentik_stages_invitation.invitationstage - Invitation Stage
  • authentik_stages_invitation.invitation - Invitation
  • authentik_stages_password.passwordstage - Password Stage
  • authentik_stages_prompt.prompt - Prompt
  • authentik_stages_prompt.promptstage - Prompt Stage
  • authentik_stages_user_delete.userdeletestage - User Delete Stage
  • authentik_stages_user_login.userloginstage - User Login Stage
  • authentik_stages_user_logout.userlogoutstage - User Logout Stage
  • authentik_stages_user_write.userwritestage - User Write Stage
  • authentik_tenants.tenant - Tenant
  • authentik_blueprints.blueprintinstance - Blueprint Instance
  • authentik_core.group - group
  • authentik_core.user - User
  • authentik_core.application - Application
  • authentik_core.token - Token

• Changed property app (string)

  • authentik.admin - authentik Admin
  • authentik.api - authentik API
  • authentik.crypto - authentik Crypto
  • authentik.events - authentik Events
  • authentik.flows - authentik Flows
  • authentik.lib - authentik lib
  • authentik.outposts - authentik Outpost
  • authentik.policies.dummy - authentik Policies.Dummy
  • authentik.policies.event_matcher - authentik Policies.Event Matcher
  • authentik.policies.expiry - authentik Policies.Expiry
  • authentik.policies.expression - authentik Policies.Expression
  • authentik.policies.password - authentik Policies.Password
  • authentik.policies.reputation - authentik Policies.Reputation
  • authentik.policies - authentik Policies
  • authentik.providers.ldap - authentik Providers.LDAP
  • authentik.providers.oauth2 - authentik Providers.OAuth2
  • authentik.providers.proxy - authentik Providers.Proxy
  • authentik.providers.radius - authentik Providers.Radius
  • authentik.providers.saml - authentik Providers.SAML
  • authentik.providers.scim - authentik Providers.SCIM
  • authentik.recovery - authentik Recovery
  • authentik.sources.ldap - authentik Sources.LDAP
  • authentik.sources.oauth - authentik Sources.OAuth
  • authentik.sources.plex - authentik Sources.Plex
  • authentik.sources.saml - authentik Sources.SAML
  • authentik.stages.authenticator_duo - authentik Stages.Authenticator.Duo
  • authentik.stages.authenticator_sms - authentik Stages.Authenticator.SMS
  • authentik.stages.authenticator_static - authentik Stages.Authenticator.Static
  • authentik.stages.authenticator_totp - authentik Stages.Authenticator.TOTP
  • authentik.stages.authenticator_validate - authentik Stages.Authenticator.Validate
  • authentik.stages.authenticator_webauthn - authentik Stages.Authenticator.WebAuthn
  • authentik.stages.captcha - authentik Stages.Captcha
  • authentik.stages.consent - authentik Stages.Consent
  • authentik.stages.deny - authentik Stages.Deny
  • authentik.stages.dummy - authentik Stages.Dummy
  • authentik.stages.email - authentik Stages.Email
  • authentik.stages.identification - authentik Stages.Identification
  • authentik.stages.invitation - authentik Stages.User Invitation
  • authentik.stages.password - authentik Stages.Password
  • authentik.stages.prompt - authentik Stages.Prompt
  • authentik.stages.user_delete - authentik Stages.User Delete
  • authentik.stages.user_login - authentik Stages.User Login
  • authentik.stages.user_logout - authentik Stages.User Logout
  • authentik.stages.user_write - authentik Stages.User Write
  • authentik.tenants - authentik Tenants
  • authentik.blueprints - authentik Blueprints
  • authentik.core - authentik Core
  • authentik.enterprise - authentik Enterprise

  Added enum value:

  • authentik.enterprise

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property model (object)

    Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

    • authentik_crypto.certificatekeypair - Certificate-Key Pair
    • authentik_events.event - Event
    • authentik_events.notificationtransport - Notification Transport
    • authentik_events.notification - Notification
    • authentik_events.notificationrule - Notification Rule
    • authentik_events.notificationwebhookmapping - Webhook Mapping
    • authentik_flows.flow - Flow
    • authentik_flows.flowstagebinding - Flow Stage Binding
    • authentik_outposts.dockerserviceconnection - Docker Service-Connection
    • authentik_outposts.kubernetesserviceconnection - Kubernetes Service-Connection
    • authentik_outposts.outpost - outpost
    • authentik_policies_dummy.dummypolicy - Dummy Policy
    • authentik_policies_event_matcher.eventmatcherpolicy - Event Matcher Policy
    • authentik_policies_expiry.passwordexpirypolicy - Password Expiry Policy
    • authentik_policies_expression.expressionpolicy - Expression Policy
    • authentik_policies_password.passwordpolicy - Password Policy
    • authentik_policies_reputation.reputationpolicy - Reputation Policy
    • authentik_policies_reputation.reputation - reputation
    • authentik_policies.policybinding - Policy Binding
    • authentik_providers_ldap.ldapprovider - LDAP Provider
    • authentik_providers_oauth2.scopemapping - Scope Mapping
    • authentik_providers_oauth2.oauth2provider - OAuth2/OpenID Provider
    • authentik_providers_oauth2.authorizationcode - Authorization Code
    • authentik_providers_oauth2.accesstoken - OAuth2 Access Token
    • authentik_providers_oauth2.refreshtoken - OAuth2 Refresh Token
    • authentik_providers_proxy.proxyprovider - Proxy Provider
    • authentik_providers_radius.radiusprovider - Radius Provider
    • authentik_providers_saml.samlprovider - SAML Provider
    • authentik_providers_saml.samlpropertymapping - SAML Property Mapping
    • authentik_providers_scim.scimprovider - SCIM Provider
    • authentik_providers_scim.scimmapping - SCIM Mapping
    • authentik_sources_ldap.ldapsource - LDAP Source
    • authentik_sources_ldap.ldappropertymapping - LDAP Property Mapping
    • authentik_sources_oauth.oauthsource - OAuth Source
    • authentik_sources_oauth.useroauthsourceconnection - User OAuth Source Connection
    • authentik_sources_plex.plexsource - Plex Source
    • authentik_sources_plex.plexsourceconnection - User Plex Source Connection
    • authentik_sources_saml.samlsource - SAML Source
    • authentik_sources_saml.usersamlsourceconnection - User SAML Source Connection
    • authentik_stages_authenticator_duo.authenticatorduostage - Duo Authenticator Setup Stage
    • authentik_stages_authenticator_duo.duodevice - Duo Device
    • authentik_stages_authenticator_sms.authenticatorsmsstage - SMS Authenticator Setup Stage
    • authentik_stages_authenticator_sms.smsdevice - SMS Device
    • authentik_stages_authenticator_static.authenticatorstaticstage - Static Authenticator Stage
    • authentik_stages_authenticator_totp.authenticatortotpstage - TOTP Authenticator Setup Stage
    • authentik_stages_authenticator_validate.authenticatorvalidatestage - Authenticator Validation Stage
    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage - WebAuthn Authenticator Setup Stage
    • authentik_stages_authenticator_webauthn.webauthndevice - WebAuthn Device
    • authentik_stages_captcha.captchastage - Captcha Stage
    • authentik_stages_consent.consentstage - Consent Stage
    • authentik_stages_consent.userconsent - User Consent
    • authentik_stages_deny.denystage - Deny Stage
    • authentik_stages_dummy.dummystage - Dummy Stage
    • authentik_stages_email.emailstage - Email Stage
    • authentik_stages_identification.identificationstage - Identification Stage
    • authentik_stages_invitation.invitationstage - Invitation Stage
    • authentik_stages_invitation.invitation - Invitation
    • authentik_stages_password.passwordstage - Password Stage
    • authentik_stages_prompt.prompt - Prompt
    • authentik_stages_prompt.promptstage - Prompt Stage
    • authentik_stages_user_delete.userdeletestage - User Delete Stage
    • authentik_stages_user_login.userloginstage - User Login Stage
    • authentik_stages_user_logout.userlogoutstage - User Logout Stage
    • authentik_stages_user_write.userwritestage - User Write Stage
    • authentik_tenants.tenant - Tenant
    • authentik_blueprints.blueprintinstance - Blueprint Instance
    • authentik_core.group - group
    • authentik_core.user - User
    • authentik_core.application - Application
    • authentik_core.token - Token

  • Changed property app (string)

    • authentik.admin - authentik Admin
    • authentik.api - authentik API
    • authentik.crypto - authentik Crypto
    • authentik.events - authentik Events
    • authentik.flows - authentik Flows
    • authentik.lib - authentik lib
    • authentik.outposts - authentik Outpost
    • authentik.policies.dummy - authentik Policies.Dummy
    • authentik.policies.event_matcher - authentik Policies.Event Matcher
    • authentik.policies.expiry - authentik Policies.Expiry
    • authentik.policies.expression - authentik Policies.Expression
    • authentik.policies.password - authentik Policies.Password
    • authentik.policies.reputation - authentik Policies.Reputation
    • authentik.policies - authentik Policies
    • authentik.providers.ldap - authentik Providers.LDAP
    • authentik.providers.oauth2 - authentik Providers.OAuth2
    • authentik.providers.proxy - authentik Providers.Proxy
    • authentik.providers.radius - authentik Providers.Radius
    • authentik.providers.saml - authentik Providers.SAML
    • authentik.providers.scim - authentik Providers.SCIM
    • authentik.recovery - authentik Recovery
    • authentik.sources.ldap - authentik Sources.LDAP
    • authentik.sources.oauth - authentik Sources.OAuth
    • authentik.sources.plex - authentik Sources.Plex
    • authentik.sources.saml - authentik Sources.SAML
    • authentik.stages.authenticator_duo - authentik Stages.Authenticator.Duo
    • authentik.stages.authenticator_sms - authentik Stages.Authenticator.SMS
    • authentik.stages.authenticator_static - authentik Stages.Authenticator.Static
    • authentik.stages.authenticator_totp - authentik Stages.Authenticator.TOTP
    • authentik.stages.authenticator_validate - authentik Stages.Authenticator.Validate
    • authentik.stages.authenticator_webauthn - authentik Stages.Authenticator.WebAuthn
    • authentik.stages.captcha - authentik Stages.Captcha
    • authentik.stages.consent - authentik Stages.Consent
    • authentik.stages.deny - authentik Stages.Deny
    • authentik.stages.dummy - authentik Stages.Dummy
    • authentik.stages.email - authentik Stages.Email
    • authentik.stages.identification - authentik Stages.Identification
    • authentik.stages.invitation - authentik Stages.User Invitation
    • authentik.stages.password - authentik Stages.Password
    • authentik.stages.prompt - authentik Stages.Prompt
    • authentik.stages.user_delete - authentik Stages.User Delete
    • authentik.stages.user_login - authentik Stages.User Login
    • authentik.stages.user_logout - authentik Stages.User Logout
    • authentik.stages.user_write - authentik Stages.User Write
    • authentik.tenants - authentik Tenants
    • authentik.blueprints - authentik Blueprints
    • authentik.core - authentik Core
    • authentik.enterprise - authentik Enterprise

    Added enum value:

    • authentik.enterprise

PATCH /policies/event_matcher/{policy_uuid}/

Request:

Changed content type : application/json

• Added property model (object)

  Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

  • authentik_crypto.certificatekeypair - Certificate-Key Pair
  • authentik_events.event - Event
  • authentik_events.notificationtransport - Notification Transport
  • authentik_events.notification - Notification
  • authentik_events.notificationrule - Notification Rule
  • authentik_events.notificationwebhookmapping - Webhook Mapping
  • authentik_flows.flow - Flow
  • authentik_flows.flowstagebinding - Flow Stage Binding
  • authentik_outposts.dockerserviceconnection - Docker Service-Connection
  • authentik_outposts.kubernetesserviceconnection - Kubernetes Service-Connection
  • authentik_outposts.outpost - outpost
  • authentik_policies_dummy.dummypolicy - Dummy Policy
  • authentik_policies_event_matcher.eventmatcherpolicy - Event Matcher Policy
  • authentik_policies_expiry.passwordexpirypolicy - Password Expiry Policy
  • authentik_policies_expression.expressionpolicy - Expression Policy
  • authentik_policies_password.passwordpolicy - Password Policy
  • authentik_policies_reputation.reputationpolicy - Reputation Policy
  • authentik_policies_reputation.reputation - reputation
  • authentik_policies.policybinding - Policy Binding
  • authentik_providers_ldap.ldapprovider - LDAP Provider
  • authentik_providers_oauth2.scopemapping - Scope Mapping
  • authentik_providers_oauth2.oauth2provider - OAuth2/OpenID Provider
  • authentik_providers_oauth2.authorizationcode - Authorization Code
  • authentik_providers_oauth2.accesstoken - OAuth2 Access Token
  • authentik_providers_oauth2.refreshtoken - OAuth2 Refresh Token
  • authentik_providers_proxy.proxyprovider - Proxy Provider
  • authentik_providers_radius.radiusprovider - Radius Provider
  • authentik_providers_saml.samlprovider - SAML Provider
  • authentik_providers_saml.samlpropertymapping - SAML Property Mapping
  • authentik_providers_scim.scimprovider - SCIM Provider
  • authentik_providers_scim.scimmapping - SCIM Mapping
  • authentik_sources_ldap.ldapsource - LDAP Source
  • authentik_sources_ldap.ldappropertymapping - LDAP Property Mapping
  • authentik_sources_oauth.oauthsource - OAuth Source
  • authentik_sources_oauth.useroauthsourceconnection - User OAuth Source Connection
  • authentik_sources_plex.plexsource - Plex Source
  • authentik_sources_plex.plexsourceconnection - User Plex Source Connection
  • authentik_sources_saml.samlsource - SAML Source
  • authentik_sources_saml.usersamlsourceconnection - User SAML Source Connection
  • authentik_stages_authenticator_duo.authenticatorduostage - Duo Authenticator Setup Stage
  • authentik_stages_authenticator_duo.duodevice - Duo Device
  • authentik_stages_authenticator_sms.authenticatorsmsstage - SMS Authenticator Setup Stage
  • authentik_stages_authenticator_sms.smsdevice - SMS Device
  • authentik_stages_authenticator_static.authenticatorstaticstage - Static Authenticator Stage
  • authentik_stages_authenticator_totp.authenticatortotpstage - TOTP Authenticator Setup Stage
  • authentik_stages_authenticator_validate.authenticatorvalidatestage - Authenticator Validation Stage
  • authentik_stages_authenticator_webauthn.authenticatewebauthnstage - WebAuthn Authenticator Setup Stage
  • authentik_stages_authenticator_webauthn.webauthndevice - WebAuthn Device
  • authentik_stages_captcha.captchastage - Captcha Stage
  • authentik_stages_consent.consentstage - Consent Stage
  • authentik_stages_consent.userconsent - User Consent
  • authentik_stages_deny.denystage - Deny Stage
  • authentik_stages_dummy.dummystage - Dummy Stage
  • authentik_stages_email.emailstage - Email Stage
  • authentik_stages_identification.identificationstage - Identification Stage
  • authentik_stages_invitation.invitationstage - Invitation Stage
  • authentik_stages_invitation.invitation - Invitation
  • authentik_stages_password.passwordstage - Password Stage
  • authentik_stages_prompt.prompt - Prompt
  • authentik_stages_prompt.promptstage - Prompt Stage
  • authentik_stages_user_delete.userdeletestage - User Delete Stage
  • authentik_stages_user_login.userloginstage - User Login Stage
  • authentik_stages_user_logout.userlogoutstage - User Logout Stage
  • authentik_stages_user_write.userwritestage - User Write Stage
  • authentik_tenants.tenant - Tenant
  • authentik_blueprints.blueprintinstance - Blueprint Instance
  • authentik_core.group - group
  • authentik_core.user - User
  • authentik_core.application - Application
  • authentik_core.token - Token

• Changed property app (string)

  • authentik.admin - authentik Admin
  • authentik.api - authentik API
  • authentik.crypto - authentik Crypto
  • authentik.events - authentik Events
  • authentik.flows - authentik Flows
  • authentik.lib - authentik lib
  • authentik.outposts - authentik Outpost
  • authentik.policies.dummy - authentik Policies.Dummy
  • authentik.policies.event_matcher - authentik Policies.Event Matcher
  • authentik.policies.expiry - authentik Policies.Expiry
  • authentik.policies.expression - authentik Policies.Expression
  • authentik.policies.password - authentik Policies.Password
  • authentik.policies.reputation - authentik Policies.Reputation
  • authentik.policies - authentik Policies
  • authentik.providers.ldap - authentik Providers.LDAP
  • authentik.providers.oauth2 - authentik Providers.OAuth2
  • authentik.providers.proxy - authentik Providers.Proxy
  • authentik.providers.radius - authentik Providers.Radius
  • authentik.providers.saml - authentik Providers.SAML
  • authentik.providers.scim - authentik Providers.SCIM
  • authentik.recovery - authentik Recovery
  • authentik.sources.ldap - authentik Sources.LDAP
  • authentik.sources.oauth - authentik Sources.OAuth
  • authentik.sources.plex - authentik Sources.Plex
  • authentik.sources.saml - authentik Sources.SAML
  • authentik.stages.authenticator_duo - authentik Stages.Authenticator.Duo
  • authentik.stages.authenticator_sms - authentik Stages.Authenticator.SMS
  • authentik.stages.authenticator_static - authentik Stages.Authenticator.Static
  • authentik.stages.authenticator_totp - authentik Stages.Authenticator.TOTP
  • authentik.stages.authenticator_validate - authentik Stages.Authenticator.Validate
  • authentik.stages.authenticator_webauthn - authentik Stages.Authenticator.WebAuthn
  • authentik.stages.captcha - authentik Stages.Captcha
  • authentik.stages.consent - authentik Stages.Consent
  • authentik.stages.deny - authentik Stages.Deny
  • authentik.stages.dummy - authentik Stages.Dummy
  • authentik.stages.email - authentik Stages.Email
  • authentik.stages.identification - authentik Stages.Identification
  • authentik.stages.invitation - authentik Stages.User Invitation
  • authentik.stages.password - authentik Stages.Password
  • authentik.stages.prompt - authentik Stages.Prompt
  • authentik.stages.user_delete - authentik Stages.User Delete
  • authentik.stages.user_login - authentik Stages.User Login
  • authentik.stages.user_logout - authentik Stages.User Logout
  • authentik.stages.user_write - authentik Stages.User Write
  • authentik.tenants - authentik Tenants
  • authentik.blueprints - authentik Blueprints
  • authentik.core - authentik Core
  • authentik.enterprise - authentik Enterprise

  Added enum value:

  • authentik.enterprise

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property model (object)

    Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

    • authentik_crypto.certificatekeypair - Certificate-Key Pair
    • authentik_events.event - Event
    • authentik_events.notificationtransport - Notification Transport
    • authentik_events.notification - Notification
    • authentik_events.notificationrule - Notification Rule
    • authentik_events.notificationwebhookmapping - Webhook Mapping
    • authentik_flows.flow - Flow
    • authentik_flows.flowstagebinding - Flow Stage Binding
    • authentik_outposts.dockerserviceconnection - Docker Service-Connection
    • authentik_outposts.kubernetesserviceconnection - Kubernetes Service-Connection
    • authentik_outposts.outpost - outpost
    • authentik_policies_dummy.dummypolicy - Dummy Policy
    • authentik_policies_event_matcher.eventmatcherpolicy - Event Matcher Policy
    • authentik_policies_expiry.passwordexpirypolicy - Password Expiry Policy
    • authentik_policies_expression.expressionpolicy - Expression Policy
    • authentik_policies_password.passwordpolicy - Password Policy
    • authentik_policies_reputation.reputationpolicy - Reputation Policy
    • authentik_policies_reputation.reputation - reputation
    • authentik_policies.policybinding - Policy Binding
    • authentik_providers_ldap.ldapprovider - LDAP Provider
    • authentik_providers_oauth2.scopemapping - Scope Mapping
    • authentik_providers_oauth2.oauth2provider - OAuth2/OpenID Provider
    • authentik_providers_oauth2.authorizationcode - Authorization Code
    • authentik_providers_oauth2.accesstoken - OAuth2 Access Token
    • authentik_providers_oauth2.refreshtoken - OAuth2 Refresh Token
    • authentik_providers_proxy.proxyprovider - Proxy Provider
    • authentik_providers_radius.radiusprovider - Radius Provider
    • authentik_providers_saml.samlprovider - SAML Provider
    • authentik_providers_saml.samlpropertymapping - SAML Property Mapping
    • authentik_providers_scim.scimprovider - SCIM Provider
    • authentik_providers_scim.scimmapping - SCIM Mapping
    • authentik_sources_ldap.ldapsource - LDAP Source
    • authentik_sources_ldap.ldappropertymapping - LDAP Property Mapping
    • authentik_sources_oauth.oauthsource - OAuth Source
    • authentik_sources_oauth.useroauthsourceconnection - User OAuth Source Connection
    • authentik_sources_plex.plexsource - Plex Source
    • authentik_sources_plex.plexsourceconnection - User Plex Source Connection
    • authentik_sources_saml.samlsource - SAML Source
    • authentik_sources_saml.usersamlsourceconnection - User SAML Source Connection
    • authentik_stages_authenticator_duo.authenticatorduostage - Duo Authenticator Setup Stage
    • authentik_stages_authenticator_duo.duodevice - Duo Device
    • authentik_stages_authenticator_sms.authenticatorsmsstage - SMS Authenticator Setup Stage
    • authentik_stages_authenticator_sms.smsdevice - SMS Device
    • authentik_stages_authenticator_static.authenticatorstaticstage - Static Authenticator Stage
    • authentik_stages_authenticator_totp.authenticatortotpstage - TOTP Authenticator Setup Stage
    • authentik_stages_authenticator_validate.authenticatorvalidatestage - Authenticator Validation Stage
    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage - WebAuthn Authenticator Setup Stage
    • authentik_stages_authenticator_webauthn.webauthndevice - WebAuthn Device
    • authentik_stages_captcha.captchastage - Captcha Stage
    • authentik_stages_consent.consentstage - Consent Stage
    • authentik_stages_consent.userconsent - User Consent
    • authentik_stages_deny.denystage - Deny Stage
    • authentik_stages_dummy.dummystage - Dummy Stage
    • authentik_stages_email.emailstage - Email Stage
    • authentik_stages_identification.identificationstage - Identification Stage
    • authentik_stages_invitation.invitationstage - Invitation Stage
    • authentik_stages_invitation.invitation - Invitation
    • authentik_stages_password.passwordstage - Password Stage
    • authentik_stages_prompt.prompt - Prompt
    • authentik_stages_prompt.promptstage - Prompt Stage
    • authentik_stages_user_delete.userdeletestage - User Delete Stage
    • authentik_stages_user_login.userloginstage - User Login Stage
    • authentik_stages_user_logout.userlogoutstage - User Logout Stage
    • authentik_stages_user_write.userwritestage - User Write Stage
    • authentik_tenants.tenant - Tenant
    • authentik_blueprints.blueprintinstance - Blueprint Instance
    • authentik_core.group - group
    • authentik_core.user - User
    • authentik_core.application - Application
    • authentik_core.token - Token

  • Changed property app (string)

    • authentik.admin - authentik Admin
    • authentik.api - authentik API
    • authentik.crypto - authentik Crypto
    • authentik.events - authentik Events
    • authentik.flows - authentik Flows
    • authentik.lib - authentik lib
    • authentik.outposts - authentik Outpost
    • authentik.policies.dummy - authentik Policies.Dummy
    • authentik.policies.event_matcher - authentik Policies.Event Matcher
    • authentik.policies.expiry - authentik Policies.Expiry
    • authentik.policies.expression - authentik Policies.Expression
    • authentik.policies.password - authentik Policies.Password
    • authentik.policies.reputation - authentik Policies.Reputation
    • authentik.policies - authentik Policies
    • authentik.providers.ldap - authentik Providers.LDAP
    • authentik.providers.oauth2 - authentik Providers.OAuth2
    • authentik.providers.proxy - authentik Providers.Proxy
    • authentik.providers.radius - authentik Providers.Radius
    • authentik.providers.saml - authentik Providers.SAML
    • authentik.providers.scim - authentik Providers.SCIM
    • authentik.recovery - authentik Recovery
    • authentik.sources.ldap - authentik Sources.LDAP
    • authentik.sources.oauth - authentik Sources.OAuth
    • authentik.sources.plex - authentik Sources.Plex
    • authentik.sources.saml - authentik Sources.SAML
    • authentik.stages.authenticator_duo - authentik Stages.Authenticator.Duo
    • authentik.stages.authenticator_sms - authentik Stages.Authenticator.SMS
    • authentik.stages.authenticator_static - authentik Stages.Authenticator.Static
    • authentik.stages.authenticator_totp - authentik Stages.Authenticator.TOTP
    • authentik.stages.authenticator_validate - authentik Stages.Authenticator.Validate
    • authentik.stages.authenticator_webauthn - authentik Stages.Authenticator.WebAuthn
    • authentik.stages.captcha - authentik Stages.Captcha
    • authentik.stages.consent - authentik Stages.Consent
    • authentik.stages.deny - authentik Stages.Deny
    • authentik.stages.dummy - authentik Stages.Dummy
    • authentik.stages.email - authentik Stages.Email
    • authentik.stages.identification - authentik Stages.Identification
    • authentik.stages.invitation - authentik Stages.User Invitation
    • authentik.stages.password - authentik Stages.Password
    • authentik.stages.prompt - authentik Stages.Prompt
    • authentik.stages.user_delete - authentik Stages.User Delete
    • authentik.stages.user_login - authentik Stages.User Login
    • authentik.stages.user_logout - authentik Stages.User Logout
    • authentik.stages.user_write - authentik Stages.User Write
    • authentik.tenants - authentik Tenants
    • authentik.blueprints - authentik Blueprints
    • authentik.core - authentik Core
    • authentik.enterprise - authentik Enterprise

    Added enum value:

    • authentik.enterprise

GET /propertymappings/all/{pm_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /propertymappings/ldap/{pm_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

PUT /propertymappings/ldap/{pm_uuid}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

PATCH /propertymappings/ldap/{pm_uuid}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /propertymappings/saml/{pm_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

PUT /propertymappings/saml/{pm_uuid}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

PATCH /propertymappings/saml/{pm_uuid}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /propertymappings/scim/{pm_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

PUT /propertymappings/scim/{pm_uuid}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

PATCH /propertymappings/scim/{pm_uuid}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /propertymappings/scope/{pm_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

PUT /propertymappings/scope/{pm_uuid}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

PATCH /propertymappings/scope/{pm_uuid}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /providers/all/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

GET /providers/oauth2/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Changed property sub_mode (string)

    • hashed_user_id - Based on the Hashed User ID
    • user_id - Based on user ID
    • user_uuid - Based on user UUID
    • user_username - Based on the username
    • user_email - Based on the User's Email. This is recommended over the UPN method.
    • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

    Added enum value:

    • user_uuid

PUT /providers/oauth2/{id}/

Request:

Changed content type : application/json

• Changed property sub_mode (string)

  • hashed_user_id - Based on the Hashed User ID
  • user_id - Based on user ID
  • user_uuid - Based on user UUID
  • user_username - Based on the username
  • user_email - Based on the User's Email. This is recommended over the UPN method.
  • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

  Added enum value:

  • user_uuid

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Changed property sub_mode (string)

    • hashed_user_id - Based on the Hashed User ID
    • user_id - Based on user ID
    • user_uuid - Based on user UUID
    • user_username - Based on the username
    • user_email - Based on the User's Email. This is recommended over the UPN method.
    • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

    Added enum value:

    • user_uuid

PATCH /providers/oauth2/{id}/

Request:

Changed content type : application/json

• Changed property sub_mode (string)

  • hashed_user_id - Based on the Hashed User ID
  • user_id - Based on user ID
  • user_uuid - Based on user UUID
  • user_username - Based on the username
  • user_email - Based on the User's Email. This is recommended over the UPN method.
  • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

  Added enum value:

  • user_uuid

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Changed property sub_mode (string)

    • hashed_user_id - Based on the Hashed User ID
    • user_id - Based on user ID
    • user_uuid - Based on user UUID
    • user_username - Based on the username
    • user_email - Based on the User's Email. This is recommended over the UPN method.
    • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

    Added enum value:

    • user_uuid

GET /providers/proxy/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

PUT /providers/proxy/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

PATCH /providers/proxy/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

GET /providers/radius/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug
  • outpost_set

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Added property outpost_set (array)

    Items (string):

PUT /providers/radius/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug
  • outpost_set

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Added property outpost_set (array)

PATCH /providers/radius/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug
  • outpost_set

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Added property outpost_set (array)

GET /providers/scim/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  New optional properties:

  • assigned_application_name
  • assigned_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Deleted property assigned_application_slug (string)

    Internal application name, used in URLs.

  • Deleted property assigned_application_name (string)

    Application's display Name.

PUT /providers/scim/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  New optional properties:

  • assigned_application_name
  • assigned_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Deleted property assigned_application_slug (string)

    Internal application name, used in URLs.

  • Deleted property assigned_application_name (string)

    Application's display Name.

PATCH /providers/scim/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  New optional properties:

  • assigned_application_name
  • assigned_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Deleted property assigned_application_slug (string)

    Internal application name, used in URLs.

  • Deleted property assigned_application_name (string)

    Application's display Name.

GET /core/applications/{slug}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • backchannel_providers_obj

  • Added property backchannel_providers (array)

    Items (integer):

  • Added property backchannel_providers_obj (array)

    Items (object): > Provider Serializer

    • Property pk (integer)

    • Property name (string)

    • Property authentication_flow (string)

      Flow used for authentication when the associated application is accessed by an un-authenticated user.

    • Property authorization_flow (string)

      Flow used when authorizing this provider.

    • Property property_mappings (array)

      Items (string):

    • Property component (string)

      Get object component so that we know how to edit the object

    • Property assigned_application_slug (string)

      Internal application name, used in URLs.

    • Property assigned_application_name (string)

      Application's display Name.

    • Property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Property assigned_backchannel_application_name (string)

      Application's display Name.

    • Property verbose_name (string)

      Return object's verbose_name

    • Property verbose_name_plural (string)

      Return object's plural verbose_name

    • Property meta_model_name (string)

      Return internal model name

  • Changed property provider_obj (object)

    Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PUT /core/applications/{slug}/

Request:

Changed content type : application/json

• Added property backchannel_providers (array)

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • backchannel_providers_obj

  • Added property backchannel_providers (array)

  • Added property backchannel_providers_obj (array)

  • Changed property provider_obj (object)

    Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PATCH /core/applications/{slug}/

Request:

Changed content type : application/json

• Added property backchannel_providers (array)

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • backchannel_providers_obj

  • Added property backchannel_providers (array)

  • Added property backchannel_providers_obj (array)

  • Changed property provider_obj (object)

    Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /core/tokens/{identifier}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property user_obj (object)

    User Serializer

    New optional properties:

    • groups

PUT /core/tokens/{identifier}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property user_obj (object)

    User Serializer

    New optional properties:

    • groups

PATCH /core/tokens/{identifier}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property user_obj (object)

    User Serializer

    New optional properties:

    • groups

GET /core/users/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New optional properties:

  • groups

PUT /core/users/{id}/

Request:

Changed content type : application/json

New optional properties:

• groups

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New optional properties:

  • groups

PATCH /core/users/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New optional properties:

  • groups

POST /crypto/certificatekeypairs/

Request:

Changed content type : application/json

• Deleted property managed (string)

  Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  New required properties:

  • managed
  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /crypto/certificatekeypairs/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > CertificateKeyPair Serializer

    New required properties:

    • managed
    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /flows/instances/{slug}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PUT /flows/instances/{slug}/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PATCH /flows/instances/{slug}/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /outposts/instances/{uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property providers_obj (array)

    Changed items (object): > Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

PUT /outposts/instances/{uuid}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property providers_obj (array)

    Changed items (object): > Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

PATCH /outposts/instances/{uuid}/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property providers_obj (array)

    Changed items (object): > Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

GET /outposts/ldap/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property mfa_support (boolean)

    When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.

  • Changed property application_slug (string)

    Prioritise backchannel slug over direct application slug

  • Changed property uid_start_number (integer)

    The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber

  • Changed property gid_start_number (integer)

    The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber

GET /policies/bindings/{policy_binding_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property user_obj (object)

    User Serializer

    New optional properties:

    • groups

PUT /policies/bindings/{policy_binding_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property user_obj (object)

    User Serializer

    New optional properties:

    • groups

PATCH /policies/bindings/{policy_binding_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property user_obj (object)

    User Serializer

    New optional properties:

    • groups

POST /policies/event_matcher/

Request:

Changed content type : application/json

• Added property model (object)

  Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

  • authentik_crypto.certificatekeypair - Certificate-Key Pair
  • authentik_events.event - Event
  • authentik_events.notificationtransport - Notification Transport
  • authentik_events.notification - Notification
  • authentik_events.notificationrule - Notification Rule
  • authentik_events.notificationwebhookmapping - Webhook Mapping
  • authentik_flows.flow - Flow
  • authentik_flows.flowstagebinding - Flow Stage Binding
  • authentik_outposts.dockerserviceconnection - Docker Service-Connection
  • authentik_outposts.kubernetesserviceconnection - Kubernetes Service-Connection
  • authentik_outposts.outpost - outpost
  • authentik_policies_dummy.dummypolicy - Dummy Policy
  • authentik_policies_event_matcher.eventmatcherpolicy - Event Matcher Policy
  • authentik_policies_expiry.passwordexpirypolicy - Password Expiry Policy
  • authentik_policies_expression.expressionpolicy - Expression Policy
  • authentik_policies_password.passwordpolicy - Password Policy
  • authentik_policies_reputation.reputationpolicy - Reputation Policy
  • authentik_policies_reputation.reputation - reputation
  • authentik_policies.policybinding - Policy Binding
  • authentik_providers_ldap.ldapprovider - LDAP Provider
  • authentik_providers_oauth2.scopemapping - Scope Mapping
  • authentik_providers_oauth2.oauth2provider - OAuth2/OpenID Provider
  • authentik_providers_oauth2.authorizationcode - Authorization Code
  • authentik_providers_oauth2.accesstoken - OAuth2 Access Token
  • authentik_providers_oauth2.refreshtoken - OAuth2 Refresh Token
  • authentik_providers_proxy.proxyprovider - Proxy Provider
  • authentik_providers_radius.radiusprovider - Radius Provider
  • authentik_providers_saml.samlprovider - SAML Provider
  • authentik_providers_saml.samlpropertymapping - SAML Property Mapping
  • authentik_providers_scim.scimprovider - SCIM Provider
  • authentik_providers_scim.scimmapping - SCIM Mapping
  • authentik_sources_ldap.ldapsource - LDAP Source
  • authentik_sources_ldap.ldappropertymapping - LDAP Property Mapping
  • authentik_sources_oauth.oauthsource - OAuth Source
  • authentik_sources_oauth.useroauthsourceconnection - User OAuth Source Connection
  • authentik_sources_plex.plexsource - Plex Source
  • authentik_sources_plex.plexsourceconnection - User Plex Source Connection
  • authentik_sources_saml.samlsource - SAML Source
  • authentik_sources_saml.usersamlsourceconnection - User SAML Source Connection
  • authentik_stages_authenticator_duo.authenticatorduostage - Duo Authenticator Setup Stage
  • authentik_stages_authenticator_duo.duodevice - Duo Device
  • authentik_stages_authenticator_sms.authenticatorsmsstage - SMS Authenticator Setup Stage
  • authentik_stages_authenticator_sms.smsdevice - SMS Device
  • authentik_stages_authenticator_static.authenticatorstaticstage - Static Authenticator Stage
  • authentik_stages_authenticator_totp.authenticatortotpstage - TOTP Authenticator Setup Stage
  • authentik_stages_authenticator_validate.authenticatorvalidatestage - Authenticator Validation Stage
  • authentik_stages_authenticator_webauthn.authenticatewebauthnstage - WebAuthn Authenticator Setup Stage
  • authentik_stages_authenticator_webauthn.webauthndevice - WebAuthn Device
  • authentik_stages_captcha.captchastage - Captcha Stage
  • authentik_stages_consent.consentstage - Consent Stage
  • authentik_stages_consent.userconsent - User Consent
  • authentik_stages_deny.denystage - Deny Stage
  • authentik_stages_dummy.dummystage - Dummy Stage
  • authentik_stages_email.emailstage - Email Stage
  • authentik_stages_identification.identificationstage - Identification Stage
  • authentik_stages_invitation.invitationstage - Invitation Stage
  • authentik_stages_invitation.invitation - Invitation
  • authentik_stages_password.passwordstage - Password Stage
  • authentik_stages_prompt.prompt - Prompt
  • authentik_stages_prompt.promptstage - Prompt Stage
  • authentik_stages_user_delete.userdeletestage - User Delete Stage
  • authentik_stages_user_login.userloginstage - User Login Stage
  • authentik_stages_user_logout.userlogoutstage - User Logout Stage
  • authentik_stages_user_write.userwritestage - User Write Stage
  • authentik_tenants.tenant - Tenant
  • authentik_blueprints.blueprintinstance - Blueprint Instance
  • authentik_core.group - group
  • authentik_core.user - User
  • authentik_core.application - Application
  • authentik_core.token - Token

• Changed property app (string)

  • authentik.admin - authentik Admin
  • authentik.api - authentik API
  • authentik.crypto - authentik Crypto
  • authentik.events - authentik Events
  • authentik.flows - authentik Flows
  • authentik.lib - authentik lib
  • authentik.outposts - authentik Outpost
  • authentik.policies.dummy - authentik Policies.Dummy
  • authentik.policies.event_matcher - authentik Policies.Event Matcher
  • authentik.policies.expiry - authentik Policies.Expiry
  • authentik.policies.expression - authentik Policies.Expression
  • authentik.policies.password - authentik Policies.Password
  • authentik.policies.reputation - authentik Policies.Reputation
  • authentik.policies - authentik Policies
  • authentik.providers.ldap - authentik Providers.LDAP
  • authentik.providers.oauth2 - authentik Providers.OAuth2
  • authentik.providers.proxy - authentik Providers.Proxy
  • authentik.providers.radius - authentik Providers.Radius
  • authentik.providers.saml - authentik Providers.SAML
  • authentik.providers.scim - authentik Providers.SCIM
  • authentik.recovery - authentik Recovery
  • authentik.sources.ldap - authentik Sources.LDAP
  • authentik.sources.oauth - authentik Sources.OAuth
  • authentik.sources.plex - authentik Sources.Plex
  • authentik.sources.saml - authentik Sources.SAML
  • authentik.stages.authenticator_duo - authentik Stages.Authenticator.Duo
  • authentik.stages.authenticator_sms - authentik Stages.Authenticator.SMS
  • authentik.stages.authenticator_static - authentik Stages.Authenticator.Static
  • authentik.stages.authenticator_totp - authentik Stages.Authenticator.TOTP
  • authentik.stages.authenticator_validate - authentik Stages.Authenticator.Validate
  • authentik.stages.authenticator_webauthn - authentik Stages.Authenticator.WebAuthn
  • authentik.stages.captcha - authentik Stages.Captcha
  • authentik.stages.consent - authentik Stages.Consent
  • authentik.stages.deny - authentik Stages.Deny
  • authentik.stages.dummy - authentik Stages.Dummy
  • authentik.stages.email - authentik Stages.Email
  • authentik.stages.identification - authentik Stages.Identification
  • authentik.stages.invitation - authentik Stages.User Invitation
  • authentik.stages.password - authentik Stages.Password
  • authentik.stages.prompt - authentik Stages.Prompt
  • authentik.stages.user_delete - authentik Stages.User Delete
  • authentik.stages.user_login - authentik Stages.User Login
  • authentik.stages.user_logout - authentik Stages.User Logout
  • authentik.stages.user_write - authentik Stages.User Write
  • authentik.tenants - authentik Tenants
  • authentik.blueprints - authentik Blueprints
  • authentik.core - authentik Core
  • authentik.enterprise - authentik Enterprise

  Added enum value:

  • authentik.enterprise

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Added property model (object)

    Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

    • authentik_crypto.certificatekeypair - Certificate-Key Pair
    • authentik_events.event - Event
    • authentik_events.notificationtransport - Notification Transport
    • authentik_events.notification - Notification
    • authentik_events.notificationrule - Notification Rule
    • authentik_events.notificationwebhookmapping - Webhook Mapping
    • authentik_flows.flow - Flow
    • authentik_flows.flowstagebinding - Flow Stage Binding
    • authentik_outposts.dockerserviceconnection - Docker Service-Connection
    • authentik_outposts.kubernetesserviceconnection - Kubernetes Service-Connection
    • authentik_outposts.outpost - outpost
    • authentik_policies_dummy.dummypolicy - Dummy Policy
    • authentik_policies_event_matcher.eventmatcherpolicy - Event Matcher Policy
    • authentik_policies_expiry.passwordexpirypolicy - Password Expiry Policy
    • authentik_policies_expression.expressionpolicy - Expression Policy
    • authentik_policies_password.passwordpolicy - Password Policy
    • authentik_policies_reputation.reputationpolicy - Reputation Policy
    • authentik_policies_reputation.reputation - reputation
    • authentik_policies.policybinding - Policy Binding
    • authentik_providers_ldap.ldapprovider - LDAP Provider
    • authentik_providers_oauth2.scopemapping - Scope Mapping
    • authentik_providers_oauth2.oauth2provider - OAuth2/OpenID Provider
    • authentik_providers_oauth2.authorizationcode - Authorization Code
    • authentik_providers_oauth2.accesstoken - OAuth2 Access Token
    • authentik_providers_oauth2.refreshtoken - OAuth2 Refresh Token
    • authentik_providers_proxy.proxyprovider - Proxy Provider
    • authentik_providers_radius.radiusprovider - Radius Provider
    • authentik_providers_saml.samlprovider - SAML Provider
    • authentik_providers_saml.samlpropertymapping - SAML Property Mapping
    • authentik_providers_scim.scimprovider - SCIM Provider
    • authentik_providers_scim.scimmapping - SCIM Mapping
    • authentik_sources_ldap.ldapsource - LDAP Source
    • authentik_sources_ldap.ldappropertymapping - LDAP Property Mapping
    • authentik_sources_oauth.oauthsource - OAuth Source
    • authentik_sources_oauth.useroauthsourceconnection - User OAuth Source Connection
    • authentik_sources_plex.plexsource - Plex Source
    • authentik_sources_plex.plexsourceconnection - User Plex Source Connection
    • authentik_sources_saml.samlsource - SAML Source
    • authentik_sources_saml.usersamlsourceconnection - User SAML Source Connection
    • authentik_stages_authenticator_duo.authenticatorduostage - Duo Authenticator Setup Stage
    • authentik_stages_authenticator_duo.duodevice - Duo Device
    • authentik_stages_authenticator_sms.authenticatorsmsstage - SMS Authenticator Setup Stage
    • authentik_stages_authenticator_sms.smsdevice - SMS Device
    • authentik_stages_authenticator_static.authenticatorstaticstage - Static Authenticator Stage
    • authentik_stages_authenticator_totp.authenticatortotpstage - TOTP Authenticator Setup Stage
    • authentik_stages_authenticator_validate.authenticatorvalidatestage - Authenticator Validation Stage
    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage - WebAuthn Authenticator Setup Stage
    • authentik_stages_authenticator_webauthn.webauthndevice - WebAuthn Device
    • authentik_stages_captcha.captchastage - Captcha Stage
    • authentik_stages_consent.consentstage - Consent Stage
    • authentik_stages_consent.userconsent - User Consent
    • authentik_stages_deny.denystage - Deny Stage
    • authentik_stages_dummy.dummystage - Dummy Stage
    • authentik_stages_email.emailstage - Email Stage
    • authentik_stages_identification.identificationstage - Identification Stage
    • authentik_stages_invitation.invitationstage - Invitation Stage
    • authentik_stages_invitation.invitation - Invitation
    • authentik_stages_password.passwordstage - Password Stage
    • authentik_stages_prompt.prompt - Prompt
    • authentik_stages_prompt.promptstage - Prompt Stage
    • authentik_stages_user_delete.userdeletestage - User Delete Stage
    • authentik_stages_user_login.userloginstage - User Login Stage
    • authentik_stages_user_logout.userlogoutstage - User Logout Stage
    • authentik_stages_user_write.userwritestage - User Write Stage
    • authentik_tenants.tenant - Tenant
    • authentik_blueprints.blueprintinstance - Blueprint Instance
    • authentik_core.group - group
    • authentik_core.user - User
    • authentik_core.application - Application
    • authentik_core.token - Token

  • Changed property app (string)

    • authentik.admin - authentik Admin
    • authentik.api - authentik API
    • authentik.crypto - authentik Crypto
    • authentik.events - authentik Events
    • authentik.flows - authentik Flows
    • authentik.lib - authentik lib
    • authentik.outposts - authentik Outpost
    • authentik.policies.dummy - authentik Policies.Dummy
    • authentik.policies.event_matcher - authentik Policies.Event Matcher
    • authentik.policies.expiry - authentik Policies.Expiry
    • authentik.policies.expression - authentik Policies.Expression
    • authentik.policies.password - authentik Policies.Password
    • authentik.policies.reputation - authentik Policies.Reputation
    • authentik.policies - authentik Policies
    • authentik.providers.ldap - authentik Providers.LDAP
    • authentik.providers.oauth2 - authentik Providers.OAuth2
    • authentik.providers.proxy - authentik Providers.Proxy
    • authentik.providers.radius - authentik Providers.Radius
    • authentik.providers.saml - authentik Providers.SAML
    • authentik.providers.scim - authentik Providers.SCIM
    • authentik.recovery - authentik Recovery
    • authentik.sources.ldap - authentik Sources.LDAP
    • authentik.sources.oauth - authentik Sources.OAuth
    • authentik.sources.plex - authentik Sources.Plex
    • authentik.sources.saml - authentik Sources.SAML
    • authentik.stages.authenticator_duo - authentik Stages.Authenticator.Duo
    • authentik.stages.authenticator_sms - authentik Stages.Authenticator.SMS
    • authentik.stages.authenticator_static - authentik Stages.Authenticator.Static
    • authentik.stages.authenticator_totp - authentik Stages.Authenticator.TOTP
    • authentik.stages.authenticator_validate - authentik Stages.Authenticator.Validate
    • authentik.stages.authenticator_webauthn - authentik Stages.Authenticator.WebAuthn
    • authentik.stages.captcha - authentik Stages.Captcha
    • authentik.stages.consent - authentik Stages.Consent
    • authentik.stages.deny - authentik Stages.Deny
    • authentik.stages.dummy - authentik Stages.Dummy
    • authentik.stages.email - authentik Stages.Email
    • authentik.stages.identification - authentik Stages.Identification
    • authentik.stages.invitation - authentik Stages.User Invitation
    • authentik.stages.password - authentik Stages.Password
    • authentik.stages.prompt - authentik Stages.Prompt
    • authentik.stages.user_delete - authentik Stages.User Delete
    • authentik.stages.user_login - authentik Stages.User Login
    • authentik.stages.user_logout - authentik Stages.User Logout
    • authentik.stages.user_write - authentik Stages.User Write
    • authentik.tenants - authentik Tenants
    • authentik.blueprints - authentik Blueprints
    • authentik.core - authentik Core
    • authentik.enterprise - authentik Enterprise

    Added enum value:

    • authentik.enterprise

GET /policies/event_matcher/

Parameters:

Added: model in query

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Event Matcher Policy Serializer

    • Added property model (object)

      Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

      • authentik_crypto.certificatekeypair - Certificate-Key Pair
      • authentik_events.event - Event
      • authentik_events.notificationtransport - Notification Transport
      • authentik_events.notification - Notification
      • authentik_events.notificationrule - Notification Rule
      • authentik_events.notificationwebhookmapping - Webhook Mapping
      • authentik_flows.flow - Flow
      • authentik_flows.flowstagebinding - Flow Stage Binding
      • authentik_outposts.dockerserviceconnection - Docker Service-Connection
      • authentik_outposts.kubernetesserviceconnection - Kubernetes Service-Connection
      • authentik_outposts.outpost - outpost
      • authentik_policies_dummy.dummypolicy - Dummy Policy
      • authentik_policies_event_matcher.eventmatcherpolicy - Event Matcher Policy
      • authentik_policies_expiry.passwordexpirypolicy - Password Expiry Policy
      • authentik_policies_expression.expressionpolicy - Expression Policy
      • authentik_policies_password.passwordpolicy - Password Policy
      • authentik_policies_reputation.reputationpolicy - Reputation Policy
      • authentik_policies_reputation.reputation - reputation
      • authentik_policies.policybinding - Policy Binding
      • authentik_providers_ldap.ldapprovider - LDAP Provider
      • authentik_providers_oauth2.scopemapping - Scope Mapping
      • authentik_providers_oauth2.oauth2provider - OAuth2/OpenID Provider
      • authentik_providers_oauth2.authorizationcode - Authorization Code
      • authentik_providers_oauth2.accesstoken - OAuth2 Access Token
      • authentik_providers_oauth2.refreshtoken - OAuth2 Refresh Token
      • authentik_providers_proxy.proxyprovider - Proxy Provider
      • authentik_providers_radius.radiusprovider - Radius Provider
      • authentik_providers_saml.samlprovider - SAML Provider
      • authentik_providers_saml.samlpropertymapping - SAML Property Mapping
      • authentik_providers_scim.scimprovider - SCIM Provider
      • authentik_providers_scim.scimmapping - SCIM Mapping
      • authentik_sources_ldap.ldapsource - LDAP Source
      • authentik_sources_ldap.ldappropertymapping - LDAP Property Mapping
      • authentik_sources_oauth.oauthsource - OAuth Source
      • authentik_sources_oauth.useroauthsourceconnection - User OAuth Source Connection
      • authentik_sources_plex.plexsource - Plex Source
      • authentik_sources_plex.plexsourceconnection - User Plex Source Connection
      • authentik_sources_saml.samlsource - SAML Source
      • authentik_sources_saml.usersamlsourceconnection - User SAML Source Connection
      • authentik_stages_authenticator_duo.authenticatorduostage - Duo Authenticator Setup Stage
      • authentik_stages_authenticator_duo.duodevice - Duo Device
      • authentik_stages_authenticator_sms.authenticatorsmsstage - SMS Authenticator Setup Stage
      • authentik_stages_authenticator_sms.smsdevice - SMS Device
      • authentik_stages_authenticator_static.authenticatorstaticstage - Static Authenticator Stage
      • authentik_stages_authenticator_totp.authenticatortotpstage - TOTP Authenticator Setup Stage
      • authentik_stages_authenticator_validate.authenticatorvalidatestage - Authenticator Validation Stage
      • authentik_stages_authenticator_webauthn.authenticatewebauthnstage - WebAuthn Authenticator Setup Stage
      • authentik_stages_authenticator_webauthn.webauthndevice - WebAuthn Device
      • authentik_stages_captcha.captchastage - Captcha Stage
      • authentik_stages_consent.consentstage - Consent Stage
      • authentik_stages_consent.userconsent - User Consent
      • authentik_stages_deny.denystage - Deny Stage
      • authentik_stages_dummy.dummystage - Dummy Stage
      • authentik_stages_email.emailstage - Email Stage
      • authentik_stages_identification.identificationstage - Identification Stage
      • authentik_stages_invitation.invitationstage - Invitation Stage
      • authentik_stages_invitation.invitation - Invitation
      • authentik_stages_password.passwordstage - Password Stage
      • authentik_stages_prompt.prompt - Prompt
      • authentik_stages_prompt.promptstage - Prompt Stage
      • authentik_stages_user_delete.userdeletestage - User Delete Stage
      • authentik_stages_user_login.userloginstage - User Login Stage
      • authentik_stages_user_logout.userlogoutstage - User Logout Stage
      • authentik_stages_user_write.userwritestage - User Write Stage
      • authentik_tenants.tenant - Tenant
      • authentik_blueprints.blueprintinstance - Blueprint Instance
      • authentik_core.group - group
      • authentik_core.user - User
      • authentik_core.application - Application
      • authentik_core.token - Token

    • Changed property app (string)

      • authentik.admin - authentik Admin
      • authentik.api - authentik API
      • authentik.crypto - authentik Crypto
      • authentik.events - authentik Events
      • authentik.flows - authentik Flows
      • authentik.lib - authentik lib
      • authentik.outposts - authentik Outpost
      • authentik.policies.dummy - authentik Policies.Dummy
      • authentik.policies.event_matcher - authentik Policies.Event Matcher
      • authentik.policies.expiry - authentik Policies.Expiry
      • authentik.policies.expression - authentik Policies.Expression
      • authentik.policies.password - authentik Policies.Password
      • authentik.policies.reputation - authentik Policies.Reputation
      • authentik.policies - authentik Policies
      • authentik.providers.ldap - authentik Providers.LDAP
      • authentik.providers.oauth2 - authentik Providers.OAuth2
      • authentik.providers.proxy - authentik Providers.Proxy
      • authentik.providers.radius - authentik Providers.Radius
      • authentik.providers.saml - authentik Providers.SAML
      • authentik.providers.scim - authentik Providers.SCIM
      • authentik.recovery - authentik Recovery
      • authentik.sources.ldap - authentik Sources.LDAP
      • authentik.sources.oauth - authentik Sources.OAuth
      • authentik.sources.plex - authentik Sources.Plex
      • authentik.sources.saml - authentik Sources.SAML
      • authentik.stages.authenticator_duo - authentik Stages.Authenticator.Duo
      • authentik.stages.authenticator_sms - authentik Stages.Authenticator.SMS
      • authentik.stages.authenticator_static - authentik Stages.Authenticator.Static
      • authentik.stages.authenticator_totp - authentik Stages.Authenticator.TOTP
      • authentik.stages.authenticator_validate - authentik Stages.Authenticator.Validate
      • authentik.stages.authenticator_webauthn - authentik Stages.Authenticator.WebAuthn
      • authentik.stages.captcha - authentik Stages.Captcha
      • authentik.stages.consent - authentik Stages.Consent
      • authentik.stages.deny - authentik Stages.Deny
      • authentik.stages.dummy - authentik Stages.Dummy
      • authentik.stages.email - authentik Stages.Email
      • authentik.stages.identification - authentik Stages.Identification
      • authentik.stages.invitation - authentik Stages.User Invitation
      • authentik.stages.password - authentik Stages.Password
      • authentik.stages.prompt - authentik Stages.Prompt
      • authentik.stages.user_delete - authentik Stages.User Delete
      • authentik.stages.user_login - authentik Stages.User Login
      • authentik.stages.user_logout - authentik Stages.User Logout
      • authentik.stages.user_write - authentik Stages.User Write
      • authentik.tenants - authentik Tenants
      • authentik.blueprints - authentik Blueprints
      • authentik.core - authentik Core
      • authentik.enterprise - authentik Enterprise

      Added enum value:

      • authentik.enterprise

GET /propertymappings/all/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > PropertyMapping Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

POST /propertymappings/ldap/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /propertymappings/ldap/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > LDAP PropertyMapping Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

POST /propertymappings/saml/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /propertymappings/saml/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > SAMLPropertyMapping Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

POST /propertymappings/scim/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /propertymappings/scim/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > SCIMMapping Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

POST /propertymappings/scope/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /propertymappings/scope/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > ScopeMapping Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

GET /providers/all/

Parameters:

Added: backchannel_only in query

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

GET /providers/ldap/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Added property mfa_support (boolean)

    When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.

  • Changed property uid_start_number (integer)

    The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber

  • Changed property gid_start_number (integer)

    The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber

PUT /providers/ldap/{id}/

Request:

Changed content type : application/json

• Added property mfa_support (boolean)

  When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.

• Changed property uid_start_number (integer)

  The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber

• Changed property gid_start_number (integer)

  The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Added property mfa_support (boolean)

    When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.

  • Changed property uid_start_number (integer)

    The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber

  • Changed property gid_start_number (integer)

    The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber

PATCH /providers/ldap/{id}/

Request:

Changed content type : application/json

• Added property mfa_support (boolean)

  When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.

• Changed property uid_start_number (integer)

  The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber

• Changed property gid_start_number (integer)

  The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Added property mfa_support (boolean)

    When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.

  • Changed property uid_start_number (integer)

    The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber

  • Changed property gid_start_number (integer)

    The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber

POST /providers/oauth2/

Request:

Changed content type : application/json

• Changed property sub_mode (string)

  • hashed_user_id - Based on the Hashed User ID
  • user_id - Based on user ID
  • user_uuid - Based on user UUID
  • user_username - Based on the username
  • user_email - Based on the User's Email. This is recommended over the UPN method.
  • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

  Added enum value:

  • user_uuid

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Changed property sub_mode (string)

    • hashed_user_id - Based on the Hashed User ID
    • user_id - Based on user ID
    • user_uuid - Based on user UUID
    • user_username - Based on the username
    • user_email - Based on the User's Email. This is recommended over the UPN method.
    • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

    Added enum value:

    • user_uuid

GET /providers/oauth2/

Parameters:

Changed: sub_mode in query

Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

• hashed_user_id - Based on the Hashed User ID
• user_id - Based on user ID
• user_uuid - Based on user UUID
• user_username - Based on the username
• user_email - Based on the User's Email. This is recommended over the UPN method.
• user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > OAuth2Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

    • Changed property sub_mode (string)

      • hashed_user_id - Based on the Hashed User ID
      • user_id - Based on user ID
      • user_uuid - Based on user UUID
      • user_username - Based on the username
      • user_email - Based on the User's Email. This is recommended over the UPN method.
      • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

      Added enum value:

      • user_uuid

POST /providers/proxy/

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

GET /providers/proxy/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > ProxyProvider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

POST /providers/radius/

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug
  • outpost_set

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Added property outpost_set (array)

GET /providers/radius/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > RadiusProvider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug
    • outpost_set

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

    • Added property outpost_set (array)

GET /providers/saml/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

PUT /providers/saml/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

PATCH /providers/saml/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

POST /providers/scim/

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  New optional properties:

  • assigned_application_name
  • assigned_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Deleted property assigned_application_slug (string)

    Internal application name, used in URLs.

  • Deleted property assigned_application_name (string)

    Application's display Name.

GET /providers/scim/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > SCIMProvider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    New optional properties:

    • assigned_application_name
    • assigned_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

    • Deleted property assigned_application_slug (string)

      Internal application name, used in URLs.

    • Deleted property assigned_application_name (string)

      Application's display Name.

GET /root/config/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property capabilities (array)

    Changed items (string): > _ can_save_media - Can Save Media > _ can_geo_ip - Can Geo Ip > _ can_impersonate - Can Impersonate > _ can_debug - Can Debug > * is_enterprise - Is Enterprise

    Added enum value:

    • is_enterprise

GET /sources/all/{slug}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /sources/ldap/{slug}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property client_certificate (string)

    Client certificate to authenticate against the LDAP Server's Certificate.

  • Added property sni (boolean)

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PUT /sources/ldap/{slug}/

Request:

Changed content type : application/json

• Added property client_certificate (string)

  Client certificate to authenticate against the LDAP Server's Certificate.

• Added property sni (boolean)

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property client_certificate (string)

    Client certificate to authenticate against the LDAP Server's Certificate.

  • Added property sni (boolean)

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PATCH /sources/ldap/{slug}/

Request:

Changed content type : application/json

• Added property client_certificate (string)

  Client certificate to authenticate against the LDAP Server's Certificate.

• Added property sni (boolean)

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property client_certificate (string)

    Client certificate to authenticate against the LDAP Server's Certificate.

  • Added property sni (boolean)

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /sources/oauth/{slug}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

  • Changed property provider_type (string)

    • apple - Apple
    • azuread - Azure AD
    • discord - Discord
    • facebook - Facebook
    • github - GitHub
    • google - Google
    • mailcow - Mailcow
    • openidconnect - OpenID Connect
    • okta - Okta
    • patreon - Patreon
    • reddit - Reddit
    • twitch - Twitch
    • twitter - Twitter

    Added enum value:

    • patreon

PUT /sources/oauth/{slug}/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

• Changed property provider_type (string)

  • apple - Apple
  • azuread - Azure AD
  • discord - Discord
  • facebook - Facebook
  • github - GitHub
  • google - Google
  • mailcow - Mailcow
  • openidconnect - OpenID Connect
  • okta - Okta
  • patreon - Patreon
  • reddit - Reddit
  • twitch - Twitch
  • twitter - Twitter

  Added enum value:

  • patreon

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

  • Changed property provider_type (string)

    • apple - Apple
    • azuread - Azure AD
    • discord - Discord
    • facebook - Facebook
    • github - GitHub
    • google - Google
    • mailcow - Mailcow
    • openidconnect - OpenID Connect
    • okta - Okta
    • patreon - Patreon
    • reddit - Reddit
    • twitch - Twitch
    • twitter - Twitter

    Added enum value:

    • patreon

PATCH /sources/oauth/{slug}/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

• Changed property provider_type (string)

  • apple - Apple
  • azuread - Azure AD
  • discord - Discord
  • facebook - Facebook
  • github - GitHub
  • google - Google
  • mailcow - Mailcow
  • openidconnect - OpenID Connect
  • okta - Okta
  • patreon - Patreon
  • reddit - Reddit
  • twitch - Twitch
  • twitter - Twitter

  Added enum value:

  • patreon

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

  • Changed property provider_type (string)

    • apple - Apple
    • azuread - Azure AD
    • discord - Discord
    • facebook - Facebook
    • github - GitHub
    • google - Google
    • mailcow - Mailcow
    • openidconnect - OpenID Connect
    • okta - Okta
    • patreon - Patreon
    • reddit - Reddit
    • twitch - Twitch
    • twitter - Twitter

    Added enum value:

    • patreon

GET /sources/plex/{slug}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PUT /sources/plex/{slug}/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PATCH /sources/plex/{slug}/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /sources/saml/{slug}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property verification_kp (string)

    When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property signing_kp (string)

    Keypair used to sign outgoing Responses going to the Identity Provider.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PUT /sources/saml/{slug}/

Request:

Changed content type : application/json

• Added property verification_kp (string)

  When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.

• Changed property signing_kp (string)

  Keypair used to sign outgoing Responses going to the Identity Provider.

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property verification_kp (string)

    When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property signing_kp (string)

    Keypair used to sign outgoing Responses going to the Identity Provider.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PATCH /sources/saml/{slug}/

Request:

Changed content type : application/json

• Added property verification_kp (string)

  When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.

• Changed property signing_kp (string)

  Keypair used to sign outgoing Responses going to the Identity Provider.

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property verification_kp (string)

    When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property signing_kp (string)

    Keypair used to sign outgoing Responses going to the Identity Provider.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /sources/user_connections/all/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /sources/user_connections/all/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /sources/user_connections/all/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /sources/user_connections/oauth/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /sources/user_connections/oauth/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /sources/user_connections/oauth/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /sources/user_connections/plex/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /sources/user_connections/plex/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /sources/user_connections/plex/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /sources/user_connections/saml/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /sources/user_connections/saml/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /sources/user_connections/saml/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/invitation/invitations/{invite_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_obj (object)

    Flow Serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/invitation/invitations/{invite_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_obj (object)

    Flow Serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/invitation/invitations/{invite_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_obj (object)

    Flow Serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

POST /core/applications/

Request:

Changed content type : application/json

• Added property backchannel_providers (array)

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  New required properties:

  • backchannel_providers_obj

  • Added property backchannel_providers (array)

  • Added property backchannel_providers_obj (array)

  • Changed property provider_obj (object)

    Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /core/applications/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Application Serializer

    New required properties:

    • backchannel_providers_obj

    • Added property backchannel_providers (array)

    • Added property backchannel_providers_obj (array)

    • Changed property provider_obj (object)

      Provider Serializer

      New required properties:

      • assigned_backchannel_application_name
      • assigned_backchannel_application_slug

      • Added property assigned_backchannel_application_slug (string)

        Internal application name, used in URLs.

      • Added property assigned_backchannel_application_name (string)

        Application's display Name.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

POST /core/tokens/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property user_obj (object)

    User Serializer

    New optional properties:

    • groups

GET /core/tokens/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Token Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property user_obj (object)

      User Serializer

      New optional properties:

      • groups

GET /core/user_consent/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property user (object)

    User Serializer

    New optional properties:

    • groups

  • Changed property application (object)

    Application Serializer

    New required properties:

    • backchannel_providers_obj

    • Added property backchannel_providers (array)

    • Added property backchannel_providers_obj (array)

    • Changed property provider_obj (object)

      Provider Serializer

      New required properties:

      • assigned_backchannel_application_name
      • assigned_backchannel_application_slug

      • Added property assigned_backchannel_application_slug (string)

        Internal application name, used in URLs.

      • Added property assigned_backchannel_application_name (string)

        Application's display Name.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

POST /core/users/

Request:

Changed content type : application/json

New optional properties:

• groups

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  New optional properties:

  • groups

GET /core/users/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > User Serializer

    New optional properties:

    • groups

GET /flows/bindings/{fsb_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PUT /flows/bindings/{fsb_uuid}/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

PATCH /flows/bindings/{fsb_uuid}/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

POST /flows/instances/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /flows/instances/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Flow Serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /oauth2/access_tokens/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property provider (object)

    OAuth2Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

    • Changed property sub_mode (string)

      • hashed_user_id - Based on the Hashed User ID
      • user_id - Based on user ID
      • user_uuid - Based on user UUID
      • user_username - Based on the username
      • user_email - Based on the User's Email. This is recommended over the UPN method.
      • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

      Added enum value:

      • user_uuid

  • Changed property user (object)

    User Serializer

    New optional properties:

    • groups

GET /oauth2/authorization_codes/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property provider (object)

    OAuth2Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

    • Changed property sub_mode (string)

      • hashed_user_id - Based on the Hashed User ID
      • user_id - Based on user ID
      • user_uuid - Based on user UUID
      • user_username - Based on the username
      • user_email - Based on the User's Email. This is recommended over the UPN method.
      • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

      Added enum value:

      • user_uuid

  • Changed property user (object)

    User Serializer

    New optional properties:

    • groups

GET /oauth2/refresh_tokens/{id}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property provider (object)

    OAuth2Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

    • Changed property sub_mode (string)

      • hashed_user_id - Based on the Hashed User ID
      • user_id - Based on user ID
      • user_uuid - Based on user UUID
      • user_username - Based on the username
      • user_email - Based on the User's Email. This is recommended over the UPN method.
      • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

      Added enum value:

      • user_uuid

  • Changed property user (object)

    User Serializer

    New optional properties:

    • groups

POST /outposts/instances/

Request:

Changed content type : application/json

• Changed property managed (string)

  Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property providers_obj (array)

    Changed items (object): > Provider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

GET /outposts/instances/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Outpost Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property providers_obj (array)

      Changed items (object): > Provider Serializer

      New required properties:

      • assigned_backchannel_application_name
      • assigned_backchannel_application_slug

      • Added property assigned_backchannel_application_slug (string)

        Internal application name, used in URLs.

      • Added property assigned_backchannel_application_name (string)

        Application's display Name.

GET /outposts/ldap/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > LDAPProvider Serializer

    • Added property mfa_support (boolean)

      When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.

    • Changed property application_slug (string)

      Prioritise backchannel slug over direct application slug

    • Changed property uid_start_number (integer)

      The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber

    • Changed property gid_start_number (integer)

      The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber

POST /policies/bindings/

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property user_obj (object)

    User Serializer

    New optional properties:

    • groups

GET /policies/bindings/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > PolicyBinding Serializer

    • Changed property user_obj (object)

      User Serializer

      New optional properties:

      • groups

POST /providers/ldap/

Request:

Changed content type : application/json

• Added property mfa_support (boolean)

  When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.

• Changed property uid_start_number (integer)

  The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber

• Changed property gid_start_number (integer)

  The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

  • Added property mfa_support (boolean)

    When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.

  • Changed property uid_start_number (integer)

    The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber

  • Changed property gid_start_number (integer)

    The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber

GET /providers/ldap/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > LDAPProvider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

    • Added property mfa_support (boolean)

      When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon.

    • Changed property uid_start_number (integer)

      The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber

    • Changed property gid_start_number (integer)

      The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber

POST /providers/saml/

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  New required properties:

  • assigned_backchannel_application_name
  • assigned_backchannel_application_slug

  • Added property assigned_backchannel_application_slug (string)

    Internal application name, used in URLs.

  • Added property assigned_backchannel_application_name (string)

    Application's display Name.

GET /providers/saml/

Parameters:

Added: backchannel_application in query

Added: is_backchannel in query

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > SAMLProvider Serializer

    New required properties:

    • assigned_backchannel_application_name
    • assigned_backchannel_application_slug

    • Added property assigned_backchannel_application_slug (string)

      Internal application name, used in URLs.

    • Added property assigned_backchannel_application_name (string)

      Application's display Name.

GET /sources/all/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

POST /sources/ldap/

Request:

Changed content type : application/json

• Added property client_certificate (string)

  Client certificate to authenticate against the LDAP Server's Certificate.

• Added property sni (boolean)

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Added property client_certificate (string)

    Client certificate to authenticate against the LDAP Server's Certificate.

  • Added property sni (boolean)

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /sources/ldap/

Parameters:

Added: client_certificate in query

Added: sni in query

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > LDAP Source Serializer

    • Added property client_certificate (string)

      Client certificate to authenticate against the LDAP Server's Certificate.

    • Added property sni (boolean)

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

POST /sources/oauth/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

• Changed property provider_type (string)

  • apple - Apple
  • azuread - Azure AD
  • discord - Discord
  • facebook - Facebook
  • github - GitHub
  • google - Google
  • mailcow - Mailcow
  • openidconnect - OpenID Connect
  • okta - Okta
  • patreon - Patreon
  • reddit - Reddit
  • twitch - Twitch
  • twitter - Twitter

  Added enum value:

  • patreon

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

  • Changed property provider_type (string)

    • apple - Apple
    • azuread - Azure AD
    • discord - Discord
    • facebook - Facebook
    • github - GitHub
    • google - Google
    • mailcow - Mailcow
    • openidconnect - OpenID Connect
    • okta - Okta
    • patreon - Patreon
    • reddit - Reddit
    • twitch - Twitch
    • twitter - Twitter

    Added enum value:

    • patreon

GET /sources/oauth/

Parameters:

Changed: policy_engine_mode in query

• all - all, all policies must pass

• any - any, any policy must pass

• all - all, all policies must pass

• any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > OAuth Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

    • Changed property provider_type (string)

      • apple - Apple
      • azuread - Azure AD
      • discord - Discord
      • facebook - Facebook
      • github - GitHub
      • google - Google
      • mailcow - Mailcow
      • openidconnect - OpenID Connect
      • okta - Okta
      • patreon - Patreon
      • reddit - Reddit
      • twitch - Twitch
      • twitter - Twitter

      Added enum value:

      • patreon

POST /sources/plex/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /sources/plex/

Parameters:

Changed: policy_engine_mode in query

• all - all, all policies must pass

• any - any, any policy must pass

• all - all, all policies must pass

• any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Plex Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

POST /sources/saml/

Request:

Changed content type : application/json

• Added property verification_kp (string)

  When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.

• Changed property signing_kp (string)

  Keypair used to sign outgoing Responses going to the Identity Provider.

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Added property verification_kp (string)

    When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.

  • Changed property managed (string)

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

  • Changed property signing_kp (string)

    Keypair used to sign outgoing Responses going to the Identity Provider.

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /sources/saml/

Parameters:

Added: verification_kp in query

Changed: policy_engine_mode in query

• all - all, all policies must pass

• any - any, any policy must pass

• all - all, all policies must pass

• any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > SAMLSource Serializer

    • Added property verification_kp (string)

      When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property signing_kp (string)

      Keypair used to sign outgoing Responses going to the Identity Provider.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /sources/user_connections/all/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > OAuth Source Serializer

    • Changed property source (object)

      Source Serializer

      • Changed property managed (string)

        Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /sources/user_connections/oauth/

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /sources/user_connections/oauth/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > OAuth Source Serializer

    • Changed property source (object)

      Source Serializer

      • Changed property managed (string)

        Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /sources/user_connections/plex/

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /sources/user_connections/plex/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Plex Source connection Serializer

    • Changed property source (object)

      Source Serializer

      • Changed property managed (string)

        Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /sources/user_connections/saml/

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property source (object)

    Source Serializer

    • Changed property managed (string)

      Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /sources/user_connections/saml/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > SAML Source Serializer

    • Changed property source (object)

      Source Serializer

      • Changed property managed (string)

        Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

GET /stages/all/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/duo/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/authenticator/duo/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/authenticator/duo/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/sms/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/authenticator/sms/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/authenticator/sms/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/static/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/authenticator/static/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/authenticator/static/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/totp/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/authenticator/totp/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/authenticator/totp/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/validate/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/authenticator/validate/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/authenticator/validate/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/webauthn/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/authenticator/webauthn/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/authenticator/webauthn/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/captcha/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/captcha/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/captcha/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/consent/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/consent/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/consent/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/deny/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/deny/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/deny/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/dummy/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/dummy/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/dummy/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/email/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/email/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/email/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/identification/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/identification/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/identification/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

POST /stages/invitation/invitations/

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_obj (object)

    Flow Serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/invitation/invitations/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Invitation Serializer

    • Changed property flow_obj (object)

      Flow Serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

GET /stages/invitation/stages/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/invitation/stages/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/invitation/stages/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/password/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/password/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/password/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/prompt/stages/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/prompt/stages/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/prompt/stages/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/user_delete/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/user_delete/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/user_delete/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/user_login/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/user_login/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/user_login/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/user_logout/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/user_logout/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/user_logout/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/user_write/{stage_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PUT /stages/user_write/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

PATCH /stages/user_write/{stage_uuid}/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /core/user_consent/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > UserConsent Serializer

    • Changed property user (object)

      User Serializer

      New optional properties:

      • groups

    • Changed property application (object)

      Application Serializer

      New required properties:

      • backchannel_providers_obj

      • Added property backchannel_providers (array)

      • Added property backchannel_providers_obj (array)

      • Changed property provider_obj (object)

        Provider Serializer

        New required properties:

        • assigned_backchannel_application_name
        • assigned_backchannel_application_slug

        • Added property assigned_backchannel_application_slug (string)

          Internal application name, used in URLs.

        • Added property assigned_backchannel_application_name (string)

          Application's display Name.

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /flows/bindings/

Request:

Changed content type : application/json

• Changed property policy_engine_mode (string)

  • all - all, all policies must pass
  • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

GET /flows/bindings/

Parameters:

Changed: policy_engine_mode in query

• all - all, all policies must pass

• any - any, any policy must pass

• all - all, all policies must pass

• any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > FlowStageBinding Serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /flows/executor/{flow_slug}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  Updated ak-stage-prompt component:

  • Changed property fields (array)

    Changed items (object): > Serializer for a single Prompt field

    New required properties:

    • initial_value
    • Added property initial_value (string)

POST /flows/executor/{flow_slug}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  Updated ak-stage-prompt component:

  • Changed property fields (array)

    Changed items (object): > Serializer for a single Prompt field

    New required properties:

    • initial_value
    • Added property initial_value (string)

GET /flows/inspector/{flow_slug}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property plans (array)

    Changed items (object): > Serializer for an active FlowPlan

    • Changed property current_stage (object)

      FlowStageBinding Serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

GET /oauth2/access_tokens/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Serializer for BaseGrantModel and RefreshToken

    • Changed property provider (object)

      OAuth2Provider Serializer

      New required properties:

      • assigned_backchannel_application_name
      • assigned_backchannel_application_slug

      • Added property assigned_backchannel_application_slug (string)

        Internal application name, used in URLs.

      • Added property assigned_backchannel_application_name (string)

        Application's display Name.

      • Changed property sub_mode (string)

        • hashed_user_id - Based on the Hashed User ID
        • user_id - Based on user ID
        • user_uuid - Based on user UUID
        • user_username - Based on the username
        • user_email - Based on the User's Email. This is recommended over the UPN method.
        • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

        Added enum value:

        • user_uuid

    • Changed property user (object)

      User Serializer

      New optional properties:

      • groups

GET /oauth2/authorization_codes/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant

    • Changed property provider (object)

      OAuth2Provider Serializer

      New required properties:

      • assigned_backchannel_application_name
      • assigned_backchannel_application_slug

      • Added property assigned_backchannel_application_slug (string)

        Internal application name, used in URLs.

      • Added property assigned_backchannel_application_name (string)

        Application's display Name.

      • Changed property sub_mode (string)

        • hashed_user_id - Based on the Hashed User ID
        • user_id - Based on user ID
        • user_uuid - Based on user UUID
        • user_username - Based on the username
        • user_email - Based on the User's Email. This is recommended over the UPN method.
        • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

        Added enum value:

        • user_uuid

    • Changed property user (object)

      User Serializer

      New optional properties:

      • groups

GET /oauth2/refresh_tokens/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Serializer for BaseGrantModel and RefreshToken

    • Changed property provider (object)

      OAuth2Provider Serializer

      New required properties:

      • assigned_backchannel_application_name
      • assigned_backchannel_application_slug

      • Added property assigned_backchannel_application_slug (string)

        Internal application name, used in URLs.

      • Added property assigned_backchannel_application_name (string)

        Application's display Name.

      • Changed property sub_mode (string)

        • hashed_user_id - Based on the Hashed User ID
        • user_id - Based on user ID
        • user_uuid - Based on user UUID
        • user_username - Based on the username
        • user_email - Based on the User's Email. This is recommended over the UPN method.
        • user_upn - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.

        Added enum value:

        • user_uuid

    • Changed property user (object)

      User Serializer

      New optional properties:

      • groups

GET /stages/all/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Stage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/authenticator/duo/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/duo/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > AuthenticatorDuoStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/authenticator/sms/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/sms/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > AuthenticatorSMSStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/authenticator/static/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/static/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > AuthenticatorStaticStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/authenticator/totp/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/totp/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > AuthenticatorTOTPStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/authenticator/validate/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/validate/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > AuthenticatorValidateStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/authenticator/webauthn/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/authenticator/webauthn/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > AuthenticateWebAuthnStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/captcha/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/captcha/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > CaptchaStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/consent/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/consent/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > ConsentStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/deny/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/deny/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > DenyStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/dummy/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/dummy/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > DummyStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/email/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/email/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > EmailStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/identification/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/identification/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > IdentificationStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/invitation/stages/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/invitation/stages/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > InvitationStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/password/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/password/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > PasswordStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

GET /stages/prompt/prompts/{prompt_uuid}/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property initial_value (string)

    Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices.

  • Added property initial_value_expression (boolean)

  • Changed property placeholder (string)

    Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices.

  • Changed property promptstage_set (array)

    Changed items (object): > Stage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

PUT /stages/prompt/prompts/{prompt_uuid}/

Request:

Changed content type : application/json

• Added property initial_value (string)

  Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices.

• Added property initial_value_expression (boolean)

• Changed property placeholder (string)

  Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices.

• Changed property promptstage_set (array)

  Changed items (object): > Stage Serializer

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property initial_value (string)

    Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices.

  • Added property initial_value_expression (boolean)

  • Changed property placeholder (string)

    Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices.

  • Changed property promptstage_set (array)

    Changed items (object): > Stage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

PATCH /stages/prompt/prompts/{prompt_uuid}/

Request:

Changed content type : application/json

• Added property initial_value (string)

  Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices.

• Added property initial_value_expression (boolean)

• Changed property placeholder (string)

  Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices.

• Changed property promptstage_set (array)

  Changed items (object): > Stage Serializer

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Added property initial_value (string)

    Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices.

  • Added property initial_value_expression (boolean)

  • Changed property placeholder (string)

    Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices.

  • Changed property promptstage_set (array)

    Changed items (object): > Stage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/prompt/prompts/preview/

Request:

Changed content type : application/json

• Added property initial_value (string)

  Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices.

• Added property initial_value_expression (boolean)

• Changed property placeholder (string)

  Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices.

• Changed property promptstage_set (array)

  Changed items (object): > Stage Serializer

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property fields (array)

    Changed items (object): > Serializer for a single Prompt field

    New required properties:

    • initial_value
    • Added property initial_value (string)

POST /stages/prompt/stages/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/prompt/stages/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > PromptStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/user_delete/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/user_delete/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > UserDeleteStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/user_login/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/user_login/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > UserLoginStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/user_logout/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/user_logout/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > UserLogoutStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/user_write/

Request:

Changed content type : application/json

• Changed property flow_set (array)

  Changed items (object): > Stripped down flow serializer

  • Changed property policy_engine_mode (string)

    • all - all, all policies must pass
    • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

GET /stages/user_write/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > UserWriteStage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

POST /stages/prompt/prompts/

Request:

Changed content type : application/json

• Added property initial_value (string)

  Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices.

• Added property initial_value_expression (boolean)

• Changed property placeholder (string)

  Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices.

• Changed property promptstage_set (array)

  Changed items (object): > Stage Serializer

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property policy_engine_mode (string)

      • all - all, all policies must pass
      • any - any, any policy must pass

Return Type:

Changed response : 201 Created

• Changed content type : application/json

  • Added property initial_value (string)

    Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices.

  • Added property initial_value_expression (boolean)

  • Changed property placeholder (string)

    Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices.

  • Changed property promptstage_set (array)

    Changed items (object): > Stage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property policy_engine_mode (string)

        • all - all, all policies must pass
        • any - any, any policy must pass

GET /stages/prompt/prompts/

Return Type:

Changed response : 200 OK

• Changed content type : application/json

  • Changed property results (array)

    Changed items (object): > Prompt Serializer

    • Added property initial_value (string)

      Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices.

    • Added property initial_value_expression (boolean)

    • Changed property placeholder (string)

      Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices.

    • Changed property promptstage_set (array)

      Changed items (object): > Stage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property policy_engine_mode (string)

          • all - all, all policies must pass
          • any - any, any policy must pass