diff --git a/.github/workflows/api-py-publish.yml b/.github/workflows/api-py-publish.yml
new file mode 100644
index 0000000000..79a1d274e0
--- /dev/null
+++ b/.github/workflows/api-py-publish.yml
@@ -0,0 +1,65 @@
+name: authentik-api-py-publish
+on:
+ push:
+ branches: [main]
+ paths:
+ - "schema.yml"
+ workflow_dispatch:
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ permissions:
+ id-token: write
+ steps:
+ - id: generate_token
+ uses: tibdex/github-app-token@v2
+ with:
+ app_id: ${{ secrets.GH_APP_ID }}
+ private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}
+ - uses: actions/checkout@v4
+ with:
+ token: ${{ steps.generate_token.outputs.token }}
+ - name: Install poetry & deps
+ shell: bash
+ run: |
+ pipx install poetry || true
+ sudo apt-get update
+ sudo apt-get install --no-install-recommends -y libpq-dev openssl libxmlsec1-dev pkg-config gettext
+ - name: Setup python and restore poetry
+ uses: actions/setup-python@v5
+ with:
+ python-version-file: "pyproject.toml"
+ cache: "poetry"
+ - name: Generate API Client
+ run: make gen-client-py
+ - name: Publish package
+ working-directory: gen-py-api/
+ run: |
+ poetry build
+ - name: Publish package to PyPI
+ uses: pypa/gh-action-pypi-publish@release/v1
+ with:
+ packages-dir: gen-py-api/dist/
+ # We can't easily upgrade the API client being used due to poetry being poetry
+ # so we'll have to rely on dependabot
+ # - name: Upgrade /
+ # run: |
+ # export VERSION=$(cd gen-py-api && poetry version -s)
+ # poetry add "authentik_client=$VERSION" --allow-prereleases --lock
+ # - uses: peter-evans/create-pull-request@v6
+ # id: cpr
+ # with:
+ # token: ${{ steps.generate_token.outputs.token }}
+ # branch: update-root-api-client
+ # commit-message: "root: bump API Client version"
+ # title: "root: bump API Client version"
+ # body: "root: bump API Client version"
+ # delete-branch: true
+ # signoff: true
+ # # ID from https://api.github.com/users/authentik-automation[bot]
+ # author: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
+ # - uses: peter-evans/enable-pull-request-automerge@v3
+ # with:
+ # token: ${{ steps.generate_token.outputs.token }}
+ # pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
+ # merge-method: squash
diff --git a/.github/workflows/web-api-publish.yml b/.github/workflows/api-ts-publish.yml
similarity index 98%
rename from .github/workflows/web-api-publish.yml
rename to .github/workflows/api-ts-publish.yml
index 7e63c50ac0..8920a0b602 100644
--- a/.github/workflows/web-api-publish.yml
+++ b/.github/workflows/api-ts-publish.yml
@@ -1,4 +1,4 @@
-name: authentik-web-api-publish
+name: authentik-api-ts-publish
on:
push:
branches: [main]
diff --git a/Dockerfile b/Dockerfile
index 216cb62808..d00c03b90f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -38,7 +38,7 @@ COPY ./gen-ts-api /work/web/node_modules/@goauthentik/api
RUN npm run build
# Stage 3: Build go proxy
-FROM --platform=${BUILDPLATFORM} docker.io/golang:1.22.1-bookworm AS go-builder
+FROM --platform=${BUILDPLATFORM} docker.io/golang:1.22.2-bookworm AS go-builder
ARG TARGETOS
ARG TARGETARCH
diff --git a/Makefile b/Makefile
index 8bc4e70b50..4cc73e0c8c 100644
--- a/Makefile
+++ b/Makefile
@@ -9,6 +9,7 @@ PY_SOURCES = authentik tests scripts lifecycle .github
DOCKER_IMAGE ?= "authentik:test"
GEN_API_TS = "gen-ts-api"
+GEN_API_PY = "gen-py-api"
GEN_API_GO = "gen-go-api"
pg_user := $(shell python -m authentik.lib.config postgresql.user 2>/dev/null)
@@ -137,7 +138,10 @@ gen-clean-ts: ## Remove generated API client for Typescript
gen-clean-go: ## Remove generated API client for Go
rm -rf ./${GEN_API_GO}/
-gen-clean: gen-clean-ts gen-clean-go ## Remove generated API clients
+gen-clean-py: ## Remove generated API client for Python
+ rm -rf ./${GEN_API_PY}/
+
+gen-clean: gen-clean-ts gen-clean-go gen-clean-py ## Remove generated API clients
gen-client-ts: gen-clean-ts ## Build and install the authentik API for Typescript into the authentik UI Application
docker run \
@@ -155,6 +159,20 @@ gen-client-ts: gen-clean-ts ## Build and install the authentik API for Typescri
cd ./${GEN_API_TS} && npm i
\cp -rf ./${GEN_API_TS}/* web/node_modules/@goauthentik/api
+gen-client-py: gen-clean-py ## Build and install the authentik API for Python
+ docker run \
+ --rm -v ${PWD}:/local \
+ --user ${UID}:${GID} \
+ docker.io/openapitools/openapi-generator-cli:v7.4.0 generate \
+ -i /local/schema.yml \
+ -g python \
+ -o /local/${GEN_API_PY} \
+ -c /local/scripts/api-py-config.yaml \
+ --additional-properties=packageVersion=${NPM_VERSION} \
+ --git-repo-id authentik \
+ --git-user-id goauthentik
+ pip install ./${GEN_API_PY}
+
gen-client-go: gen-clean-go ## Build and install the authentik API for Golang
mkdir -p ./${GEN_API_GO} ./${GEN_API_GO}/templates
wget https://raw.githubusercontent.com/goauthentik/client-go/main/config.yaml -O ./${GEN_API_GO}/config.yaml
diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py
index 9a8b49ab2a..8532dee2e7 100644
--- a/authentik/core/api/users.py
+++ b/authentik/core/api/users.py
@@ -85,7 +85,7 @@ class UserGroupSerializer(ModelSerializer):
"""Simplified Group Serializer for user's groups"""
attributes = JSONDictField(required=False)
- parent_name = CharField(source="parent.name", read_only=True)
+ parent_name = CharField(source="parent.name", read_only=True, allow_null=True)
class Meta:
model = Group
diff --git a/authentik/root/settings.py b/authentik/root/settings.py
index 4870b278a5..a5683de80b 100644
--- a/authentik/root/settings.py
+++ b/authentik/root/settings.py
@@ -156,6 +156,7 @@ SPECTACULAR_SETTINGS = {
"UserTypeEnum": "authentik.core.models.UserTypes",
},
"ENUM_ADD_EXPLICIT_BLANK_NULL_CHOICE": False,
+ "ENUM_GENERATE_CHOICE_DESCRIPTION": False,
"POSTPROCESSING_HOOKS": [
"authentik.api.schema.postprocess_schema_responses",
"drf_spectacular.hooks.postprocess_schema_enums",
diff --git a/blueprints/default/flow-default-user-settings-flow.yaml b/blueprints/default/flow-default-user-settings-flow.yaml
index 978f634f85..06d8b17ae9 100644
--- a/blueprints/default/flow-default-user-settings-flow.yaml
+++ b/blueprints/default/flow-default-user-settings-flow.yaml
@@ -22,7 +22,7 @@ entries:
return ''
initial_value_expression: true
required: true
- type: text
+ type: username
field_key: username
label: Username
identifiers:
diff --git a/ldap.Dockerfile b/ldap.Dockerfile
index 9fda028a2e..22eac7c202 100644
--- a/ldap.Dockerfile
+++ b/ldap.Dockerfile
@@ -1,7 +1,7 @@
# syntax=docker/dockerfile:1
# Stage 1: Build
-FROM --platform=${BUILDPLATFORM} docker.io/golang:1.22.1-bookworm AS builder
+FROM --platform=${BUILDPLATFORM} docker.io/golang:1.22.2-bookworm AS builder
ARG TARGETOS
ARG TARGETARCH
diff --git a/locale/zh-Hans/LC_MESSAGES/django.po b/locale/zh-Hans/LC_MESSAGES/django.po
index edfc6001ba..069f6ab41d 100644
--- a/locale/zh-Hans/LC_MESSAGES/django.po
+++ b/locale/zh-Hans/LC_MESSAGES/django.po
@@ -14,7 +14,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-03-05 00:07+0000\n"
+"POT-Creation-Date: 2024-04-01 23:02+0000\n"
"PO-Revision-Date: 2022-09-26 16:47+0000\n"
"Last-Translator: deluxghost, 2024\n"
"Language-Team: Chinese Simplified (https://app.transifex.com/authentik/teams/119923/zh-Hans/)\n"
@@ -468,6 +468,20 @@ msgstr "已达到最大连接数。"
msgid "(You are already connected in another tab/window)"
msgstr "(您已经在另一个标签页/窗口连接了)"
+#: authentik/enterprise/stages/source/models.py
+msgid ""
+"Amount of time a user can take to return from the source to continue the "
+"flow (Format: hours=-1;minutes=-2;seconds=-3)"
+msgstr "用户从源返回并继续流程可以消耗的时间(格式:hours=-1;minutes=-2;seconds=-3)"
+
+#: authentik/enterprise/stages/source/models.py
+msgid "Source Stage"
+msgstr "源阶段"
+
+#: authentik/enterprise/stages/source/models.py
+msgid "Source Stages"
+msgstr "源阶段"
+
#: authentik/events/api/tasks.py
#, python-brace-format
msgid "Successfully started task {name}."
@@ -1772,6 +1786,10 @@ msgstr "将与此过滤器匹配的对象视为组。"
msgid "Field which contains a unique Identifier."
msgstr "包含唯一标识符的字段。"
+#: authentik/sources/ldap/models.py
+msgid "Update internal authentik password when login succeeds with LDAP"
+msgstr "使用 LDAP 登录成功时更新内部 authentik 密码"
+
#: authentik/sources/ldap/models.py
msgid ""
"When a user changes their password, sync it back to LDAP. This can only be "
@@ -2199,8 +2217,10 @@ msgid "TOTP Devices"
msgstr "TOTP 设备"
#: authentik/stages/authenticator_validate/challenge.py
-msgid "Invalid Token"
-msgstr "无效令牌"
+msgid ""
+"Invalid Token. Please ensure the time on your device is accurate and try "
+"again."
+msgstr "无效的令牌。请确保设备上的时间准确并重试。"
#: authentik/stages/authenticator_validate/models.py
msgid "Static"
diff --git a/locale/zh_CN/LC_MESSAGES/django.po b/locale/zh_CN/LC_MESSAGES/django.po
index d424cc0c1e..4cd76cff06 100644
--- a/locale/zh_CN/LC_MESSAGES/django.po
+++ b/locale/zh_CN/LC_MESSAGES/django.po
@@ -14,7 +14,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-03-05 00:07+0000\n"
+"POT-Creation-Date: 2024-04-01 23:02+0000\n"
"PO-Revision-Date: 2022-09-26 16:47+0000\n"
"Last-Translator: deluxghost, 2024\n"
"Language-Team: Chinese (China) (https://app.transifex.com/authentik/teams/119923/zh_CN/)\n"
@@ -468,6 +468,20 @@ msgstr "已达到最大连接数。"
msgid "(You are already connected in another tab/window)"
msgstr "(您已经在另一个标签页/窗口连接了)"
+#: authentik/enterprise/stages/source/models.py
+msgid ""
+"Amount of time a user can take to return from the source to continue the "
+"flow (Format: hours=-1;minutes=-2;seconds=-3)"
+msgstr "用户从源返回并继续流程可以消耗的时间(格式:hours=-1;minutes=-2;seconds=-3)"
+
+#: authentik/enterprise/stages/source/models.py
+msgid "Source Stage"
+msgstr "源阶段"
+
+#: authentik/enterprise/stages/source/models.py
+msgid "Source Stages"
+msgstr "源阶段"
+
#: authentik/events/api/tasks.py
#, python-brace-format
msgid "Successfully started task {name}."
@@ -1772,6 +1786,10 @@ msgstr "将与此过滤器匹配的对象视为组。"
msgid "Field which contains a unique Identifier."
msgstr "包含唯一标识符的字段。"
+#: authentik/sources/ldap/models.py
+msgid "Update internal authentik password when login succeeds with LDAP"
+msgstr "使用 LDAP 登录成功时更新内部 authentik 密码"
+
#: authentik/sources/ldap/models.py
msgid ""
"When a user changes their password, sync it back to LDAP. This can only be "
@@ -2199,8 +2217,10 @@ msgid "TOTP Devices"
msgstr "TOTP 设备"
#: authentik/stages/authenticator_validate/challenge.py
-msgid "Invalid Token"
-msgstr "无效令牌"
+msgid ""
+"Invalid Token. Please ensure the time on your device is accurate and try "
+"again."
+msgstr "无效的令牌。请确保设备上的时间准确并重试。"
#: authentik/stages/authenticator_validate/models.py
msgid "Static"
diff --git a/poetry.lock b/poetry.lock
index 8f68aeef2a..b8fac87a1e 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -677,19 +677,19 @@ pycparser = "*"
[[package]]
name = "channels"
-version = "4.0.0"
+version = "4.1.0"
description = "Brings async, event-driven capabilities to Django 3.2 and up."
optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.8"
files = [
- {file = "channels-4.0.0-py3-none-any.whl", hash = "sha256:2253334ac76f67cba68c2072273f7e0e67dbdac77eeb7e318f511d2f9a53c5e4"},
- {file = "channels-4.0.0.tar.gz", hash = "sha256:0ce53507a7da7b148eaa454526e0e05f7da5e5d1c23440e4886cf146981d8420"},
+ {file = "channels-4.1.0-py3-none-any.whl", hash = "sha256:a3c4419307f582c3f71d67bfb6eff748ae819c2f360b9b141694d84f242baa48"},
+ {file = "channels-4.1.0.tar.gz", hash = "sha256:e0ed375719f5c1851861f05ed4ce78b0166f9245ca0ecd836cb77d4bb531489d"},
]
[package.dependencies]
-asgiref = ">=3.5.0,<4"
+asgiref = ">=3.6.0,<4"
daphne = {version = ">=4.0.0", optional = true, markers = "extra == \"daphne\""}
-Django = ">=3.2"
+Django = ">=4.2"
[package.extras]
daphne = ["daphne (>=4.0.0)"]
@@ -1122,13 +1122,13 @@ files = [
[[package]]
name = "django"
-version = "5.0.3"
+version = "5.0.4"
description = "A high-level Python web framework that encourages rapid development and clean, pragmatic design."
optional = false
python-versions = ">=3.10"
files = [
- {file = "Django-5.0.3-py3-none-any.whl", hash = "sha256:5c7d748ad113a81b2d44750ccc41edc14e933f56581683db548c9257e078cc83"},
- {file = "Django-5.0.3.tar.gz", hash = "sha256:5fb37580dcf4a262f9258c1f4373819aacca906431f505e4688e37f3a99195df"},
+ {file = "Django-5.0.4-py3-none-any.whl", hash = "sha256:916423499d75d62da7aa038d19aef23d23498d8df229775eb0a6309ee1013775"},
+ {file = "Django-5.0.4.tar.gz", hash = "sha256:4bd01a8c830bb77a8a3b0e7d8b25b887e536ad17a81ba2dce5476135c73312bd"},
]
[package.dependencies]
@@ -3568,13 +3568,13 @@ urllib3 = {version = ">=1.26,<3", extras = ["socks"]}
[[package]]
name = "sentry-sdk"
-version = "1.44.0"
+version = "1.44.1"
description = "Python client for Sentry (https://sentry.io)"
optional = false
python-versions = "*"
files = [
- {file = "sentry-sdk-1.44.0.tar.gz", hash = "sha256:f7125a9235795811962d52ff796dc032cd1d0dd98b59beaced8380371cd9c13c"},
- {file = "sentry_sdk-1.44.0-py2.py3-none-any.whl", hash = "sha256:eb65289da013ca92fad2694851ad2f086aa3825e808dc285bd7dcaf63602bb18"},
+ {file = "sentry-sdk-1.44.1.tar.gz", hash = "sha256:24e6a53eeabffd2f95d952aa35ca52f0f4201d17f820ac9d3ff7244c665aaf68"},
+ {file = "sentry_sdk-1.44.1-py2.py3-none-any.whl", hash = "sha256:5f75eb91d8ab6037c754a87b8501cc581b2827e923682f593bed3539ce5b3999"},
]
[package.dependencies]
diff --git a/proxy.Dockerfile b/proxy.Dockerfile
index 308e644809..83ece130e5 100644
--- a/proxy.Dockerfile
+++ b/proxy.Dockerfile
@@ -17,7 +17,7 @@ COPY web .
RUN npm run build-proxy
# Stage 2: Build
-FROM --platform=${BUILDPLATFORM} docker.io/golang:1.22.1-bookworm AS builder
+FROM --platform=${BUILDPLATFORM} docker.io/golang:1.22.2-bookworm AS builder
ARG TARGETOS
ARG TARGETARCH
diff --git a/rac.Dockerfile b/rac.Dockerfile
index 58cea8dd7a..e5ae4b2aff 100644
--- a/rac.Dockerfile
+++ b/rac.Dockerfile
@@ -1,7 +1,7 @@
# syntax=docker/dockerfile:1
# Stage 1: Build
-FROM docker.io/golang:1.22.1-bookworm AS builder
+FROM docker.io/golang:1.22.2-bookworm AS builder
WORKDIR /go/src/goauthentik.io
diff --git a/radius.Dockerfile b/radius.Dockerfile
index ff4e2f20d0..c46097375a 100644
--- a/radius.Dockerfile
+++ b/radius.Dockerfile
@@ -1,7 +1,7 @@
# syntax=docker/dockerfile:1
# Stage 1: Build
-FROM --platform=${BUILDPLATFORM} docker.io/golang:1.22.1-bookworm AS builder
+FROM --platform=${BUILDPLATFORM} docker.io/golang:1.22.2-bookworm AS builder
ARG TARGETOS
ARG TARGETARCH
diff --git a/schema.yml b/schema.yml
index 01b43f6e52..af9e37b04e 100644
--- a/schema.yml
+++ b/schema.yml
@@ -4006,11 +4006,6 @@ paths:
- app_password
- recovery
- verification
- description: |-
- * `verification` - Intent Verification
- * `api` - Intent Api
- * `recovery` - Intent Recovery
- * `app_password` - Intent App Password
- in: query
name: managed
schema:
@@ -4618,11 +4613,6 @@ paths:
- internal
- internal_service_account
- service_account
- description: |-
- * `internal` - Internal
- * `external` - External
- * `service_account` - Service Account
- * `internal_service_account` - Internal Service Account
explode: true
style: form
- in: query
@@ -6393,10 +6383,6 @@ paths:
- alert
- notice
- warning
- description: |-
- * `notice` - Notice
- * `warning` - Warning
- * `alert` - Alert
- in: query
name: user
schema:
@@ -6672,12 +6658,9 @@ paths:
- alert
- notice
- warning
- description: |-
+ description: |+
Controls which severity level the created notifications will have.
- * `notice` - Notice
- * `warning` - Warning
- * `alert` - Alert
tags:
- events
security:
@@ -6956,11 +6939,6 @@ paths:
- successful
- unknown
- warning
- description: |-
- * `unknown` - Unknown
- * `successful` - Successful
- * `warning` - Warning
- * `error` - Error
- in: query
name: uid
schema:
@@ -7072,11 +7050,6 @@ paths:
- local
- webhook
- webhook_slack
- description: |-
- * `local` - authentik inbuilt notifications
- * `webhook` - Generic Webhook
- * `webhook_slack` - Slack Webhook (Slack/Discord)
- * `email` - Email
- in: query
name: name
schema:
@@ -7410,12 +7383,9 @@ paths:
- restart
- restart_with_context
- retry
- description: |-
+ description: |+
Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
- * `retry` - Retry
- * `restart` - Restart
- * `restart_with_context` - Restart With Context
- in: query
name: order
schema:
@@ -7459,9 +7429,6 @@ paths:
enum:
- all
- any
- description: |-
- * `all` - all, all policies must pass
- * `any` - any, any policy must pass
- in: query
name: re_evaluate_policies
schema:
@@ -7845,12 +7812,9 @@ paths:
- continue
- message
- message_continue
- description: |-
+ description: |+
Configure what should happen when a flow denies access to a user.
- * `message_continue` - Message Continue
- * `message` - Message
- * `continue` - Continue
- in: query
name: designation
schema:
@@ -7863,16 +7827,9 @@ paths:
- recovery
- stage_configuration
- unenrollment
- description: |-
+ description: |+
Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
- * `authentication` - Authentication
- * `authorization` - Authorization
- * `invalidation` - Invalidation
- * `enrollment` - Enrollment
- * `unenrollment` - Unrenollment
- * `recovery` - Recovery
- * `stage_configuration` - Stage Configuration
- in: query
name: flow_uuid
schema:
@@ -11573,36 +11530,9 @@ paths:
- system_task_execution
- update_available
- user_write
- description: |-
+ description: |+
Match created events with this action type. When left empty, all action types will be matched.
- * `login` - Login
- * `login_failed` - Login Failed
- * `logout` - Logout
- * `user_write` - User Write
- * `suspicious_request` - Suspicious Request
- * `password_set` - Password Set
- * `secret_view` - Secret View
- * `secret_rotate` - Secret Rotate
- * `invitation_used` - Invite Used
- * `authorize_application` - Authorize Application
- * `source_linked` - Source Linked
- * `impersonation_started` - Impersonation Started
- * `impersonation_ended` - Impersonation Ended
- * `flow_execution` - Flow Execution
- * `policy_execution` - Policy Execution
- * `policy_exception` - Policy Exception
- * `property_mapping_exception` - Property Mapping Exception
- * `system_task_execution` - System Task Execution
- * `system_task_exception` - System Task Exception
- * `system_exception` - System Exception
- * `configuration_error` - Configuration Error
- * `model_created` - Model Created
- * `model_updated` - Model Updated
- * `model_deleted` - Model Deleted
- * `email_sent` - Email Sent
- * `update_available` - Update Available
- * `custom_` - Custom Prefix
- in: query
name: app
schema:
@@ -15745,11 +15675,9 @@ paths:
enum:
- confidential
- public
- description: |-
+ description: |+
Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
- * `confidential` - Confidential
- * `public` - Public
- in: query
name: include_claims_in_id_token
schema:
@@ -15761,11 +15689,9 @@ paths:
enum:
- global
- per_provider
- description: |-
+ description: |+
Configure how the issuer field of the ID Token should be filled.
- * `global` - Same identifier is used for all providers
- * `per_provider` - Each provider has a different issuer, based on the application slug.
- in: query
name: name
schema:
@@ -15827,15 +15753,9 @@ paths:
- user_upn
- user_username
- user_uuid
- description: |-
+ description: |+
Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
- * `hashed_user_id` - Based on the Hashed User ID
- * `user_id` - Based on user ID
- * `user_uuid` - Based on user UUID
- * `user_username` - Based on the username
- * `user_email` - Based on the User's Email. This is recommended over the UPN method.
- * `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
tags:
- providers
security:
@@ -17060,11 +16980,6 @@ paths:
- http://www.w3.org/2001/04/xmldsig-more#sha384
- http://www.w3.org/2001/04/xmlenc#sha256
- http://www.w3.org/2001/04/xmlenc#sha512
- description: |-
- * `http://www.w3.org/2000/09/xmldsig#sha1` - SHA1
- * `http://www.w3.org/2001/04/xmlenc#sha256` - SHA256
- * `http://www.w3.org/2001/04/xmldsig-more#sha384` - SHA384
- * `http://www.w3.org/2001/04/xmlenc#sha512` - SHA512
- in: query
name: is_backchannel
schema:
@@ -17129,12 +17044,6 @@ paths:
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
- description: |-
- * `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - RSA-SHA1
- * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - RSA-SHA256
- * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - RSA-SHA384
- * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - RSA-SHA512
- * `http://www.w3.org/2000/09/xmldsig#dsa-sha1` - DSA-SHA1
- in: query
name: signing_kp
schema:
@@ -17148,11 +17057,9 @@ paths:
enum:
- post
- redirect
- description: |-
+ description: |+
This determines how authentik sends the response back to the Service Provider.
- * `redirect` - Redirect
- * `post` - Post
- in: query
name: verification_kp
schema:
@@ -18518,82 +18425,6 @@ paths:
- authentik_stages_user_logout.userlogoutstage
- authentik_stages_user_write.userwritestage
- authentik_tenants.domain
- description: |-
- * `authentik_tenants.domain` - Domain
- * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
- * `authentik_flows.flow` - Flow
- * `authentik_flows.flowstagebinding` - Flow Stage Binding
- * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
- * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
- * `authentik_outposts.outpost` - Outpost
- * `authentik_policies_dummy.dummypolicy` - Dummy Policy
- * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
- * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
- * `authentik_policies_expression.expressionpolicy` - Expression Policy
- * `authentik_policies_password.passwordpolicy` - Password Policy
- * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
- * `authentik_policies.policybinding` - Policy Binding
- * `authentik_providers_ldap.ldapprovider` - LDAP Provider
- * `authentik_providers_oauth2.scopemapping` - Scope Mapping
- * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
- * `authentik_providers_proxy.proxyprovider` - Proxy Provider
- * `authentik_providers_radius.radiusprovider` - Radius Provider
- * `authentik_providers_saml.samlprovider` - SAML Provider
- * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
- * `authentik_providers_scim.scimprovider` - SCIM Provider
- * `authentik_providers_scim.scimmapping` - SCIM Mapping
- * `authentik_rbac.role` - Role
- * `authentik_sources_ldap.ldapsource` - LDAP Source
- * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
- * `authentik_sources_oauth.oauthsource` - OAuth Source
- * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
- * `authentik_sources_plex.plexsource` - Plex Source
- * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
- * `authentik_sources_saml.samlsource` - SAML Source
- * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
- * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
- * `authentik_stages_authenticator_duo.duodevice` - Duo Device
- * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
- * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
- * `authentik_stages_authenticator_static.staticdevice` - Static Device
- * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
- * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
- * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
- * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
- * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
- * `authentik_stages_captcha.captchastage` - Captcha Stage
- * `authentik_stages_consent.consentstage` - Consent Stage
- * `authentik_stages_consent.userconsent` - User Consent
- * `authentik_stages_deny.denystage` - Deny Stage
- * `authentik_stages_dummy.dummystage` - Dummy Stage
- * `authentik_stages_email.emailstage` - Email Stage
- * `authentik_stages_identification.identificationstage` - Identification Stage
- * `authentik_stages_invitation.invitationstage` - Invitation Stage
- * `authentik_stages_invitation.invitation` - Invitation
- * `authentik_stages_password.passwordstage` - Password Stage
- * `authentik_stages_prompt.prompt` - Prompt
- * `authentik_stages_prompt.promptstage` - Prompt Stage
- * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
- * `authentik_stages_user_login.userloginstage` - User Login Stage
- * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
- * `authentik_stages_user_write.userwritestage` - User Write Stage
- * `authentik_brands.brand` - Brand
- * `authentik_blueprints.blueprintinstance` - Blueprint Instance
- * `authentik_core.group` - Group
- * `authentik_core.user` - User
- * `authentik_core.application` - Application
- * `authentik_core.token` - Token
- * `authentik_enterprise.license` - License
- * `authentik_providers_rac.racprovider` - RAC Provider
- * `authentik_providers_rac.endpoint` - RAC Endpoint
- * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
- * `authentik_stages_source.sourcestage` - Source Stage
- * `authentik_events.event` - Event
- * `authentik_events.notificationtransport` - Notification Transport
- * `authentik_events.notification` - Notification
- * `authentik_events.notificationrule` - Notification Rule
- * `authentik_events.notificationwebhookmapping` - Webhook Mapping
required: true
- in: query
name: object_pk
@@ -18808,82 +18639,6 @@ paths:
- authentik_stages_user_logout.userlogoutstage
- authentik_stages_user_write.userwritestage
- authentik_tenants.domain
- description: |-
- * `authentik_tenants.domain` - Domain
- * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
- * `authentik_flows.flow` - Flow
- * `authentik_flows.flowstagebinding` - Flow Stage Binding
- * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
- * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
- * `authentik_outposts.outpost` - Outpost
- * `authentik_policies_dummy.dummypolicy` - Dummy Policy
- * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
- * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
- * `authentik_policies_expression.expressionpolicy` - Expression Policy
- * `authentik_policies_password.passwordpolicy` - Password Policy
- * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
- * `authentik_policies.policybinding` - Policy Binding
- * `authentik_providers_ldap.ldapprovider` - LDAP Provider
- * `authentik_providers_oauth2.scopemapping` - Scope Mapping
- * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
- * `authentik_providers_proxy.proxyprovider` - Proxy Provider
- * `authentik_providers_radius.radiusprovider` - Radius Provider
- * `authentik_providers_saml.samlprovider` - SAML Provider
- * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
- * `authentik_providers_scim.scimprovider` - SCIM Provider
- * `authentik_providers_scim.scimmapping` - SCIM Mapping
- * `authentik_rbac.role` - Role
- * `authentik_sources_ldap.ldapsource` - LDAP Source
- * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
- * `authentik_sources_oauth.oauthsource` - OAuth Source
- * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
- * `authentik_sources_plex.plexsource` - Plex Source
- * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
- * `authentik_sources_saml.samlsource` - SAML Source
- * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
- * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
- * `authentik_stages_authenticator_duo.duodevice` - Duo Device
- * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
- * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
- * `authentik_stages_authenticator_static.staticdevice` - Static Device
- * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
- * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
- * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
- * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
- * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
- * `authentik_stages_captcha.captchastage` - Captcha Stage
- * `authentik_stages_consent.consentstage` - Consent Stage
- * `authentik_stages_consent.userconsent` - User Consent
- * `authentik_stages_deny.denystage` - Deny Stage
- * `authentik_stages_dummy.dummystage` - Dummy Stage
- * `authentik_stages_email.emailstage` - Email Stage
- * `authentik_stages_identification.identificationstage` - Identification Stage
- * `authentik_stages_invitation.invitationstage` - Invitation Stage
- * `authentik_stages_invitation.invitation` - Invitation
- * `authentik_stages_password.passwordstage` - Password Stage
- * `authentik_stages_prompt.prompt` - Prompt
- * `authentik_stages_prompt.promptstage` - Prompt Stage
- * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
- * `authentik_stages_user_login.userloginstage` - User Login Stage
- * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
- * `authentik_stages_user_write.userwritestage` - User Write Stage
- * `authentik_brands.brand` - Brand
- * `authentik_blueprints.blueprintinstance` - Blueprint Instance
- * `authentik_core.group` - Group
- * `authentik_core.user` - User
- * `authentik_core.application` - Application
- * `authentik_core.token` - Token
- * `authentik_enterprise.license` - License
- * `authentik_providers_rac.racprovider` - RAC Provider
- * `authentik_providers_rac.endpoint` - RAC Endpoint
- * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
- * `authentik_stages_source.sourcestage` - Source Stage
- * `authentik_events.event` - Event
- * `authentik_events.notificationtransport` - Notification Transport
- * `authentik_events.notification` - Notification
- * `authentik_events.notificationrule` - Notification Rule
- * `authentik_events.notificationwebhookmapping` - Webhook Mapping
required: true
- in: query
name: object_pk
@@ -20364,9 +20119,6 @@ paths:
enum:
- all
- any
- description: |-
- * `all` - all, all policies must pass
- * `any` - any, any policy must pass
- in: query
name: profile_url
schema:
@@ -20399,14 +20151,9 @@ paths:
- identifier
- username_deny
- username_link
- description: |-
+ description: |+
How the source determines if an existing user should be authenticated or a new user enrolled.
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
tags:
- sources
security:
@@ -20730,9 +20477,6 @@ paths:
enum:
- all
- any
- description: |-
- * `all` - all, all policies must pass
- * `any` - any, any policy must pass
- name: search
required: false
in: query
@@ -20753,14 +20497,9 @@ paths:
- identifier
- username_deny
- username_link
- description: |-
+ description: |+
How the source determines if an existing user should be authenticated or a new user enrolled.
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
tags:
- sources
security:
@@ -21073,10 +20812,6 @@ paths:
- POST
- POST_AUTO
- REDIRECT
- description: |-
- * `REDIRECT` - Redirect Binding
- * `POST` - POST Binding
- * `POST_AUTO` - POST Binding with auto-confirmation
- in: query
name: digest_algorithm
schema:
@@ -21086,11 +20821,6 @@ paths:
- http://www.w3.org/2001/04/xmldsig-more#sha384
- http://www.w3.org/2001/04/xmlenc#sha256
- http://www.w3.org/2001/04/xmlenc#sha512
- description: |-
- * `http://www.w3.org/2000/09/xmldsig#sha1` - SHA1
- * `http://www.w3.org/2001/04/xmlenc#sha256` - SHA256
- * `http://www.w3.org/2001/04/xmldsig-more#sha384` - SHA384
- * `http://www.w3.org/2001/04/xmlenc#sha512` - SHA512
- in: query
name: enabled
schema:
@@ -21122,14 +20852,9 @@ paths:
- urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName
- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
- description: |-
+ description: |+
NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
- * `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
- name: ordering
required: false
in: query
@@ -21155,9 +20880,6 @@ paths:
enum:
- all
- any
- description: |-
- * `all` - all, all policies must pass
- * `any` - any, any policy must pass
- in: query
name: pre_authentication_flow
schema:
@@ -21179,12 +20901,6 @@ paths:
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
- description: |-
- * `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - RSA-SHA1
- * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - RSA-SHA256
- * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - RSA-SHA384
- * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - RSA-SHA512
- * `http://www.w3.org/2000/09/xmldsig#dsa-sha1` - DSA-SHA1
- in: query
name: signing_kp
schema:
@@ -21216,14 +20932,9 @@ paths:
- identifier
- username_deny
- username_link
- description: |-
+ description: |+
How the source determines if an existing user should be authenticated or a new user enrolled.
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
- in: query
name: verification_kp
schema:
@@ -23128,9 +22839,6 @@ paths:
enum:
- basic
- bearer
- description: |-
- * `basic` - Basic
- * `bearer` - Bearer
- in: query
name: configure_flow
schema:
@@ -23178,9 +22886,6 @@ paths:
enum:
- generic
- twilio
- description: |-
- * `twilio` - Twilio
- * `generic` - Generic
- name: search
required: false
in: query
@@ -23740,9 +23445,6 @@ paths:
enum:
- '6'
- '8'
- description: |-
- * `6` - 6 digits, widely compatible
- * `8` - 8 digits, not compatible with apps like Google Authenticator
- in: query
name: friendly_name
schema:
@@ -24042,10 +23744,6 @@ paths:
- configure
- deny
- skip
- description: |-
- * `skip` - Skip
- * `deny` - Deny
- * `configure` - Configure
- name: ordering
required: false
in: query
@@ -24319,9 +24017,6 @@ paths:
enum:
- cross-platform
- platform
- description: |-
- * `platform` - Platform
- * `cross-platform` - Cross Platform
- in: query
name: configure_flow
schema:
@@ -24361,10 +24056,6 @@ paths:
- discouraged
- preferred
- required
- description: |-
- * `discouraged` - Discouraged
- * `preferred` - Preferred
- * `required` - Required
- name: search
required: false
in: query
@@ -24384,10 +24075,6 @@ paths:
- discouraged
- preferred
- required
- description: |-
- * `required` - Required
- * `preferred` - Preferred
- * `discouraged` - Discouraged
tags:
- stages
security:
@@ -24914,10 +24601,6 @@ paths:
- always_require
- expiring
- permanent
- description: |-
- * `always_require` - Always Require
- * `permanent` - Permanent
- * `expiring` - Expiring
- in: query
name: name
schema:
@@ -27300,25 +26983,6 @@ paths:
- text_area_read_only
- text_read_only
- username
- description: |-
- * `text` - Text: Simple Text input
- * `text_area` - Text area: Multiline Text Input.
- * `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
- * `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
- * `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
- * `email` - Email: Text field with Email type.
- * `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
- * `number` - Number
- * `checkbox` - Checkbox
- * `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
- * `dropdown` - Fixed choice field rendered as a dropdown.
- * `date` - Date
- * `date-time` - Date Time
- * `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
- * `separator` - Separator: Static Separator Line
- * `hidden` - Hidden: Hidden field, can be used to insert data into form.
- * `static` - Static: Static value, displayed as-is.
- * `ak-locale` - authentik: Selection of locales authentik supports
tags:
- stages
security:
@@ -28451,13 +28115,9 @@ paths:
- bind_continent_country
- bind_continent_country_city
- no_binding
- description: |-
+ description: |+
Bind sessions created by this stage to the configured GeoIP location
- * `no_binding` - No Binding
- * `bind_continent` - Bind Continent
- * `bind_continent_country` - Bind Continent Country
- * `bind_continent_country_city` - Bind Continent Country City
- in: query
name: name
schema:
@@ -28471,13 +28131,9 @@ paths:
- bind_asn_network
- bind_asn_network_ip
- no_binding
- description: |-
+ description: |+
Bind sessions created by this stage to the configured network
- * `no_binding` - No Binding
- * `bind_asn` - Bind Asn
- * `bind_asn_network` - Bind Asn Network
- * `bind_asn_network_ip` - Bind Asn Network Ip
- name: ordering
required: false
in: query
@@ -29084,10 +28740,6 @@ paths:
- always_create
- create_when_required
- never_create
- description: |-
- * `never_create` - Never Create
- * `create_when_required` - Create When Required
- * `always_create` - Always Create
- in: query
name: user_path_template
schema:
@@ -29101,11 +28753,6 @@ paths:
- internal
- internal_service_account
- service_account
- description: |-
- * `internal` - Internal
- * `external` - External
- * `service_account` - Service Account
- * `internal_service_account` - Internal Service Account
tags:
- stages
security:
@@ -29936,60 +29583,6 @@ components:
- authentik.enterprise.stages.source
- authentik.events
type: string
- description: |-
- * `authentik.tenants` - authentik Tenants
- * `authentik.admin` - authentik Admin
- * `authentik.api` - authentik API
- * `authentik.crypto` - authentik Crypto
- * `authentik.flows` - authentik Flows
- * `authentik.outposts` - authentik Outpost
- * `authentik.policies.dummy` - authentik Policies.Dummy
- * `authentik.policies.event_matcher` - authentik Policies.Event Matcher
- * `authentik.policies.expiry` - authentik Policies.Expiry
- * `authentik.policies.expression` - authentik Policies.Expression
- * `authentik.policies.password` - authentik Policies.Password
- * `authentik.policies.reputation` - authentik Policies.Reputation
- * `authentik.policies` - authentik Policies
- * `authentik.providers.ldap` - authentik Providers.LDAP
- * `authentik.providers.oauth2` - authentik Providers.OAuth2
- * `authentik.providers.proxy` - authentik Providers.Proxy
- * `authentik.providers.radius` - authentik Providers.Radius
- * `authentik.providers.saml` - authentik Providers.SAML
- * `authentik.providers.scim` - authentik Providers.SCIM
- * `authentik.rbac` - authentik RBAC
- * `authentik.recovery` - authentik Recovery
- * `authentik.sources.ldap` - authentik Sources.LDAP
- * `authentik.sources.oauth` - authentik Sources.OAuth
- * `authentik.sources.plex` - authentik Sources.Plex
- * `authentik.sources.saml` - authentik Sources.SAML
- * `authentik.stages.authenticator` - authentik Stages.Authenticator
- * `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
- * `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
- * `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
- * `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
- * `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
- * `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
- * `authentik.stages.captcha` - authentik Stages.Captcha
- * `authentik.stages.consent` - authentik Stages.Consent
- * `authentik.stages.deny` - authentik Stages.Deny
- * `authentik.stages.dummy` - authentik Stages.Dummy
- * `authentik.stages.email` - authentik Stages.Email
- * `authentik.stages.identification` - authentik Stages.Identification
- * `authentik.stages.invitation` - authentik Stages.User Invitation
- * `authentik.stages.password` - authentik Stages.Password
- * `authentik.stages.prompt` - authentik Stages.Prompt
- * `authentik.stages.user_delete` - authentik Stages.User Delete
- * `authentik.stages.user_login` - authentik Stages.User Login
- * `authentik.stages.user_logout` - authentik Stages.User Logout
- * `authentik.stages.user_write` - authentik Stages.User Write
- * `authentik.brands` - authentik Brands
- * `authentik.blueprints` - authentik Blueprints
- * `authentik.core` - authentik Core
- * `authentik.enterprise` - authentik Enterprise
- * `authentik.enterprise.audit` - authentik Enterprise.Audit
- * `authentik.enterprise.providers.rac` - authentik Enterprise.Providers.RAC
- * `authentik.enterprise.stages.source` - authentik Enterprise.Stages.Source
- * `authentik.events` - authentik Events
AppleChallengeResponseRequest:
type: object
description: Pseudo class for apple response
@@ -30140,17 +29733,11 @@ components:
- static
- prompt
type: string
- description: |-
- * `static` - Static
- * `prompt` - Prompt
AuthTypeEnum:
enum:
- basic
- bearer
type: string
- description: |-
- * `basic` - Basic
- * `bearer` - Bearer
AuthenticateWebAuthnStage:
type: object
description: AuthenticateWebAuthnStage Serializer
@@ -30382,20 +29969,11 @@ components:
- require_superuser
- require_outpost
type: string
- description: |-
- * `none` - None
- * `require_authenticated` - Require Authenticated
- * `require_unauthenticated` - Require Unauthenticated
- * `require_superuser` - Require Superuser
- * `require_outpost` - Require Outpost
AuthenticatorAttachmentEnum:
enum:
- platform
- cross-platform
type: string
- description: |-
- * `platform` - Platform
- * `cross-platform` - Cross Platform
AuthenticatorDuoChallenge:
type: object
description: Duo Challenge
@@ -31017,12 +30595,7 @@ components:
webauthn_user_verification:
allOf:
- $ref: '#/components/schemas/UserVerificationEnum'
- description: |-
- Enforce user verification for WebAuthn devices.
-
- * `required` - Required
- * `preferred` - Preferred
- * `discouraged` - Discouraged
+ description: Enforce user verification for WebAuthn devices.
required:
- component
- meta_model_name
@@ -31064,12 +30637,7 @@ components:
webauthn_user_verification:
allOf:
- $ref: '#/components/schemas/UserVerificationEnum'
- description: |-
- Enforce user verification for WebAuthn devices.
-
- * `required` - Required
- * `preferred` - Preferred
- * `discouraged` - Discouraged
+ description: Enforce user verification for WebAuthn devices.
required:
- name
AuthenticatorValidationChallenge:
@@ -31213,20 +30781,12 @@ components:
- authentik.core.auth.TokenBackend
- authentik.sources.ldap.auth.LDAPBackend
type: string
- description: |-
- * `authentik.core.auth.InbuiltBackend` - User database + standard password
- * `authentik.core.auth.TokenBackend` - User database + app passwords
- * `authentik.sources.ldap.auth.LDAPBackend` - User database + LDAP password
BindingTypeEnum:
enum:
- REDIRECT
- POST
- POST_AUTO
type: string
- description: |-
- * `REDIRECT` - Redirect Binding
- * `POST` - POST Binding
- * `POST_AUTO` - POST Binding with auto-confirmation
BlueprintFile:
type: object
properties:
@@ -31316,12 +30876,6 @@ components:
- orphaned
- unknown
type: string
- description: |-
- * `successful` - Successful
- * `warning` - Warning
- * `error` - Error
- * `orphaned` - Orphaned
- * `unknown` - Unknown
Brand:
type: object
description: Brand Serializer
@@ -31445,13 +30999,6 @@ components:
- can_debug
- is_enterprise
type: string
- description: |-
- * `can_save_media` - Can Save Media
- * `can_geo_ip` - Can Geo Ip
- * `can_asn` - Can Asn
- * `can_impersonate` - Can Impersonate
- * `can_debug` - Can Debug
- * `is_enterprise` - Is Enterprise
CaptchaChallenge:
type: object
description: Site public key
@@ -31691,10 +31238,6 @@ components:
- shell
- redirect
type: string
- description: |-
- * `native` - NATIVE
- * `shell` - SHELL
- * `redirect` - REDIRECT
ChallengeTypes:
oneOf:
- $ref: '#/components/schemas/AccessDeniedChallenge'
@@ -31751,9 +31294,6 @@ components:
- confidential
- public
type: string
- description: |-
- * `confidential` - Confidential
- * `public` - Public
Config:
type: object
description: Serialize authentik Config into DRF Object
@@ -31940,10 +31480,6 @@ components:
- permanent
- expiring
type: string
- description: |-
- * `always_require` - Always Require
- * `permanent` - Permanent
- * `expiring` - Expiring
ConsentStageRequest:
type: object
description: ConsentStage Serializer
@@ -31987,12 +31523,6 @@ components:
- sidebar_left
- sidebar_right
type: string
- description: |-
- * `stacked` - STACKED
- * `content_left` - CONTENT_LEFT
- * `content_right` - CONTENT_RIGHT
- * `sidebar_left` - SIDEBAR_LEFT
- * `sidebar_right` - SIDEBAR_RIGHT
Coordinate:
type: object
description: Coordinates for diagrams
@@ -32057,10 +31587,6 @@ components:
- message
- continue
type: string
- description: |-
- * `message_continue` - Message Continue
- * `message` - Message
- * `continue` - Continue
DenyStage:
type: object
description: DenyStage Serializer
@@ -32190,12 +31716,6 @@ components:
- duo
- sms
type: string
- description: |-
- * `static` - Static
- * `totp` - TOTP
- * `webauthn` - WebAuthn
- * `duo` - Duo
- * `sms` - SMS
DigestAlgorithmEnum:
enum:
- http://www.w3.org/2000/09/xmldsig#sha1
@@ -32203,19 +31723,11 @@ components:
- http://www.w3.org/2001/04/xmldsig-more#sha384
- http://www.w3.org/2001/04/xmlenc#sha512
type: string
- description: |-
- * `http://www.w3.org/2000/09/xmldsig#sha1` - SHA1
- * `http://www.w3.org/2001/04/xmlenc#sha256` - SHA256
- * `http://www.w3.org/2001/04/xmldsig-more#sha384` - SHA384
- * `http://www.w3.org/2001/04/xmlenc#sha512` - SHA512
DigitsEnum:
enum:
- '6'
- '8'
type: string
- description: |-
- * `6` - 6 digits, widely compatible
- * `8` - 8 digits, not compatible with apps like Google Authenticator
DockerServiceConnection:
type: object
description: DockerServiceConnection Serializer
@@ -32538,10 +32050,6 @@ components:
- waiting
- invalid
type: string
- description: |-
- * `success` - Success
- * `waiting` - Waiting
- * `invalid` - Invalid
EmailChallenge:
type: object
description: Email challenge
@@ -32880,34 +32388,6 @@ components:
- update_available
- custom_
type: string
- description: |-
- * `login` - Login
- * `login_failed` - Login Failed
- * `logout` - Logout
- * `user_write` - User Write
- * `suspicious_request` - Suspicious Request
- * `password_set` - Password Set
- * `secret_view` - Secret View
- * `secret_rotate` - Secret Rotate
- * `invitation_used` - Invite Used
- * `authorize_application` - Authorize Application
- * `source_linked` - Source Linked
- * `impersonation_started` - Impersonation Started
- * `impersonation_ended` - Impersonation Ended
- * `flow_execution` - Flow Execution
- * `policy_execution` - Policy Execution
- * `policy_exception` - Policy Exception
- * `property_mapping_exception` - Property Mapping Exception
- * `system_task_execution` - System Task Execution
- * `system_task_exception` - System Task Exception
- * `system_exception` - System Exception
- * `configuration_error` - Configuration Error
- * `model_created` - Model Created
- * `model_updated` - Model Updated
- * `model_deleted` - Model Deleted
- * `email_sent` - Email Sent
- * `update_available` - Update Available
- * `custom_` - Custom Prefix
EventMatcherPolicy:
type: object
description: Event Matcher Policy Serializer
@@ -32947,36 +32427,8 @@ components:
allOf:
- $ref: '#/components/schemas/EventActions'
nullable: true
- description: |-
- Match created events with this action type. When left empty, all action types will be matched.
-
- * `login` - Login
- * `login_failed` - Login Failed
- * `logout` - Logout
- * `user_write` - User Write
- * `suspicious_request` - Suspicious Request
- * `password_set` - Password Set
- * `secret_view` - Secret View
- * `secret_rotate` - Secret Rotate
- * `invitation_used` - Invite Used
- * `authorize_application` - Authorize Application
- * `source_linked` - Source Linked
- * `impersonation_started` - Impersonation Started
- * `impersonation_ended` - Impersonation Ended
- * `flow_execution` - Flow Execution
- * `policy_execution` - Policy Execution
- * `policy_exception` - Policy Exception
- * `property_mapping_exception` - Property Mapping Exception
- * `system_task_execution` - System Task Execution
- * `system_task_exception` - System Task Exception
- * `system_exception` - System Exception
- * `configuration_error` - Configuration Error
- * `model_created` - Model Created
- * `model_updated` - Model Updated
- * `model_deleted` - Model Deleted
- * `email_sent` - Email Sent
- * `update_available` - Update Available
- * `custom_` - Custom Prefix
+ description: Match created events with this action type. When left empty,
+ all action types will be matched.
client_ip:
type: string
nullable: true
@@ -32986,144 +32438,15 @@ components:
allOf:
- $ref: '#/components/schemas/AppEnum'
nullable: true
- description: |-
- Match events created by selected application. When left empty, all applications are matched.
-
- * `authentik.tenants` - authentik Tenants
- * `authentik.admin` - authentik Admin
- * `authentik.api` - authentik API
- * `authentik.crypto` - authentik Crypto
- * `authentik.flows` - authentik Flows
- * `authentik.outposts` - authentik Outpost
- * `authentik.policies.dummy` - authentik Policies.Dummy
- * `authentik.policies.event_matcher` - authentik Policies.Event Matcher
- * `authentik.policies.expiry` - authentik Policies.Expiry
- * `authentik.policies.expression` - authentik Policies.Expression
- * `authentik.policies.password` - authentik Policies.Password
- * `authentik.policies.reputation` - authentik Policies.Reputation
- * `authentik.policies` - authentik Policies
- * `authentik.providers.ldap` - authentik Providers.LDAP
- * `authentik.providers.oauth2` - authentik Providers.OAuth2
- * `authentik.providers.proxy` - authentik Providers.Proxy
- * `authentik.providers.radius` - authentik Providers.Radius
- * `authentik.providers.saml` - authentik Providers.SAML
- * `authentik.providers.scim` - authentik Providers.SCIM
- * `authentik.rbac` - authentik RBAC
- * `authentik.recovery` - authentik Recovery
- * `authentik.sources.ldap` - authentik Sources.LDAP
- * `authentik.sources.oauth` - authentik Sources.OAuth
- * `authentik.sources.plex` - authentik Sources.Plex
- * `authentik.sources.saml` - authentik Sources.SAML
- * `authentik.stages.authenticator` - authentik Stages.Authenticator
- * `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
- * `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
- * `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
- * `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
- * `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
- * `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
- * `authentik.stages.captcha` - authentik Stages.Captcha
- * `authentik.stages.consent` - authentik Stages.Consent
- * `authentik.stages.deny` - authentik Stages.Deny
- * `authentik.stages.dummy` - authentik Stages.Dummy
- * `authentik.stages.email` - authentik Stages.Email
- * `authentik.stages.identification` - authentik Stages.Identification
- * `authentik.stages.invitation` - authentik Stages.User Invitation
- * `authentik.stages.password` - authentik Stages.Password
- * `authentik.stages.prompt` - authentik Stages.Prompt
- * `authentik.stages.user_delete` - authentik Stages.User Delete
- * `authentik.stages.user_login` - authentik Stages.User Login
- * `authentik.stages.user_logout` - authentik Stages.User Logout
- * `authentik.stages.user_write` - authentik Stages.User Write
- * `authentik.brands` - authentik Brands
- * `authentik.blueprints` - authentik Blueprints
- * `authentik.core` - authentik Core
- * `authentik.enterprise` - authentik Enterprise
- * `authentik.enterprise.audit` - authentik Enterprise.Audit
- * `authentik.enterprise.providers.rac` - authentik Enterprise.Providers.RAC
- * `authentik.enterprise.stages.source` - authentik Enterprise.Stages.Source
- * `authentik.events` - authentik Events
+ description: Match events created by selected application. When left empty,
+ all applications are matched.
model:
allOf:
- $ref: '#/components/schemas/ModelEnum'
nullable: true
- description: |-
- Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
-
- * `authentik_tenants.domain` - Domain
- * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
- * `authentik_flows.flow` - Flow
- * `authentik_flows.flowstagebinding` - Flow Stage Binding
- * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
- * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
- * `authentik_outposts.outpost` - Outpost
- * `authentik_policies_dummy.dummypolicy` - Dummy Policy
- * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
- * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
- * `authentik_policies_expression.expressionpolicy` - Expression Policy
- * `authentik_policies_password.passwordpolicy` - Password Policy
- * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
- * `authentik_policies.policybinding` - Policy Binding
- * `authentik_providers_ldap.ldapprovider` - LDAP Provider
- * `authentik_providers_oauth2.scopemapping` - Scope Mapping
- * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
- * `authentik_providers_proxy.proxyprovider` - Proxy Provider
- * `authentik_providers_radius.radiusprovider` - Radius Provider
- * `authentik_providers_saml.samlprovider` - SAML Provider
- * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
- * `authentik_providers_scim.scimprovider` - SCIM Provider
- * `authentik_providers_scim.scimmapping` - SCIM Mapping
- * `authentik_rbac.role` - Role
- * `authentik_sources_ldap.ldapsource` - LDAP Source
- * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
- * `authentik_sources_oauth.oauthsource` - OAuth Source
- * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
- * `authentik_sources_plex.plexsource` - Plex Source
- * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
- * `authentik_sources_saml.samlsource` - SAML Source
- * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
- * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
- * `authentik_stages_authenticator_duo.duodevice` - Duo Device
- * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
- * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
- * `authentik_stages_authenticator_static.staticdevice` - Static Device
- * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
- * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
- * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
- * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
- * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
- * `authentik_stages_captcha.captchastage` - Captcha Stage
- * `authentik_stages_consent.consentstage` - Consent Stage
- * `authentik_stages_consent.userconsent` - User Consent
- * `authentik_stages_deny.denystage` - Deny Stage
- * `authentik_stages_dummy.dummystage` - Dummy Stage
- * `authentik_stages_email.emailstage` - Email Stage
- * `authentik_stages_identification.identificationstage` - Identification Stage
- * `authentik_stages_invitation.invitationstage` - Invitation Stage
- * `authentik_stages_invitation.invitation` - Invitation
- * `authentik_stages_password.passwordstage` - Password Stage
- * `authentik_stages_prompt.prompt` - Prompt
- * `authentik_stages_prompt.promptstage` - Prompt Stage
- * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
- * `authentik_stages_user_login.userloginstage` - User Login Stage
- * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
- * `authentik_stages_user_write.userwritestage` - User Write Stage
- * `authentik_brands.brand` - Brand
- * `authentik_blueprints.blueprintinstance` - Blueprint Instance
- * `authentik_core.group` - Group
- * `authentik_core.user` - User
- * `authentik_core.application` - Application
- * `authentik_core.token` - Token
- * `authentik_enterprise.license` - License
- * `authentik_providers_rac.racprovider` - RAC Provider
- * `authentik_providers_rac.endpoint` - RAC Endpoint
- * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
- * `authentik_stages_source.sourcestage` - Source Stage
- * `authentik_events.event` - Event
- * `authentik_events.notificationtransport` - Notification Transport
- * `authentik_events.notification` - Notification
- * `authentik_events.notificationrule` - Notification Rule
- * `authentik_events.notificationwebhookmapping` - Webhook Mapping
+ description: Match events created by selected model. When left empty, all
+ models are matched. When an app is selected, all the application's models
+ are matched.
required:
- bound_to
- component
@@ -33147,36 +32470,8 @@ components:
allOf:
- $ref: '#/components/schemas/EventActions'
nullable: true
- description: |-
- Match created events with this action type. When left empty, all action types will be matched.
-
- * `login` - Login
- * `login_failed` - Login Failed
- * `logout` - Logout
- * `user_write` - User Write
- * `suspicious_request` - Suspicious Request
- * `password_set` - Password Set
- * `secret_view` - Secret View
- * `secret_rotate` - Secret Rotate
- * `invitation_used` - Invite Used
- * `authorize_application` - Authorize Application
- * `source_linked` - Source Linked
- * `impersonation_started` - Impersonation Started
- * `impersonation_ended` - Impersonation Ended
- * `flow_execution` - Flow Execution
- * `policy_execution` - Policy Execution
- * `policy_exception` - Policy Exception
- * `property_mapping_exception` - Property Mapping Exception
- * `system_task_execution` - System Task Execution
- * `system_task_exception` - System Task Exception
- * `system_exception` - System Exception
- * `configuration_error` - Configuration Error
- * `model_created` - Model Created
- * `model_updated` - Model Updated
- * `model_deleted` - Model Deleted
- * `email_sent` - Email Sent
- * `update_available` - Update Available
- * `custom_` - Custom Prefix
+ description: Match created events with this action type. When left empty,
+ all action types will be matched.
client_ip:
type: string
nullable: true
@@ -33187,144 +32482,15 @@ components:
allOf:
- $ref: '#/components/schemas/AppEnum'
nullable: true
- description: |-
- Match events created by selected application. When left empty, all applications are matched.
-
- * `authentik.tenants` - authentik Tenants
- * `authentik.admin` - authentik Admin
- * `authentik.api` - authentik API
- * `authentik.crypto` - authentik Crypto
- * `authentik.flows` - authentik Flows
- * `authentik.outposts` - authentik Outpost
- * `authentik.policies.dummy` - authentik Policies.Dummy
- * `authentik.policies.event_matcher` - authentik Policies.Event Matcher
- * `authentik.policies.expiry` - authentik Policies.Expiry
- * `authentik.policies.expression` - authentik Policies.Expression
- * `authentik.policies.password` - authentik Policies.Password
- * `authentik.policies.reputation` - authentik Policies.Reputation
- * `authentik.policies` - authentik Policies
- * `authentik.providers.ldap` - authentik Providers.LDAP
- * `authentik.providers.oauth2` - authentik Providers.OAuth2
- * `authentik.providers.proxy` - authentik Providers.Proxy
- * `authentik.providers.radius` - authentik Providers.Radius
- * `authentik.providers.saml` - authentik Providers.SAML
- * `authentik.providers.scim` - authentik Providers.SCIM
- * `authentik.rbac` - authentik RBAC
- * `authentik.recovery` - authentik Recovery
- * `authentik.sources.ldap` - authentik Sources.LDAP
- * `authentik.sources.oauth` - authentik Sources.OAuth
- * `authentik.sources.plex` - authentik Sources.Plex
- * `authentik.sources.saml` - authentik Sources.SAML
- * `authentik.stages.authenticator` - authentik Stages.Authenticator
- * `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
- * `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
- * `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
- * `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
- * `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
- * `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
- * `authentik.stages.captcha` - authentik Stages.Captcha
- * `authentik.stages.consent` - authentik Stages.Consent
- * `authentik.stages.deny` - authentik Stages.Deny
- * `authentik.stages.dummy` - authentik Stages.Dummy
- * `authentik.stages.email` - authentik Stages.Email
- * `authentik.stages.identification` - authentik Stages.Identification
- * `authentik.stages.invitation` - authentik Stages.User Invitation
- * `authentik.stages.password` - authentik Stages.Password
- * `authentik.stages.prompt` - authentik Stages.Prompt
- * `authentik.stages.user_delete` - authentik Stages.User Delete
- * `authentik.stages.user_login` - authentik Stages.User Login
- * `authentik.stages.user_logout` - authentik Stages.User Logout
- * `authentik.stages.user_write` - authentik Stages.User Write
- * `authentik.brands` - authentik Brands
- * `authentik.blueprints` - authentik Blueprints
- * `authentik.core` - authentik Core
- * `authentik.enterprise` - authentik Enterprise
- * `authentik.enterprise.audit` - authentik Enterprise.Audit
- * `authentik.enterprise.providers.rac` - authentik Enterprise.Providers.RAC
- * `authentik.enterprise.stages.source` - authentik Enterprise.Stages.Source
- * `authentik.events` - authentik Events
+ description: Match events created by selected application. When left empty,
+ all applications are matched.
model:
allOf:
- $ref: '#/components/schemas/ModelEnum'
nullable: true
- description: |-
- Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
-
- * `authentik_tenants.domain` - Domain
- * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
- * `authentik_flows.flow` - Flow
- * `authentik_flows.flowstagebinding` - Flow Stage Binding
- * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
- * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
- * `authentik_outposts.outpost` - Outpost
- * `authentik_policies_dummy.dummypolicy` - Dummy Policy
- * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
- * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
- * `authentik_policies_expression.expressionpolicy` - Expression Policy
- * `authentik_policies_password.passwordpolicy` - Password Policy
- * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
- * `authentik_policies.policybinding` - Policy Binding
- * `authentik_providers_ldap.ldapprovider` - LDAP Provider
- * `authentik_providers_oauth2.scopemapping` - Scope Mapping
- * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
- * `authentik_providers_proxy.proxyprovider` - Proxy Provider
- * `authentik_providers_radius.radiusprovider` - Radius Provider
- * `authentik_providers_saml.samlprovider` - SAML Provider
- * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
- * `authentik_providers_scim.scimprovider` - SCIM Provider
- * `authentik_providers_scim.scimmapping` - SCIM Mapping
- * `authentik_rbac.role` - Role
- * `authentik_sources_ldap.ldapsource` - LDAP Source
- * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
- * `authentik_sources_oauth.oauthsource` - OAuth Source
- * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
- * `authentik_sources_plex.plexsource` - Plex Source
- * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
- * `authentik_sources_saml.samlsource` - SAML Source
- * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
- * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
- * `authentik_stages_authenticator_duo.duodevice` - Duo Device
- * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
- * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
- * `authentik_stages_authenticator_static.staticdevice` - Static Device
- * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
- * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
- * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
- * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
- * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
- * `authentik_stages_captcha.captchastage` - Captcha Stage
- * `authentik_stages_consent.consentstage` - Consent Stage
- * `authentik_stages_consent.userconsent` - User Consent
- * `authentik_stages_deny.denystage` - Deny Stage
- * `authentik_stages_dummy.dummystage` - Dummy Stage
- * `authentik_stages_email.emailstage` - Email Stage
- * `authentik_stages_identification.identificationstage` - Identification Stage
- * `authentik_stages_invitation.invitationstage` - Invitation Stage
- * `authentik_stages_invitation.invitation` - Invitation
- * `authentik_stages_password.passwordstage` - Password Stage
- * `authentik_stages_prompt.prompt` - Prompt
- * `authentik_stages_prompt.promptstage` - Prompt Stage
- * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
- * `authentik_stages_user_login.userloginstage` - User Login Stage
- * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
- * `authentik_stages_user_write.userwritestage` - User Write Stage
- * `authentik_brands.brand` - Brand
- * `authentik_blueprints.blueprintinstance` - Blueprint Instance
- * `authentik_core.group` - Group
- * `authentik_core.user` - User
- * `authentik_core.application` - Application
- * `authentik_core.token` - Token
- * `authentik_enterprise.license` - License
- * `authentik_providers_rac.racprovider` - RAC Provider
- * `authentik_providers_rac.endpoint` - RAC Endpoint
- * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
- * `authentik_stages_source.sourcestage` - Source Stage
- * `authentik_events.event` - Event
- * `authentik_events.notificationtransport` - Notification Transport
- * `authentik_events.notification` - Notification
- * `authentik_events.notificationrule` - Notification Rule
- * `authentik_events.notificationwebhookmapping` - Webhook Mapping
+ description: Match events created by selected model. When left empty, all
+ models are matched. When an app is selected, all the application's models
+ are matched.
required:
- name
EventRequest:
@@ -33601,16 +32767,8 @@ components:
designation:
allOf:
- $ref: '#/components/schemas/FlowDesignationEnum'
- description: |-
- Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
- * `authentication` - Authentication
- * `authorization` - Authorization
- * `invalidation` - Invalidation
- * `enrollment` - Enrollment
- * `unenrollment` - Unrenollment
- * `recovery` - Recovery
- * `stage_configuration` - Stage Configuration
+ description: Decides what this Flow is used for. For example, the Authentication
+ flow is redirect to when an un-authenticated user visits authentik.
background:
type: string
description: |-
@@ -33648,23 +32806,13 @@ components:
denied_action:
allOf:
- $ref: '#/components/schemas/DeniedActionEnum'
- description: |-
- Configure what should happen when a flow denies access to a user.
-
- * `message_continue` - Message Continue
- * `message` - Message
- * `continue` - Continue
+ description: Configure what should happen when a flow denies access to a
+ user.
authentication:
allOf:
- $ref: '#/components/schemas/AuthenticationEnum'
- description: |-
- Required level of authentication and authorization to access a flow.
-
- * `none` - None
- * `require_authenticated` - Require Authenticated
- * `require_unauthenticated` - Require Unauthenticated
- * `require_superuser` - Require Superuser
- * `require_outpost` - Require Outpost
+ description: Required level of authentication and authorization to access
+ a flow.
required:
- background
- cache_count
@@ -33730,14 +32878,6 @@ components:
- recovery
- stage_configuration
type: string
- description: |-
- * `authentication` - Authentication
- * `authorization` - Authorization
- * `invalidation` - Invalidation
- * `enrollment` - Enrollment
- * `unenrollment` - Unrenollment
- * `recovery` - Recovery
- * `stage_configuration` - Stage Configuration
FlowDiagram:
type: object
description: response of the flow's diagram action
@@ -33839,12 +32979,6 @@ components:
- sidebar_left
- sidebar_right
type: string
- description: |-
- * `stacked` - Stacked
- * `content_left` - Content Left
- * `content_right` - Content Right
- * `sidebar_left` - Sidebar Left
- * `sidebar_right` - Sidebar Right
FlowRequest:
type: object
description: Flow Serializer
@@ -33865,16 +32999,8 @@ components:
designation:
allOf:
- $ref: '#/components/schemas/FlowDesignationEnum'
- description: |-
- Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
- * `authentication` - Authentication
- * `authorization` - Authorization
- * `invalidation` - Invalidation
- * `enrollment` - Enrollment
- * `unenrollment` - Unrenollment
- * `recovery` - Recovery
- * `stage_configuration` - Stage Configuration
+ description: Decides what this Flow is used for. For example, the Authentication
+ flow is redirect to when an un-authenticated user visits authentik.
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
compatibility_mode:
@@ -33886,23 +33012,13 @@ components:
denied_action:
allOf:
- $ref: '#/components/schemas/DeniedActionEnum'
- description: |-
- Configure what should happen when a flow denies access to a user.
-
- * `message_continue` - Message Continue
- * `message` - Message
- * `continue` - Continue
+ description: Configure what should happen when a flow denies access to a
+ user.
authentication:
allOf:
- $ref: '#/components/schemas/AuthenticationEnum'
- description: |-
- Required level of authentication and authorization to access a flow.
-
- * `none` - None
- * `require_authenticated` - Require Authenticated
- * `require_unauthenticated` - Require Unauthenticated
- * `require_superuser` - Require Superuser
- * `require_outpost` - Require Outpost
+ description: Required level of authentication and authorization to access
+ a flow.
required:
- designation
- name
@@ -33934,16 +33050,8 @@ components:
designation:
allOf:
- $ref: '#/components/schemas/FlowDesignationEnum'
- description: |-
- Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
- * `authentication` - Authentication
- * `authorization` - Authorization
- * `invalidation` - Invalidation
- * `enrollment` - Enrollment
- * `unenrollment` - Unrenollment
- * `recovery` - Recovery
- * `stage_configuration` - Stage Configuration
+ description: Decides what this Flow is used for. For example, the Authentication
+ flow is redirect to when an un-authenticated user visits authentik.
background:
type: string
description: |-
@@ -33965,12 +33073,8 @@ components:
denied_action:
allOf:
- $ref: '#/components/schemas/DeniedActionEnum'
- description: |-
- Configure what should happen when a flow denies access to a user.
-
- * `message_continue` - Message Continue
- * `message` - Message
- * `continue` - Continue
+ description: Configure what should happen when a flow denies access to a
+ user.
required:
- background
- designation
@@ -34000,16 +33104,8 @@ components:
designation:
allOf:
- $ref: '#/components/schemas/FlowDesignationEnum'
- description: |-
- Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
- * `authentication` - Authentication
- * `authorization` - Authorization
- * `invalidation` - Invalidation
- * `enrollment` - Enrollment
- * `unenrollment` - Unrenollment
- * `recovery` - Recovery
- * `stage_configuration` - Stage Configuration
+ description: Decides what this Flow is used for. For example, the Authentication
+ flow is redirect to when an un-authenticated user visits authentik.
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
compatibility_mode:
@@ -34021,12 +33117,8 @@ components:
denied_action:
allOf:
- $ref: '#/components/schemas/DeniedActionEnum'
- description: |-
- Configure what should happen when a flow denies access to a user.
-
- * `message_continue` - Message Continue
- * `message` - Message
- * `continue` - Continue
+ description: Configure what should happen when a flow denies access to a
+ user.
required:
- designation
- name
@@ -34070,12 +33162,10 @@ components:
invalid_response_action:
allOf:
- $ref: '#/components/schemas/InvalidResponseActionEnum'
- description: |-
- Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
- * `retry` - Retry
- * `restart` - Restart
- * `restart_with_context` - Restart With Context
+ description: Configure how the flow executor should handle an invalid response
+ to a challenge. RETRY returns the error message and a similar challenge
+ to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
+ restarts the flow while keeping the current context.
required:
- order
- pk
@@ -34108,12 +33198,10 @@ components:
invalid_response_action:
allOf:
- $ref: '#/components/schemas/InvalidResponseActionEnum'
- description: |-
- Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
- * `retry` - Retry
- * `restart` - Restart
- * `restart_with_context` - Restart With Context
+ description: Configure how the flow executor should handle an invalid response
+ to a challenge. RETRY returns the error message and a similar challenge
+ to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
+ restarts the flow while keeping the current context.
required:
- order
- stage
@@ -34148,11 +33236,6 @@ components:
- bind_continent_country
- bind_continent_country_city
type: string
- description: |-
- * `no_binding` - No Binding
- * `bind_continent` - Bind Continent
- * `bind_continent_country` - Bind Continent Country
- * `bind_continent_country_city` - Bind Continent Country City
Group:
type: object
description: Group Serializer
@@ -34544,21 +33627,12 @@ components:
- recovery
- app_password
type: string
- description: |-
- * `verification` - Intent Verification
- * `api` - Intent Api
- * `recovery` - Intent Recovery
- * `app_password` - Intent App Password
InvalidResponseActionEnum:
enum:
- retry
- restart
- restart_with_context
type: string
- description: |-
- * `retry` - Retry
- * `restart` - Restart
- * `restart_with_context` - Restart With Context
Invitation:
type: object
description: Invitation Serializer
@@ -34690,9 +33764,6 @@ components:
- global
- per_provider
type: string
- description: |-
- * `global` - Same identifier is used for all providers
- * `per_provider` - Each provider has a different issuer, based on the application slug.
KubernetesServiceConnection:
type: object
description: KubernetesServiceConnection Serializer
@@ -34760,9 +33831,6 @@ components:
- direct
- cached
type: string
- description: |-
- * `direct` - Direct
- * `cached` - Cached
LDAPDebug:
type: object
properties:
@@ -35157,14 +34225,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
managed:
type: string
nullable: true
@@ -35308,14 +34370,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
user_path_template:
type: string
minLength: 1
@@ -35547,15 +34603,6 @@ components:
- debug
- notset
type: string
- description: |-
- * `critical` - critical
- * `exception` - exception
- * `error` - error
- * `warn` - warn
- * `warning` - warning
- * `info` - info
- * `debug` - debug
- * `notset` - notset
LoginChallengeTypes:
oneOf:
- $ref: '#/components/schemas/RedirectChallenge'
@@ -35694,82 +34741,6 @@ components:
- authentik_events.notificationrule
- authentik_events.notificationwebhookmapping
type: string
- description: |-
- * `authentik_tenants.domain` - Domain
- * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
- * `authentik_flows.flow` - Flow
- * `authentik_flows.flowstagebinding` - Flow Stage Binding
- * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
- * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
- * `authentik_outposts.outpost` - Outpost
- * `authentik_policies_dummy.dummypolicy` - Dummy Policy
- * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
- * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
- * `authentik_policies_expression.expressionpolicy` - Expression Policy
- * `authentik_policies_password.passwordpolicy` - Password Policy
- * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
- * `authentik_policies.policybinding` - Policy Binding
- * `authentik_providers_ldap.ldapprovider` - LDAP Provider
- * `authentik_providers_oauth2.scopemapping` - Scope Mapping
- * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
- * `authentik_providers_proxy.proxyprovider` - Proxy Provider
- * `authentik_providers_radius.radiusprovider` - Radius Provider
- * `authentik_providers_saml.samlprovider` - SAML Provider
- * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
- * `authentik_providers_scim.scimprovider` - SCIM Provider
- * `authentik_providers_scim.scimmapping` - SCIM Mapping
- * `authentik_rbac.role` - Role
- * `authentik_sources_ldap.ldapsource` - LDAP Source
- * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
- * `authentik_sources_oauth.oauthsource` - OAuth Source
- * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
- * `authentik_sources_plex.plexsource` - Plex Source
- * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
- * `authentik_sources_saml.samlsource` - SAML Source
- * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
- * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
- * `authentik_stages_authenticator_duo.duodevice` - Duo Device
- * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
- * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
- * `authentik_stages_authenticator_static.staticdevice` - Static Device
- * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
- * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
- * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
- * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
- * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
- * `authentik_stages_captcha.captchastage` - Captcha Stage
- * `authentik_stages_consent.consentstage` - Consent Stage
- * `authentik_stages_consent.userconsent` - User Consent
- * `authentik_stages_deny.denystage` - Deny Stage
- * `authentik_stages_dummy.dummystage` - Dummy Stage
- * `authentik_stages_email.emailstage` - Email Stage
- * `authentik_stages_identification.identificationstage` - Identification Stage
- * `authentik_stages_invitation.invitationstage` - Invitation Stage
- * `authentik_stages_invitation.invitation` - Invitation
- * `authentik_stages_password.passwordstage` - Password Stage
- * `authentik_stages_prompt.prompt` - Prompt
- * `authentik_stages_prompt.promptstage` - Prompt Stage
- * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
- * `authentik_stages_user_login.userloginstage` - User Login Stage
- * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
- * `authentik_stages_user_write.userwritestage` - User Write Stage
- * `authentik_brands.brand` - Brand
- * `authentik_blueprints.blueprintinstance` - Blueprint Instance
- * `authentik_core.group` - Group
- * `authentik_core.user` - User
- * `authentik_core.application` - Application
- * `authentik_core.token` - Token
- * `authentik_enterprise.license` - License
- * `authentik_providers_rac.racprovider` - RAC Provider
- * `authentik_providers_rac.endpoint` - RAC Endpoint
- * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
- * `authentik_stages_source.sourcestage` - Source Stage
- * `authentik_events.event` - Event
- * `authentik_events.notificationtransport` - Notification Transport
- * `authentik_events.notification` - Notification
- * `authentik_events.notificationrule` - Notification Rule
- * `authentik_events.notificationwebhookmapping` - Webhook Mapping
NameIdPolicyEnum:
enum:
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
@@ -35778,12 +34749,6 @@ components:
- urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
type: string
- description: |-
- * `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
NetworkBindingEnum:
enum:
- no_binding
@@ -35791,21 +34756,12 @@ components:
- bind_asn_network
- bind_asn_network_ip
type: string
- description: |-
- * `no_binding` - No Binding
- * `bind_asn` - Bind Asn
- * `bind_asn_network` - Bind Asn Network
- * `bind_asn_network_ip` - Bind Asn Network Ip
NotConfiguredActionEnum:
enum:
- skip
- deny
- configure
type: string
- description: |-
- * `skip` - Skip
- * `deny` - Deny
- * `configure` - Configure
Notification:
type: object
description: Notification Serializer
@@ -35865,12 +34821,8 @@ components:
severity:
allOf:
- $ref: '#/components/schemas/SeverityEnum'
- description: |-
- Controls which severity level the created notifications will have.
-
- * `notice` - Notice
- * `warning` - Warning
- * `alert` - Alert
+ description: Controls which severity level the created notifications will
+ have.
group:
type: string
format: uuid
@@ -35903,12 +34855,8 @@ components:
severity:
allOf:
- $ref: '#/components/schemas/SeverityEnum'
- description: |-
- Controls which severity level the created notifications will have.
-
- * `notice` - Notice
- * `warning` - Warning
- * `alert` - Alert
+ description: Controls which severity level the created notifications will
+ have.
group:
type: string
format: uuid
@@ -35956,11 +34904,6 @@ components:
- webhook_slack
- email
type: string
- description: |-
- * `local` - authentik inbuilt notifications
- * `webhook` - Generic Webhook
- * `webhook_slack` - Slack Webhook (Slack/Discord)
- * `email` - Email
NotificationTransportRequest:
type: object
description: NotificationTransport Serializer
@@ -36083,11 +35026,8 @@ components:
client_type:
allOf:
- $ref: '#/components/schemas/ClientTypeEnum'
- description: |-
- Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
- * `confidential` - Confidential
- * `public` - Public
+ description: Confidential clients are capable of maintaining the confidentiality
+ of their credentials. Public clients are incapable
client_id:
type: string
maxLength: 255
@@ -36122,23 +35062,12 @@ components:
sub_mode:
allOf:
- $ref: '#/components/schemas/SubModeEnum'
- description: |-
- Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
- * `hashed_user_id` - Based on the Hashed User ID
- * `user_id` - Based on user ID
- * `user_uuid` - Based on user UUID
- * `user_username` - Based on the username
- * `user_email` - Based on the User's Email. This is recommended over the UPN method.
- * `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
+ description: Configure what data should be used as unique User Identifier.
+ For most cases, the default should be fine.
issuer_mode:
allOf:
- $ref: '#/components/schemas/IssuerModeEnum'
- description: |-
- Configure how the issuer field of the ID Token should be filled.
-
- * `global` - Same identifier is used for all providers
- * `per_provider` - Each provider has a different issuer, based on the application slug.
+ description: Configure how the issuer field of the ID Token should be filled.
jwks_sources:
type: array
items:
@@ -36184,11 +35113,8 @@ components:
client_type:
allOf:
- $ref: '#/components/schemas/ClientTypeEnum'
- description: |-
- Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
- * `confidential` - Confidential
- * `public` - Public
+ description: Confidential clients are capable of maintaining the confidentiality
+ of their credentials. Public clients are incapable
client_id:
type: string
minLength: 1
@@ -36227,23 +35153,12 @@ components:
sub_mode:
allOf:
- $ref: '#/components/schemas/SubModeEnum'
- description: |-
- Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
- * `hashed_user_id` - Based on the Hashed User ID
- * `user_id` - Based on user ID
- * `user_uuid` - Based on user UUID
- * `user_username` - Based on the username
- * `user_email` - Based on the User's Email. This is recommended over the UPN method.
- * `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
+ description: Configure what data should be used as unique User Identifier.
+ For most cases, the default should be fine.
issuer_mode:
allOf:
- $ref: '#/components/schemas/IssuerModeEnum'
- description: |-
- Configure how the issuer field of the ID Token should be filled.
-
- * `global` - Same identifier is used for all providers
- * `per_provider` - Each provider has a different issuer, based on the application slug.
+ description: Configure how the issuer field of the ID Token should be filled.
jwks_sources:
type: array
items:
@@ -36396,14 +35311,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
managed:
type: string
nullable: true
@@ -36507,14 +35416,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
user_path_template:
type: string
minLength: 1
@@ -36758,11 +35661,6 @@ components:
- radius
- rac
type: string
- description: |-
- * `proxy` - Proxy
- * `ldap` - Ldap
- * `radius` - Radius
- * `rac` - Rac
PaginatedApplicationList:
type: object
properties:
@@ -38529,12 +37427,7 @@ components:
webauthn_user_verification:
allOf:
- $ref: '#/components/schemas/UserVerificationEnum'
- description: |-
- Enforce user verification for WebAuthn devices.
-
- * `required` - Required
- * `preferred` - Preferred
- * `discouraged` - Discouraged
+ description: Enforce user verification for WebAuthn devices.
PatchedBlueprintInstanceRequest:
type: object
description: Info about a single blueprint instance file
@@ -38867,36 +37760,8 @@ components:
allOf:
- $ref: '#/components/schemas/EventActions'
nullable: true
- description: |-
- Match created events with this action type. When left empty, all action types will be matched.
-
- * `login` - Login
- * `login_failed` - Login Failed
- * `logout` - Logout
- * `user_write` - User Write
- * `suspicious_request` - Suspicious Request
- * `password_set` - Password Set
- * `secret_view` - Secret View
- * `secret_rotate` - Secret Rotate
- * `invitation_used` - Invite Used
- * `authorize_application` - Authorize Application
- * `source_linked` - Source Linked
- * `impersonation_started` - Impersonation Started
- * `impersonation_ended` - Impersonation Ended
- * `flow_execution` - Flow Execution
- * `policy_execution` - Policy Execution
- * `policy_exception` - Policy Exception
- * `property_mapping_exception` - Property Mapping Exception
- * `system_task_execution` - System Task Execution
- * `system_task_exception` - System Task Exception
- * `system_exception` - System Exception
- * `configuration_error` - Configuration Error
- * `model_created` - Model Created
- * `model_updated` - Model Updated
- * `model_deleted` - Model Deleted
- * `email_sent` - Email Sent
- * `update_available` - Update Available
- * `custom_` - Custom Prefix
+ description: Match created events with this action type. When left empty,
+ all action types will be matched.
client_ip:
type: string
nullable: true
@@ -38907,144 +37772,15 @@ components:
allOf:
- $ref: '#/components/schemas/AppEnum'
nullable: true
- description: |-
- Match events created by selected application. When left empty, all applications are matched.
-
- * `authentik.tenants` - authentik Tenants
- * `authentik.admin` - authentik Admin
- * `authentik.api` - authentik API
- * `authentik.crypto` - authentik Crypto
- * `authentik.flows` - authentik Flows
- * `authentik.outposts` - authentik Outpost
- * `authentik.policies.dummy` - authentik Policies.Dummy
- * `authentik.policies.event_matcher` - authentik Policies.Event Matcher
- * `authentik.policies.expiry` - authentik Policies.Expiry
- * `authentik.policies.expression` - authentik Policies.Expression
- * `authentik.policies.password` - authentik Policies.Password
- * `authentik.policies.reputation` - authentik Policies.Reputation
- * `authentik.policies` - authentik Policies
- * `authentik.providers.ldap` - authentik Providers.LDAP
- * `authentik.providers.oauth2` - authentik Providers.OAuth2
- * `authentik.providers.proxy` - authentik Providers.Proxy
- * `authentik.providers.radius` - authentik Providers.Radius
- * `authentik.providers.saml` - authentik Providers.SAML
- * `authentik.providers.scim` - authentik Providers.SCIM
- * `authentik.rbac` - authentik RBAC
- * `authentik.recovery` - authentik Recovery
- * `authentik.sources.ldap` - authentik Sources.LDAP
- * `authentik.sources.oauth` - authentik Sources.OAuth
- * `authentik.sources.plex` - authentik Sources.Plex
- * `authentik.sources.saml` - authentik Sources.SAML
- * `authentik.stages.authenticator` - authentik Stages.Authenticator
- * `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo
- * `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS
- * `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static
- * `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP
- * `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate
- * `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn
- * `authentik.stages.captcha` - authentik Stages.Captcha
- * `authentik.stages.consent` - authentik Stages.Consent
- * `authentik.stages.deny` - authentik Stages.Deny
- * `authentik.stages.dummy` - authentik Stages.Dummy
- * `authentik.stages.email` - authentik Stages.Email
- * `authentik.stages.identification` - authentik Stages.Identification
- * `authentik.stages.invitation` - authentik Stages.User Invitation
- * `authentik.stages.password` - authentik Stages.Password
- * `authentik.stages.prompt` - authentik Stages.Prompt
- * `authentik.stages.user_delete` - authentik Stages.User Delete
- * `authentik.stages.user_login` - authentik Stages.User Login
- * `authentik.stages.user_logout` - authentik Stages.User Logout
- * `authentik.stages.user_write` - authentik Stages.User Write
- * `authentik.brands` - authentik Brands
- * `authentik.blueprints` - authentik Blueprints
- * `authentik.core` - authentik Core
- * `authentik.enterprise` - authentik Enterprise
- * `authentik.enterprise.audit` - authentik Enterprise.Audit
- * `authentik.enterprise.providers.rac` - authentik Enterprise.Providers.RAC
- * `authentik.enterprise.stages.source` - authentik Enterprise.Stages.Source
- * `authentik.events` - authentik Events
+ description: Match events created by selected application. When left empty,
+ all applications are matched.
model:
allOf:
- $ref: '#/components/schemas/ModelEnum'
nullable: true
- description: |-
- Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
-
- * `authentik_tenants.domain` - Domain
- * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
- * `authentik_flows.flow` - Flow
- * `authentik_flows.flowstagebinding` - Flow Stage Binding
- * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
- * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
- * `authentik_outposts.outpost` - Outpost
- * `authentik_policies_dummy.dummypolicy` - Dummy Policy
- * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
- * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
- * `authentik_policies_expression.expressionpolicy` - Expression Policy
- * `authentik_policies_password.passwordpolicy` - Password Policy
- * `authentik_policies_reputation.reputationpolicy` - Reputation Policy
- * `authentik_policies.policybinding` - Policy Binding
- * `authentik_providers_ldap.ldapprovider` - LDAP Provider
- * `authentik_providers_oauth2.scopemapping` - Scope Mapping
- * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider
- * `authentik_providers_proxy.proxyprovider` - Proxy Provider
- * `authentik_providers_radius.radiusprovider` - Radius Provider
- * `authentik_providers_saml.samlprovider` - SAML Provider
- * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
- * `authentik_providers_scim.scimprovider` - SCIM Provider
- * `authentik_providers_scim.scimmapping` - SCIM Mapping
- * `authentik_rbac.role` - Role
- * `authentik_sources_ldap.ldapsource` - LDAP Source
- * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
- * `authentik_sources_oauth.oauthsource` - OAuth Source
- * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection
- * `authentik_sources_plex.plexsource` - Plex Source
- * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection
- * `authentik_sources_saml.samlsource` - SAML Source
- * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection
- * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage
- * `authentik_stages_authenticator_duo.duodevice` - Duo Device
- * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
- * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
- * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Setup Stage
- * `authentik_stages_authenticator_static.staticdevice` - Static Device
- * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
- * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
- * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
- * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
- * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
- * `authentik_stages_captcha.captchastage` - Captcha Stage
- * `authentik_stages_consent.consentstage` - Consent Stage
- * `authentik_stages_consent.userconsent` - User Consent
- * `authentik_stages_deny.denystage` - Deny Stage
- * `authentik_stages_dummy.dummystage` - Dummy Stage
- * `authentik_stages_email.emailstage` - Email Stage
- * `authentik_stages_identification.identificationstage` - Identification Stage
- * `authentik_stages_invitation.invitationstage` - Invitation Stage
- * `authentik_stages_invitation.invitation` - Invitation
- * `authentik_stages_password.passwordstage` - Password Stage
- * `authentik_stages_prompt.prompt` - Prompt
- * `authentik_stages_prompt.promptstage` - Prompt Stage
- * `authentik_stages_user_delete.userdeletestage` - User Delete Stage
- * `authentik_stages_user_login.userloginstage` - User Login Stage
- * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
- * `authentik_stages_user_write.userwritestage` - User Write Stage
- * `authentik_brands.brand` - Brand
- * `authentik_blueprints.blueprintinstance` - Blueprint Instance
- * `authentik_core.group` - Group
- * `authentik_core.user` - User
- * `authentik_core.application` - Application
- * `authentik_core.token` - Token
- * `authentik_enterprise.license` - License
- * `authentik_providers_rac.racprovider` - RAC Provider
- * `authentik_providers_rac.endpoint` - RAC Endpoint
- * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
- * `authentik_stages_source.sourcestage` - Source Stage
- * `authentik_events.event` - Event
- * `authentik_events.notificationtransport` - Notification Transport
- * `authentik_events.notification` - Notification
- * `authentik_events.notificationrule` - Notification Rule
- * `authentik_events.notificationwebhookmapping` - Webhook Mapping
+ description: Match events created by selected model. When left empty, all
+ models are matched. When an app is selected, all the application's models
+ are matched.
PatchedEventRequest:
type: object
description: Event Serializer
@@ -39098,16 +37834,8 @@ components:
designation:
allOf:
- $ref: '#/components/schemas/FlowDesignationEnum'
- description: |-
- Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
- * `authentication` - Authentication
- * `authorization` - Authorization
- * `invalidation` - Invalidation
- * `enrollment` - Enrollment
- * `unenrollment` - Unrenollment
- * `recovery` - Recovery
- * `stage_configuration` - Stage Configuration
+ description: Decides what this Flow is used for. For example, the Authentication
+ flow is redirect to when an un-authenticated user visits authentik.
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
compatibility_mode:
@@ -39119,23 +37847,13 @@ components:
denied_action:
allOf:
- $ref: '#/components/schemas/DeniedActionEnum'
- description: |-
- Configure what should happen when a flow denies access to a user.
-
- * `message_continue` - Message Continue
- * `message` - Message
- * `continue` - Continue
+ description: Configure what should happen when a flow denies access to a
+ user.
authentication:
allOf:
- $ref: '#/components/schemas/AuthenticationEnum'
- description: |-
- Required level of authentication and authorization to access a flow.
-
- * `none` - None
- * `require_authenticated` - Require Authenticated
- * `require_unauthenticated` - Require Unauthenticated
- * `require_superuser` - Require Superuser
- * `require_outpost` - Require Outpost
+ description: Required level of authentication and authorization to access
+ a flow.
PatchedFlowStageBindingRequest:
type: object
description: FlowStageBinding Serializer
@@ -39161,12 +37879,10 @@ components:
invalid_response_action:
allOf:
- $ref: '#/components/schemas/InvalidResponseActionEnum'
- description: |-
- Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
- * `retry` - Retry
- * `restart` - Restart
- * `restart_with_context` - Restart With Context
+ description: Configure how the flow executor should handle an invalid response
+ to a challenge. RETRY returns the error message and a similar challenge
+ to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
+ restarts the flow while keeping the current context.
PatchedGroupRequest:
type: object
description: Group Serializer
@@ -39428,14 +38144,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
user_path_template:
type: string
minLength: 1
@@ -39553,12 +38263,8 @@ components:
severity:
allOf:
- $ref: '#/components/schemas/SeverityEnum'
- description: |-
- Controls which severity level the created notifications will have.
-
- * `notice` - Notice
- * `warning` - Warning
- * `alert` - Alert
+ description: Controls which severity level the created notifications will
+ have.
group:
type: string
format: uuid
@@ -39620,11 +38326,8 @@ components:
client_type:
allOf:
- $ref: '#/components/schemas/ClientTypeEnum'
- description: |-
- Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
- * `confidential` - Confidential
- * `public` - Public
+ description: Confidential clients are capable of maintaining the confidentiality
+ of their credentials. Public clients are incapable
client_id:
type: string
minLength: 1
@@ -39663,23 +38366,12 @@ components:
sub_mode:
allOf:
- $ref: '#/components/schemas/SubModeEnum'
- description: |-
- Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
- * `hashed_user_id` - Based on the Hashed User ID
- * `user_id` - Based on user ID
- * `user_uuid` - Based on user UUID
- * `user_username` - Based on the username
- * `user_email` - Based on the User's Email. This is recommended over the UPN method.
- * `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
+ description: Configure what data should be used as unique User Identifier.
+ For most cases, the default should be fine.
issuer_mode:
allOf:
- $ref: '#/components/schemas/IssuerModeEnum'
- description: |-
- Configure how the issuer field of the ID Token should be filled.
-
- * `global` - Same identifier is used for all providers
- * `per_provider` - Each provider has a different issuer, based on the application slug.
+ description: Configure how the issuer field of the ID Token should be filled.
jwks_sources:
type: array
items:
@@ -39719,14 +38411,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
user_path_template:
type: string
minLength: 1
@@ -39960,14 +38646,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
user_path_template:
type: string
minLength: 1
@@ -40145,12 +38825,8 @@ components:
mode:
allOf:
- $ref: '#/components/schemas/ProxyMode'
- description: |-
- Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
-
- * `proxy` - Proxy
- * `forward_single` - Forward Single
- * `forward_domain` - Forward Domain
+ description: Enable support for forwardAuth in traefik and nginx auth_request.
+ Exclusive with internal_host.
intercept_header_auth:
type: boolean
description: When enabled, this provider will intercept the authorization
@@ -40397,11 +39073,8 @@ components:
allOf:
- $ref: '#/components/schemas/SpBindingEnum'
title: Service Provider Binding
- description: |-
- This determines how authentik sends the response back to the Service Provider.
-
- * `redirect` - Redirect
- * `post` - Post
+ description: This determines how authentik sends the response back to the
+ Service Provider.
default_relay_state:
type: string
description: Default relay_state value for IDP-initiated logins
@@ -40436,14 +39109,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
user_path_template:
type: string
minLength: 1
@@ -40473,14 +39140,8 @@ components:
name_id_policy:
allOf:
- $ref: '#/components/schemas/NameIdPolicyEnum'
- description: |-
- NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
-
- * `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
+ description: NameID Policy sent to the IdP. Can be unset, in which case
+ no Policy is sent.
binding_type:
$ref: '#/components/schemas/BindingTypeEnum'
verification_kp:
@@ -40744,23 +39405,12 @@ components:
network_binding:
allOf:
- $ref: '#/components/schemas/NetworkBindingEnum'
- description: |-
- Bind sessions created by this stage to the configured network
-
- * `no_binding` - No Binding
- * `bind_asn` - Bind Asn
- * `bind_asn_network` - Bind Asn Network
- * `bind_asn_network_ip` - Bind Asn Network Ip
+ description: Bind sessions created by this stage to the configured network
geoip_binding:
allOf:
- $ref: '#/components/schemas/GeoipBindingEnum'
- description: |-
- Bind sessions created by this stage to the configured GeoIP location
-
- * `no_binding` - No Binding
- * `bind_continent` - Bind Continent
- * `bind_continent_country` - Bind Continent Country
- * `bind_continent_country_city` - Bind Continent Country City
+ description: Bind sessions created by this stage to the configured GeoIP
+ location
PatchedUserLogoutStageRequest:
type: object
description: UserLogoutStage Serializer
@@ -41001,14 +39651,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
managed:
type: string
nullable: true
@@ -41122,14 +39766,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
user_path_template:
type: string
minLength: 1
@@ -41309,9 +39947,6 @@ components:
- all
- any
type: string
- description: |-
- * `all` - all, all policies must pass
- * `any` - any, any policy must pass
PolicyRequest:
type: object
description: Policy Serializer
@@ -41582,25 +40217,6 @@ components:
- static
- ak-locale
type: string
- description: |-
- * `text` - Text: Simple Text input
- * `text_area` - Text area: Multiline Text Input.
- * `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
- * `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
- * `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
- * `email` - Email: Text field with Email type.
- * `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
- * `number` - Number
- * `checkbox` - Checkbox
- * `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
- * `dropdown` - Fixed choice field rendered as a dropdown.
- * `date` - Date
- * `date-time` - Date Time
- * `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
- * `separator` - Separator: Static Separator Line
- * `hidden` - Hidden: Hidden field, can be used to insert data into form.
- * `static` - Static: Static value, displayed as-is.
- * `ak-locale` - authentik: Selection of locales authentik supports
PropertyMapping:
type: object
description: PropertyMapping Serializer
@@ -41676,10 +40292,6 @@ components:
- vnc
- ssh
type: string
- description: |-
- * `rdp` - Rdp
- * `vnc` - Vnc
- * `ssh` - Ssh
Provider:
type: object
description: Provider Serializer
@@ -41754,9 +40366,6 @@ components:
- twilio
- generic
type: string
- description: |-
- * `twilio` - Twilio
- * `generic` - Generic
ProviderModelEnum:
enum:
- authentik_providers_ldap.ldapprovider
@@ -41767,14 +40376,6 @@ components:
- authentik_providers_saml.samlprovider
- authentik_providers_scim.scimprovider
type: string
- description: |-
- * `authentik_providers_ldap.ldapprovider` - authentik_providers_ldap.ldapprovider
- * `authentik_providers_oauth2.oauth2provider` - authentik_providers_oauth2.oauth2provider
- * `authentik_providers_proxy.proxyprovider` - authentik_providers_proxy.proxyprovider
- * `authentik_providers_rac.racprovider` - authentik_providers_rac.racprovider
- * `authentik_providers_radius.radiusprovider` - authentik_providers_radius.radiusprovider
- * `authentik_providers_saml.samlprovider` - authentik_providers_saml.samlprovider
- * `authentik_providers_scim.scimprovider` - authentik_providers_scim.scimprovider
ProviderRequest:
type: object
description: Provider Serializer
@@ -41817,31 +40418,12 @@ components:
- twitch
- twitter
type: string
- description: |-
- * `apple` - Apple
- * `openidconnect` - OpenID Connect
- * `azuread` - Azure AD
- * `discord` - Discord
- * `facebook` - Facebook
- * `github` - GitHub
- * `gitlab` - GitLab
- * `google` - Google
- * `mailcow` - Mailcow
- * `okta` - Okta
- * `patreon` - Patreon
- * `reddit` - Reddit
- * `twitch` - Twitch
- * `twitter` - Twitter
ProxyMode:
enum:
- proxy
- forward_single
- forward_domain
type: string
- description: |-
- * `proxy` - Proxy
- * `forward_single` - Forward Single
- * `forward_domain` - Forward Domain
ProxyOutpostConfig:
type: object
description: Proxy provider serializer for outposts
@@ -41899,12 +40481,8 @@ components:
mode:
allOf:
- $ref: '#/components/schemas/ProxyMode'
- description: |-
- Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
-
- * `proxy` - Proxy
- * `forward_single` - Forward Single
- * `forward_domain` - Forward Domain
+ description: Enable support for forwardAuth in traefik and nginx auth_request.
+ Exclusive with internal_host.
cookie_domain:
type: string
access_token_validity:
@@ -42037,12 +40615,8 @@ components:
mode:
allOf:
- $ref: '#/components/schemas/ProxyMode'
- description: |-
- Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
-
- * `proxy` - Proxy
- * `forward_single` - Forward Single
- * `forward_domain` - Forward Domain
+ description: Enable support for forwardAuth in traefik and nginx auth_request.
+ Exclusive with internal_host.
intercept_header_auth:
type: boolean
description: When enabled, this provider will intercept the authorization
@@ -42147,12 +40721,8 @@ components:
mode:
allOf:
- $ref: '#/components/schemas/ProxyMode'
- description: |-
- Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
-
- * `proxy` - Proxy
- * `forward_single` - Forward Single
- * `forward_domain` - Forward Domain
+ description: Enable support for forwardAuth in traefik and nginx auth_request.
+ Exclusive with internal_host.
intercept_header_auth:
type: boolean
description: When enabled, this provider will intercept the authorization
@@ -42663,10 +41233,6 @@ components:
- preferred
- required
type: string
- description: |-
- * `discouraged` - Discouraged
- * `preferred` - Preferred
- * `required` - Required
Role:
type: object
description: Role serializer
@@ -42943,11 +41509,8 @@ components:
allOf:
- $ref: '#/components/schemas/SpBindingEnum'
title: Service Provider Binding
- description: |-
- This determines how authentik sends the response back to the Service Provider.
-
- * `redirect` - Redirect
- * `post` - Post
+ description: This determines how authentik sends the response back to the
+ Service Provider.
default_relay_state:
type: string
description: Default relay_state value for IDP-initiated logins
@@ -43090,11 +41653,8 @@ components:
allOf:
- $ref: '#/components/schemas/SpBindingEnum'
title: Service Provider Binding
- description: |-
- This determines how authentik sends the response back to the Service Provider.
-
- * `redirect` - Redirect
- * `post` - Post
+ description: This determines how authentik sends the response back to the
+ Service Provider.
default_relay_state:
type: string
description: Default relay_state value for IDP-initiated logins
@@ -43152,14 +41712,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
managed:
type: string
nullable: true
@@ -43203,14 +41757,8 @@ components:
name_id_policy:
allOf:
- $ref: '#/components/schemas/NameIdPolicyEnum'
- description: |-
- NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
-
- * `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
+ description: NameID Policy sent to the IdP. Can be unset, in which case
+ no Policy is sent.
binding_type:
$ref: '#/components/schemas/BindingTypeEnum'
verification_kp:
@@ -43280,14 +41828,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
user_path_template:
type: string
minLength: 1
@@ -43317,14 +41859,8 @@ components:
name_id_policy:
allOf:
- $ref: '#/components/schemas/NameIdPolicyEnum'
- description: |-
- NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
-
- * `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows
- * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
+ description: NameID Policy sent to the IdP. Can be unset, in which case
+ no Policy is sent.
binding_type:
$ref: '#/components/schemas/BindingTypeEnum'
verification_kp:
@@ -43817,10 +42353,6 @@ components:
- warning
- alert
type: string
- description: |-
- * `notice` - Notice
- * `warning` - Warning
- * `alert` - Alert
ShellChallenge:
type: object
description: challenge type to render HTML as-is
@@ -43851,12 +42383,6 @@ components:
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
- http://www.w3.org/2000/09/xmldsig#dsa-sha1
type: string
- description: |-
- * `http://www.w3.org/2000/09/xmldsig#rsa-sha1` - RSA-SHA1
- * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` - RSA-SHA256
- * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha384` - RSA-SHA384
- * `http://www.w3.org/2001/04/xmldsig-more#rsa-sha512` - RSA-SHA512
- * `http://www.w3.org/2000/09/xmldsig#dsa-sha1` - DSA-SHA1
Source:
type: object
description: Source Serializer
@@ -43907,14 +42433,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
managed:
type: string
nullable: true
@@ -43974,14 +42494,8 @@ components:
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
- description: |-
- How the source determines if an existing user should be authenticated or a new user enrolled.
-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
user_path_template:
type: string
minLength: 1
@@ -44105,9 +42619,6 @@ components:
- redirect
- post
type: string
- description: |-
- * `redirect` - Redirect
- * `post` - Post
Stage:
type: object
description: Stage Serializer
@@ -44254,13 +42765,6 @@ components:
- user_email
- user_upn
type: string
- description: |-
- * `hashed_user_id` - Based on the Hashed User ID
- * `user_id` - Based on user ID
- * `user_uuid` - Based on user UUID
- * `user_username` - Based on the username
- * `user_email` - Based on the User's Email. This is recommended over the UPN method.
- * `user_upn` - Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains.
SystemInfo:
type: object
description: Get system information.
@@ -44382,11 +42886,6 @@ components:
- warning
- error
type: string
- description: |-
- * `unknown` - UNKNOWN
- * `successful` - SUCCESSFUL
- * `warning` - WARNING
- * `error` - ERROR
TOTPDevice:
type: object
description: Serializer for totp authenticator devices
@@ -44658,10 +43157,6 @@ components:
- light
- dark
type: string
- description: |-
- * `automatic` - Automatic
- * `light` - Light
- * `dark` - Dark
UsedBy:
type: object
description: A list of all objects referencing the queried object
@@ -44689,11 +43184,6 @@ components:
- set_null
- set_default
type: string
- description: |-
- * `cascade` - CASCADE
- * `cascade_many` - CASCADE_MANY
- * `set_null` - SET_NULL
- * `set_default` - SET_DEFAULT
User:
type: object
description: User Serializer
@@ -44850,10 +43340,6 @@ components:
- create_when_required
- always_create
type: string
- description: |-
- * `never_create` - Never Create
- * `create_when_required` - Create When Required
- * `always_create` - Always Create
UserDeleteStage:
type: object
description: UserDeleteStage Serializer
@@ -44911,10 +43397,6 @@ components:
- username
- upn
type: string
- description: |-
- * `email` - E Mail
- * `username` - Username
- * `upn` - Upn
UserGroup:
type: object
description: Simplified Group Serializer for user's groups
@@ -44941,6 +43423,7 @@ components:
parent_name:
type: string
readOnly: true
+ nullable: true
attributes:
type: object
additionalProperties: {}
@@ -45052,23 +43535,12 @@ components:
network_binding:
allOf:
- $ref: '#/components/schemas/NetworkBindingEnum'
- description: |-
- Bind sessions created by this stage to the configured network
-
- * `no_binding` - No Binding
- * `bind_asn` - Bind Asn
- * `bind_asn_network` - Bind Asn Network
- * `bind_asn_network_ip` - Bind Asn Network Ip
+ description: Bind sessions created by this stage to the configured network
geoip_binding:
allOf:
- $ref: '#/components/schemas/GeoipBindingEnum'
- description: |-
- Bind sessions created by this stage to the configured GeoIP location
-
- * `no_binding` - No Binding
- * `bind_continent` - Bind Continent
- * `bind_continent_country` - Bind Continent Country
- * `bind_continent_country_city` - Bind Continent Country City
+ description: Bind sessions created by this stage to the configured GeoIP
+ location
required:
- component
- meta_model_name
@@ -45104,23 +43576,12 @@ components:
network_binding:
allOf:
- $ref: '#/components/schemas/NetworkBindingEnum'
- description: |-
- Bind sessions created by this stage to the configured network
-
- * `no_binding` - No Binding
- * `bind_asn` - Bind Asn
- * `bind_asn_network` - Bind Asn Network
- * `bind_asn_network_ip` - Bind Asn Network Ip
+ description: Bind sessions created by this stage to the configured network
geoip_binding:
allOf:
- $ref: '#/components/schemas/GeoipBindingEnum'
- description: |-
- Bind sessions created by this stage to the configured GeoIP location
-
- * `no_binding` - No Binding
- * `bind_continent` - Bind Continent
- * `bind_continent_country` - Bind Continent Country
- * `bind_continent_country_city` - Bind Continent Country City
+ description: Bind sessions created by this stage to the configured GeoIP
+ location
required:
- name
UserLogoutStage:
@@ -45182,12 +43643,6 @@ components:
- username_link
- username_deny
type: string
- description: |-
- * `identifier` - Use the source-specific identifier
- * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.
- * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists.
- * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source.
- * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
UserMetrics:
type: object
description: User Metrics
@@ -45537,21 +43992,12 @@ components:
- service_account
- internal_service_account
type: string
- description: |-
- * `internal` - Internal
- * `external` - External
- * `service_account` - Service Account
- * `internal_service_account` - Internal Service Account
UserVerificationEnum:
enum:
- required
- preferred
- discouraged
type: string
- description: |-
- * `required` - Required
- * `preferred` - Preferred
- * `discouraged` - Discouraged
UserWriteStage:
type: object
description: UserWriteStage Serializer
diff --git a/scripts/api-py-config.yaml b/scripts/api-py-config.yaml
new file mode 100644
index 0000000000..95dcf5597b
--- /dev/null
+++ b/scripts/api-py-config.yaml
@@ -0,0 +1,4 @@
+additionalProperties:
+ packageName: authentik_client
+ projectName: authentik-client
+ infoName: authentik Team
diff --git a/tests/wdio/package-lock.json b/tests/wdio/package-lock.json
index 2f523bf831..5a9e347425 100644
--- a/tests/wdio/package-lock.json
+++ b/tests/wdio/package-lock.json
@@ -18,7 +18,7 @@
"@wdio/spec-reporter": "^8.32.4",
"eslint": "^8.57.0",
"eslint-config-google": "^0.14.0",
- "eslint-plugin-sonarjs": "^0.25.0",
+ "eslint-plugin-sonarjs": "^0.25.1",
"npm-run-all": "^4.1.5",
"prettier": "^3.2.5",
"ts-node": "^10.9.2",
@@ -3114,9 +3114,9 @@
}
},
"node_modules/eslint-plugin-sonarjs": {
- "version": "0.25.0",
- "resolved": "https://registry.npmjs.org/eslint-plugin-sonarjs/-/eslint-plugin-sonarjs-0.25.0.tgz",
- "integrity": "sha512-DaZOtpUucEZbvowgKxVFwICV6r0h7jSCAx0IHICvCowP+etFussnhtaiCPSnYAuwVJ+P/6UFUhkv7QJklpXFyA==",
+ "version": "0.25.1",
+ "resolved": "https://registry.npmjs.org/eslint-plugin-sonarjs/-/eslint-plugin-sonarjs-0.25.1.tgz",
+ "integrity": "sha512-5IOKvj/GMBNqjxBdItfotfRHo7w48496GOu1hxdeXuD0mB1JBlDCViiLHETDTfA8pDAVSBimBEQoetRXYceQEw==",
"dev": true,
"engines": {
"node": ">=16"
diff --git a/tests/wdio/package.json b/tests/wdio/package.json
index b7cddbe5c0..5c497057b7 100644
--- a/tests/wdio/package.json
+++ b/tests/wdio/package.json
@@ -12,7 +12,7 @@
"@wdio/spec-reporter": "^8.32.4",
"eslint": "^8.57.0",
"eslint-config-google": "^0.14.0",
- "eslint-plugin-sonarjs": "^0.25.0",
+ "eslint-plugin-sonarjs": "^0.25.1",
"npm-run-all": "^4.1.5",
"prettier": "^3.2.5",
"ts-node": "^10.9.2",
diff --git a/web/package-lock.json b/web/package-lock.json
index 02b72a3064..bd83594617 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -16,8 +16,8 @@
"@codemirror/legacy-modes": "^6.3.3",
"@codemirror/theme-one-dark": "^6.1.2",
"@formatjs/intl-listformat": "^7.5.5",
- "@fortawesome/fontawesome-free": "^6.5.1",
- "@goauthentik/api": "^2024.2.2-1711643691",
+ "@fortawesome/fontawesome-free": "^6.5.2",
+ "@goauthentik/api": "^2024.2.2-1712238004",
"@lit-labs/task": "^3.1.0",
"@lit/context": "^1.1.0",
"@lit/localize": "^0.12.1",
@@ -47,13 +47,13 @@
"yaml": "^2.4.1"
},
"devDependencies": {
- "@babel/core": "^7.24.3",
+ "@babel/core": "^7.24.4",
"@babel/plugin-proposal-class-properties": "^7.18.6",
"@babel/plugin-proposal-decorators": "^7.24.1",
"@babel/plugin-transform-private-methods": "^7.24.1",
"@babel/plugin-transform-private-property-in-object": "^7.24.1",
"@babel/plugin-transform-runtime": "^7.24.3",
- "@babel/preset-env": "^7.24.3",
+ "@babel/preset-env": "^7.24.4",
"@babel/preset-typescript": "^7.24.1",
"@hcaptcha/types": "^1.0.3",
"@jeysal/storybook-addon-css-user-preferences": "^0.2.0",
@@ -84,7 +84,7 @@
"eslint-config-google": "^0.14.0",
"eslint-plugin-custom-elements": "0.0.8",
"eslint-plugin-lit": "^1.11.0",
- "eslint-plugin-sonarjs": "^0.25.0",
+ "eslint-plugin-sonarjs": "^0.25.1",
"eslint-plugin-storybook": "^0.8.0",
"github-slugger": "^2.0.0",
"glob": "^10.3.12",
@@ -111,9 +111,9 @@
"@esbuild/darwin-arm64": "^0.20.1",
"@esbuild/linux-amd64": "^0.18.11",
"@esbuild/linux-arm64": "^0.20.1",
- "@rollup/rollup-darwin-arm64": "4.13.2",
- "@rollup/rollup-linux-arm64-gnu": "4.13.2",
- "@rollup/rollup-linux-x64-gnu": "4.13.2"
+ "@rollup/rollup-darwin-arm64": "4.14.0",
+ "@rollup/rollup-linux-arm64-gnu": "4.14.0",
+ "@rollup/rollup-linux-x64-gnu": "4.14.0"
}
},
"node_modules/@aashutoshrathi/word-wrap": {
@@ -168,27 +168,27 @@
}
},
"node_modules/@babel/compat-data": {
- "version": "7.24.1",
- "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.24.1.tgz",
- "integrity": "sha512-Pc65opHDliVpRHuKfzI+gSA4zcgr65O4cl64fFJIWEEh8JoHIHh0Oez1Eo8Arz8zq/JhgKodQaxEwUPRtZylVA==",
+ "version": "7.24.4",
+ "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.24.4.tgz",
+ "integrity": "sha512-vg8Gih2MLK+kOkHJp4gBEIkyaIi00jgWot2D9QOmmfLC8jINSOzmCLta6Bvz/JSBCqnegV0L80jhxkol5GWNfQ==",
"dev": true,
"engines": {
"node": ">=6.9.0"
}
},
"node_modules/@babel/core": {
- "version": "7.24.3",
- "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.24.3.tgz",
- "integrity": "sha512-5FcvN1JHw2sHJChotgx8Ek0lyuh4kCKelgMTTqhYJJtloNvUfpAFMeNQUtdlIaktwrSV9LtCdqwk48wL2wBacQ==",
+ "version": "7.24.4",
+ "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.24.4.tgz",
+ "integrity": "sha512-MBVlMXP+kkl5394RBLSxxk/iLTeVGuXTV3cIDXavPpMMqnSnt6apKgan/U8O3USWZCWZT/TbgfEpKa4uMgN4Dg==",
"dev": true,
"dependencies": {
"@ampproject/remapping": "^2.2.0",
"@babel/code-frame": "^7.24.2",
- "@babel/generator": "^7.24.1",
+ "@babel/generator": "^7.24.4",
"@babel/helper-compilation-targets": "^7.23.6",
"@babel/helper-module-transforms": "^7.23.3",
- "@babel/helpers": "^7.24.1",
- "@babel/parser": "^7.24.1",
+ "@babel/helpers": "^7.24.4",
+ "@babel/parser": "^7.24.4",
"@babel/template": "^7.24.0",
"@babel/traverse": "^7.24.1",
"@babel/types": "^7.24.0",
@@ -207,9 +207,9 @@
}
},
"node_modules/@babel/generator": {
- "version": "7.24.1",
- "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.24.1.tgz",
- "integrity": "sha512-DfCRfZsBcrPEHUfuBMgbJ1Ut01Y/itOs+hY2nFLgqsqXd52/iSiVq5TITtUasIUgm+IIKdY2/1I7auiQOEeC9A==",
+ "version": "7.24.4",
+ "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.24.4.tgz",
+ "integrity": "sha512-Xd6+v6SnjWVx/nus+y0l1sxMOTOMBkyL4+BIdbALyatQnAe/SRVjANeDPSCYaX+i1iJmuGSKf3Z+E+V/va1Hvw==",
"dev": true,
"dependencies": {
"@babel/types": "^7.24.0",
@@ -260,9 +260,9 @@
}
},
"node_modules/@babel/helper-create-class-features-plugin": {
- "version": "7.24.1",
- "resolved": "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.24.1.tgz",
- "integrity": "sha512-1yJa9dX9g//V6fDebXoEfEsxkZHk3Hcbm+zLhyu6qVgYFLvmTALTeV+jNU9e5RnYtioBrGEOdoI2joMSNQ/+aA==",
+ "version": "7.24.4",
+ "resolved": "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.24.4.tgz",
+ "integrity": "sha512-lG75yeuUSVu0pIcbhiYMXBXANHrpUPaOfu7ryAzskCgKUHuAxRQI5ssrtmF0X9UXldPlvT0XM/A4F44OXRt6iQ==",
"dev": true,
"dependencies": {
"@babel/helper-annotate-as-pure": "^7.22.5",
@@ -511,9 +511,9 @@
}
},
"node_modules/@babel/helpers": {
- "version": "7.24.1",
- "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.24.1.tgz",
- "integrity": "sha512-BpU09QqEe6ZCHuIHFphEFgvNSrubve1FtyMton26ekZ85gRGi6LrTF7zArARp2YvyFxloeiRmtSCq5sjh1WqIg==",
+ "version": "7.24.4",
+ "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.24.4.tgz",
+ "integrity": "sha512-FewdlZbSiwaVGlgT1DPANDuCHaDMiOo+D/IDYRFYjHOuv66xMSJ7fQwwODwRNAPkADIO/z1EoF/l2BCWlWABDw==",
"dev": true,
"dependencies": {
"@babel/template": "^7.24.0",
@@ -540,9 +540,9 @@
}
},
"node_modules/@babel/parser": {
- "version": "7.24.1",
- "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.1.tgz",
- "integrity": "sha512-Zo9c7N3xdOIQrNip7Lc9wvRPzlRtovHVE4lkz8WEDr7uYh/GMQhSiIgFxGIArRHYdJE5kxtZjAf8rT0xhdLCzg==",
+ "version": "7.24.4",
+ "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.4.tgz",
+ "integrity": "sha512-zTvEBcghmeBma9QIGunWevvBAp4/Qu9Bdq+2k0Ot4fVMD6v3dsC9WOcRSKk7tRRyBM/53yKMJko9xOatGQAwSg==",
"dev": true,
"bin": {
"parser": "bin/babel-parser.js"
@@ -551,6 +551,22 @@
"node": ">=6.0.0"
}
},
+ "node_modules/@babel/plugin-bugfix-firefox-class-in-computed-class-key": {
+ "version": "7.24.4",
+ "resolved": "https://registry.npmjs.org/@babel/plugin-bugfix-firefox-class-in-computed-class-key/-/plugin-bugfix-firefox-class-in-computed-class-key-7.24.4.tgz",
+ "integrity": "sha512-qpl6vOOEEzTLLcsuqYYo8yDtrTocmu2xkGvgNebvPjT9DTtfFYGmgDqY+rBYXNlqL4s9qLDn6xkrJv4RxAPiTA==",
+ "dev": true,
+ "dependencies": {
+ "@babel/helper-environment-visitor": "^7.22.20",
+ "@babel/helper-plugin-utils": "^7.24.0"
+ },
+ "engines": {
+ "node": ">=6.9.0"
+ },
+ "peerDependencies": {
+ "@babel/core": "^7.0.0"
+ }
+ },
"node_modules/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression": {
"version": "7.24.1",
"resolved": "https://registry.npmjs.org/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression/-/plugin-bugfix-safari-id-destructuring-collision-in-function-expression-7.24.1.tgz",
@@ -995,9 +1011,9 @@
}
},
"node_modules/@babel/plugin-transform-block-scoping": {
- "version": "7.24.1",
- "resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.24.1.tgz",
- "integrity": "sha512-h71T2QQvDgM2SmT29UYU6ozjMlAt7s7CSs5Hvy8f8cf/GM/Z4a2zMfN+fjVGaieeCrXR3EdQl6C4gQG+OgmbKw==",
+ "version": "7.24.4",
+ "resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.24.4.tgz",
+ "integrity": "sha512-nIFUZIpGKDf9O9ttyRXpHFpKC+X3Y5mtshZONuEUYBomAKoM4y029Jr+uB1bHGPhNmK8YXHevDtKDOLmtRrp6g==",
"dev": true,
"dependencies": {
"@babel/helper-plugin-utils": "^7.24.0"
@@ -1026,12 +1042,12 @@
}
},
"node_modules/@babel/plugin-transform-class-static-block": {
- "version": "7.24.1",
- "resolved": "https://registry.npmjs.org/@babel/plugin-transform-class-static-block/-/plugin-transform-class-static-block-7.24.1.tgz",
- "integrity": "sha512-FUHlKCn6J3ERiu8Dv+4eoz7w8+kFLSyeVG4vDAikwADGjUCoHw/JHokyGtr8OR4UjpwPVivyF+h8Q5iv/JmrtA==",
+ "version": "7.24.4",
+ "resolved": "https://registry.npmjs.org/@babel/plugin-transform-class-static-block/-/plugin-transform-class-static-block-7.24.4.tgz",
+ "integrity": "sha512-B8q7Pz870Hz/q9UgP8InNpY01CSLDSCyqX7zcRuv3FcPl87A2G17lASroHWaCtbdIcbYzOZ7kWmXFKbijMSmFg==",
"dev": true,
"dependencies": {
- "@babel/helper-create-class-features-plugin": "^7.24.1",
+ "@babel/helper-create-class-features-plugin": "^7.24.4",
"@babel/helper-plugin-utils": "^7.24.0",
"@babel/plugin-syntax-class-static-block": "^7.14.5"
},
@@ -1753,15 +1769,16 @@
}
},
"node_modules/@babel/preset-env": {
- "version": "7.24.3",
- "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.24.3.tgz",
- "integrity": "sha512-fSk430k5c2ff8536JcPvPWK4tZDwehWLGlBp0wrsBUjZVdeQV6lePbwKWZaZfK2vnh/1kQX1PzAJWsnBmVgGJA==",
+ "version": "7.24.4",
+ "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.24.4.tgz",
+ "integrity": "sha512-7Kl6cSmYkak0FK/FXjSEnLJ1N9T/WA2RkMhu17gZ/dsxKJUuTYNIylahPTzqpLyJN4WhDif8X0XK1R8Wsguo/A==",
"dev": true,
"dependencies": {
- "@babel/compat-data": "^7.24.1",
+ "@babel/compat-data": "^7.24.4",
"@babel/helper-compilation-targets": "^7.23.6",
"@babel/helper-plugin-utils": "^7.24.0",
"@babel/helper-validator-option": "^7.23.5",
+ "@babel/plugin-bugfix-firefox-class-in-computed-class-key": "^7.24.4",
"@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression": "^7.24.1",
"@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining": "^7.24.1",
"@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly": "^7.24.1",
@@ -1788,9 +1805,9 @@
"@babel/plugin-transform-async-generator-functions": "^7.24.3",
"@babel/plugin-transform-async-to-generator": "^7.24.1",
"@babel/plugin-transform-block-scoped-functions": "^7.24.1",
- "@babel/plugin-transform-block-scoping": "^7.24.1",
+ "@babel/plugin-transform-block-scoping": "^7.24.4",
"@babel/plugin-transform-class-properties": "^7.24.1",
- "@babel/plugin-transform-class-static-block": "^7.24.1",
+ "@babel/plugin-transform-class-static-block": "^7.24.4",
"@babel/plugin-transform-classes": "^7.24.1",
"@babel/plugin-transform-computed-properties": "^7.24.1",
"@babel/plugin-transform-destructuring": "^7.24.1",
@@ -2813,17 +2830,18 @@
}
},
"node_modules/@fortawesome/fontawesome-free": {
- "version": "6.5.1",
+ "version": "6.5.2",
+ "resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-free/-/fontawesome-free-6.5.2.tgz",
+ "integrity": "sha512-hRILoInAx8GNT5IMkrtIt9blOdrqHOnPBH+k70aWUAqPZPgopb9G5EQJFpaBx/S8zp2fC+mPW349Bziuk1o28Q==",
"hasInstallScript": true,
- "license": "(CC-BY-4.0 AND OFL-1.1 AND MIT)",
"engines": {
"node": ">=6"
}
},
"node_modules/@goauthentik/api": {
- "version": "2024.2.2-1711643691",
- "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2024.2.2-1711643691.tgz",
- "integrity": "sha512-QHe+3gaNRkId54AuqndYNL0e5kG8nPlH4OjOYOPqOr3u70rxby63PBSPgSRKgqsigBpZufhQGsUBAPmpR8Hv0w=="
+ "version": "2024.2.2-1712238004",
+ "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2024.2.2-1712238004.tgz",
+ "integrity": "sha512-Y1wNhIYN3/CwpcCKGm8JT0Vkkqjfh3Og91IvzLRVJ61qBQ3/hc016YBjdAEnXzzDOmylRalI0Umfl2nl2NXdHQ=="
},
"node_modules/@hcaptcha/types": {
"version": "1.0.3",
@@ -4201,9 +4219,9 @@
}
},
"node_modules/@rollup/rollup-android-arm-eabi": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.12.0.tgz",
- "integrity": "sha512-+ac02NL/2TCKRrJu2wffk1kZ+RyqxVUlbjSagNgPm94frxtr+XDL12E5Ll1enWskLrtrZ2r8L3wED1orIibV/w==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.14.0.tgz",
+ "integrity": "sha512-jwXtxYbRt1V+CdQSy6Z+uZti7JF5irRKF8hlKfEnF/xJpcNGuuiZMBvuoYM+x9sr9iWGnzrlM0+9hvQ1kgkf1w==",
"cpu": [
"arm"
],
@@ -4215,9 +4233,9 @@
"peer": true
},
"node_modules/@rollup/rollup-android-arm64": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.12.0.tgz",
- "integrity": "sha512-OBqcX2BMe6nvjQ0Nyp7cC90cnumt8PXmO7Dp3gfAju/6YwG0Tj74z1vKrfRz7qAv23nBcYM8BCbhrsWqO7PzQQ==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.14.0.tgz",
+ "integrity": "sha512-fI9nduZhCccjzlsA/OuAwtFGWocxA4gqXGTLvOyiF8d+8o0fZUeSztixkYjcGq1fGZY3Tkq4yRvHPFxU+jdZ9Q==",
"cpu": [
"arm64"
],
@@ -4229,9 +4247,9 @@
"peer": true
},
"node_modules/@rollup/rollup-darwin-arm64": {
- "version": "4.13.2",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.13.2.tgz",
- "integrity": "sha512-mCMlpzlBgOTdaFs83I4XRr8wNPveJiJX1RLfv4hggyIVhfB5mJfN4P8Z6yKh+oE4Luz+qq1P3kVdWrCKcMYrrA==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.14.0.tgz",
+ "integrity": "sha512-BcnSPRM76/cD2gQC+rQNGBN6GStBs2pl/FpweW8JYuz5J/IEa0Fr4AtrPv766DB/6b2MZ/AfSIOSGw3nEIP8SA==",
"cpu": [
"arm64"
],
@@ -4241,9 +4259,9 @@
]
},
"node_modules/@rollup/rollup-darwin-x64": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.12.0.tgz",
- "integrity": "sha512-cc71KUZoVbUJmGP2cOuiZ9HSOP14AzBAThn3OU+9LcA1+IUqswJyR1cAJj3Mg55HbjZP6OLAIscbQsQLrpgTOg==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.14.0.tgz",
+ "integrity": "sha512-LDyFB9GRolGN7XI6955aFeI3wCdCUszFWumWU0deHA8VpR3nWRrjG6GtGjBrQxQKFevnUTHKCfPR4IvrW3kCgQ==",
"cpu": [
"x64"
],
@@ -4255,9 +4273,9 @@
"peer": true
},
"node_modules/@rollup/rollup-linux-arm-gnueabihf": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.12.0.tgz",
- "integrity": "sha512-a6w/Y3hyyO6GlpKL2xJ4IOh/7d+APaqLYdMf86xnczU3nurFTaVN9s9jOXQg97BE4nYm/7Ga51rjec5nfRdrvA==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.14.0.tgz",
+ "integrity": "sha512-ygrGVhQP47mRh0AAD0zl6QqCbNsf0eTo+vgwkY6LunBcg0f2Jv365GXlDUECIyoXp1kKwL5WW6rsO429DBY/bA==",
"cpu": [
"arm"
],
@@ -4269,9 +4287,9 @@
"peer": true
},
"node_modules/@rollup/rollup-linux-arm64-gnu": {
- "version": "4.13.2",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.13.2.tgz",
- "integrity": "sha512-L1+D8/wqGnKQIlh4Zre9i4R4b4noxzH5DDciyahX4oOz62CphY7WDWqJoQ66zNR4oScLNOqQJfNSIAe/6TPUmQ==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.14.0.tgz",
+ "integrity": "sha512-x+uJ6MAYRlHGe9wi4HQjxpaKHPM3d3JjqqCkeC5gpnnI6OWovLdXTpfa8trjxPLnWKyBsSi5kne+146GAxFt4A==",
"cpu": [
"arm64"
],
@@ -4281,9 +4299,9 @@
]
},
"node_modules/@rollup/rollup-linux-arm64-musl": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.12.0.tgz",
- "integrity": "sha512-eTvzUS3hhhlgeAv6bfigekzWZjaEX9xP9HhxB0Dvrdbkk5w/b+1Sxct2ZuDxNJKzsRStSq1EaEkVSEe7A7ipgQ==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.14.0.tgz",
+ "integrity": "sha512-nrRw8ZTQKg6+Lttwqo6a2VxR9tOroa2m91XbdQ2sUUzHoedXlsyvY1fN4xWdqz8PKmf4orDwejxXHjh7YBGUCA==",
"cpu": [
"arm64"
],
@@ -4294,10 +4312,24 @@
],
"peer": true
},
+ "node_modules/@rollup/rollup-linux-powerpc64le-gnu": {
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-powerpc64le-gnu/-/rollup-linux-powerpc64le-gnu-4.14.0.tgz",
+ "integrity": "sha512-xV0d5jDb4aFu84XKr+lcUJ9y3qpIWhttO3Qev97z8DKLXR62LC3cXT/bMZXrjLF9X+P5oSmJTzAhqwUbY96PnA==",
+ "cpu": [
+ "ppc64le"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "peer": true
+ },
"node_modules/@rollup/rollup-linux-riscv64-gnu": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.12.0.tgz",
- "integrity": "sha512-ix+qAB9qmrCRiaO71VFfY8rkiAZJL8zQRXveS27HS+pKdjwUfEhqo2+YF2oI+H/22Xsiski+qqwIBxVewLK7sw==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.14.0.tgz",
+ "integrity": "sha512-SDDhBQwZX6LPRoPYjAZWyL27LbcBo7WdBFWJi5PI9RPCzU8ijzkQn7tt8NXiXRiFMJCVpkuMkBf4OxSxVMizAw==",
"cpu": [
"riscv64"
],
@@ -4308,10 +4340,24 @@
],
"peer": true
},
+ "node_modules/@rollup/rollup-linux-s390x-gnu": {
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.14.0.tgz",
+ "integrity": "sha512-RxB/qez8zIDshNJDufYlTT0ZTVut5eCpAZ3bdXDU9yTxBzui3KhbGjROK2OYTTor7alM7XBhssgoO3CZ0XD3qA==",
+ "cpu": [
+ "s390x"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "peer": true
+ },
"node_modules/@rollup/rollup-linux-x64-gnu": {
- "version": "4.13.2",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.13.2.tgz",
- "integrity": "sha512-xXMLUAMzrtsvh3cZ448vbXqlUa7ZL8z0MwHp63K2IIID2+DeP5iWIT6g1SN7hg1VxPzqx0xZdiDM9l4n9LRU1A==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.14.0.tgz",
+ "integrity": "sha512-C6y6z2eCNCfhZxT9u+jAM2Fup89ZjiG5pIzZIDycs1IwESviLxwkQcFRGLjnDrP+PT+v5i4YFvlcfAs+LnreXg==",
"cpu": [
"x64"
],
@@ -4321,9 +4367,9 @@
]
},
"node_modules/@rollup/rollup-linux-x64-musl": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.12.0.tgz",
- "integrity": "sha512-LfFdRhNnW0zdMvdCb5FNuWlls2WbbSridJvxOvYWgSBOYZtgBfW9UGNJG//rwMqTX1xQE9BAodvMH9tAusKDUw==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.14.0.tgz",
+ "integrity": "sha512-i0QwbHYfnOMYsBEyjxcwGu5SMIi9sImDVjDg087hpzXqhBSosxkE7gyIYFHgfFl4mr7RrXksIBZ4DoLoP4FhJg==",
"cpu": [
"x64"
],
@@ -4335,9 +4381,9 @@
"peer": true
},
"node_modules/@rollup/rollup-win32-arm64-msvc": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.12.0.tgz",
- "integrity": "sha512-JPDxovheWNp6d7AHCgsUlkuCKvtu3RB55iNEkaQcf0ttsDU/JZF+iQnYcQJSk/7PtT4mjjVG8N1kpwnI9SLYaw==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.14.0.tgz",
+ "integrity": "sha512-Fq52EYb0riNHLBTAcL0cun+rRwyZ10S9vKzhGKKgeD+XbwunszSY0rVMco5KbOsTlwovP2rTOkiII/fQ4ih/zQ==",
"cpu": [
"arm64"
],
@@ -4349,9 +4395,9 @@
"peer": true
},
"node_modules/@rollup/rollup-win32-ia32-msvc": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.12.0.tgz",
- "integrity": "sha512-fjtuvMWRGJn1oZacG8IPnzIV6GF2/XG+h71FKn76OYFqySXInJtseAqdprVTDTyqPxQOG9Exak5/E9Z3+EJ8ZA==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.14.0.tgz",
+ "integrity": "sha512-e/PBHxPdJ00O9p5Ui43+vixSgVf4NlLsmV6QneGERJ3lnjIua/kim6PRFe3iDueT1rQcgSkYP8ZBBXa/h4iPvw==",
"cpu": [
"ia32"
],
@@ -4363,9 +4409,9 @@
"peer": true
},
"node_modules/@rollup/rollup-win32-x64-msvc": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.12.0.tgz",
- "integrity": "sha512-ZYmr5mS2wd4Dew/JjT0Fqi2NPB/ZhZ2VvPp7SmvPZb4Y1CG/LRcS6tcRo2cYU7zLK5A7cdbhWnnWmUjoI4qapg==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.14.0.tgz",
+ "integrity": "sha512-aGg7iToJjdklmxlUlJh/PaPNa4PmqHfyRMLunbL3eaMO0gp656+q1zOKkpJ/CVe9CryJv6tAN1HDoR8cNGzkag==",
"cpu": [
"x64"
],
@@ -10059,9 +10105,9 @@
"license": "MIT"
},
"node_modules/eslint-plugin-sonarjs": {
- "version": "0.25.0",
- "resolved": "https://registry.npmjs.org/eslint-plugin-sonarjs/-/eslint-plugin-sonarjs-0.25.0.tgz",
- "integrity": "sha512-DaZOtpUucEZbvowgKxVFwICV6r0h7jSCAx0IHICvCowP+etFussnhtaiCPSnYAuwVJ+P/6UFUhkv7QJklpXFyA==",
+ "version": "0.25.1",
+ "resolved": "https://registry.npmjs.org/eslint-plugin-sonarjs/-/eslint-plugin-sonarjs-0.25.1.tgz",
+ "integrity": "sha512-5IOKvj/GMBNqjxBdItfotfRHo7w48496GOu1hxdeXuD0mB1JBlDCViiLHETDTfA8pDAVSBimBEQoetRXYceQEw==",
"dev": true,
"engines": {
"node": ">=16"
@@ -13672,6 +13718,8 @@
},
"node_modules/nanoid": {
"version": "3.3.7",
+ "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz",
+ "integrity": "sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g==",
"dev": true,
"funding": [
{
@@ -13679,7 +13727,6 @@
"url": "https://github.com/sponsors/ai"
}
],
- "license": "MIT",
"peer": true,
"bin": {
"nanoid": "bin/nanoid.cjs"
@@ -14680,7 +14727,9 @@
}
},
"node_modules/postcss": {
- "version": "8.4.35",
+ "version": "8.4.38",
+ "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.38.tgz",
+ "integrity": "sha512-Wglpdk03BSfXkHoQa3b/oulrotAkwrlLDRSOb9D0bN86FdRyE9lppSp33aHNPgBa0JKCoB+drFLZkQoRRYae5A==",
"dev": true,
"funding": [
{
@@ -14696,12 +14745,11 @@
"url": "https://github.com/sponsors/ai"
}
],
- "license": "MIT",
"peer": true,
"dependencies": {
"nanoid": "^3.3.7",
"picocolors": "^1.0.0",
- "source-map-js": "^1.0.2"
+ "source-map-js": "^1.2.0"
},
"engines": {
"node": "^10 || ^12 || >=14"
@@ -15635,9 +15683,10 @@
"license": "Unlicense"
},
"node_modules/rollup": {
- "version": "4.12.0",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.14.0.tgz",
+ "integrity": "sha512-Qe7w62TyawbDzB4yt32R0+AbIo6m1/sqO7UPzFS8Z/ksL5mrfhA0v4CavfdmFav3D+ub4QeAgsGEe84DoWe/nQ==",
"dev": true,
- "license": "MIT",
"peer": true,
"dependencies": {
"@types/estree": "1.0.5"
@@ -15650,19 +15699,21 @@
"npm": ">=8.0.0"
},
"optionalDependencies": {
- "@rollup/rollup-android-arm-eabi": "4.12.0",
- "@rollup/rollup-android-arm64": "4.12.0",
- "@rollup/rollup-darwin-arm64": "4.12.0",
- "@rollup/rollup-darwin-x64": "4.12.0",
- "@rollup/rollup-linux-arm-gnueabihf": "4.12.0",
- "@rollup/rollup-linux-arm64-gnu": "4.12.0",
- "@rollup/rollup-linux-arm64-musl": "4.12.0",
- "@rollup/rollup-linux-riscv64-gnu": "4.12.0",
- "@rollup/rollup-linux-x64-gnu": "4.12.0",
- "@rollup/rollup-linux-x64-musl": "4.12.0",
- "@rollup/rollup-win32-arm64-msvc": "4.12.0",
- "@rollup/rollup-win32-ia32-msvc": "4.12.0",
- "@rollup/rollup-win32-x64-msvc": "4.12.0",
+ "@rollup/rollup-android-arm-eabi": "4.14.0",
+ "@rollup/rollup-android-arm64": "4.14.0",
+ "@rollup/rollup-darwin-arm64": "4.14.0",
+ "@rollup/rollup-darwin-x64": "4.14.0",
+ "@rollup/rollup-linux-arm-gnueabihf": "4.14.0",
+ "@rollup/rollup-linux-arm64-gnu": "4.14.0",
+ "@rollup/rollup-linux-arm64-musl": "4.14.0",
+ "@rollup/rollup-linux-powerpc64le-gnu": "4.14.0",
+ "@rollup/rollup-linux-riscv64-gnu": "4.14.0",
+ "@rollup/rollup-linux-s390x-gnu": "4.14.0",
+ "@rollup/rollup-linux-x64-gnu": "4.14.0",
+ "@rollup/rollup-linux-x64-musl": "4.14.0",
+ "@rollup/rollup-win32-arm64-msvc": "4.14.0",
+ "@rollup/rollup-win32-ia32-msvc": "4.14.0",
+ "@rollup/rollup-win32-x64-msvc": "4.14.0",
"fsevents": "~2.3.2"
}
},
@@ -15696,9 +15747,9 @@
}
},
"node_modules/rollup/node_modules/@rollup/rollup-darwin-arm64": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.12.0.tgz",
- "integrity": "sha512-X64tZd8dRE/QTrBIEs63kaOBG0b5GVEd3ccoLtyf6IdXtHdh8h+I56C2yC3PtC9Ucnv0CpNFJLqKFVgCYe0lOQ==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.14.0.tgz",
+ "integrity": "sha512-BcnSPRM76/cD2gQC+rQNGBN6GStBs2pl/FpweW8JYuz5J/IEa0Fr4AtrPv766DB/6b2MZ/AfSIOSGw3nEIP8SA==",
"cpu": [
"arm64"
],
@@ -15710,9 +15761,9 @@
"peer": true
},
"node_modules/rollup/node_modules/@rollup/rollup-linux-arm64-gnu": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.12.0.tgz",
- "integrity": "sha512-0fZBq27b+D7Ar5CQMofVN8sggOVhEtzFUwOwPppQt0k+VR+7UHMZZY4y+64WJ06XOhBTKXtQB/Sv0NwQMXyNAA==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.14.0.tgz",
+ "integrity": "sha512-x+uJ6MAYRlHGe9wi4HQjxpaKHPM3d3JjqqCkeC5gpnnI6OWovLdXTpfa8trjxPLnWKyBsSi5kne+146GAxFt4A==",
"cpu": [
"arm64"
],
@@ -15724,9 +15775,9 @@
"peer": true
},
"node_modules/rollup/node_modules/@rollup/rollup-linux-x64-gnu": {
- "version": "4.12.0",
- "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.12.0.tgz",
- "integrity": "sha512-TenQhZVOtw/3qKOPa7d+QgkeM6xY0LtwzR8OplmyL5LrgTWIXpTQg2Q2ycBf8jm+SFW2Wt/DTn1gf7nFp3ssVA==",
+ "version": "4.14.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.14.0.tgz",
+ "integrity": "sha512-C6y6z2eCNCfhZxT9u+jAM2Fup89ZjiG5pIzZIDycs1IwESviLxwkQcFRGLjnDrP+PT+v5i4YFvlcfAs+LnreXg==",
"cpu": [
"x64"
],
@@ -16073,9 +16124,10 @@
}
},
"node_modules/source-map-js": {
- "version": "1.0.2",
+ "version": "1.2.0",
+ "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz",
+ "integrity": "sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg==",
"dev": true,
- "license": "BSD-3-Clause",
"peer": true,
"engines": {
"node": ">=0.10.0"
@@ -17424,14 +17476,15 @@
}
},
"node_modules/vite": {
- "version": "5.1.4",
+ "version": "5.2.8",
+ "resolved": "https://registry.npmjs.org/vite/-/vite-5.2.8.tgz",
+ "integrity": "sha512-OyZR+c1CE8yeHw5V5t59aXsUPPVTHMDjEZz8MgguLL/Q7NblxhZUlTu9xSPqlsUO/y+X7dlU05jdhvyycD55DA==",
"dev": true,
- "license": "MIT",
"peer": true,
"dependencies": {
- "esbuild": "^0.19.3",
- "postcss": "^8.4.35",
- "rollup": "^4.2.0"
+ "esbuild": "^0.20.1",
+ "postcss": "^8.4.38",
+ "rollup": "^4.13.0"
},
"bin": {
"vite": "bin/vite.js"
@@ -17497,434 +17550,6 @@
}
}
},
- "node_modules/vite/node_modules/@esbuild/aix-ppc64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.19.12.tgz",
- "integrity": "sha512-bmoCYyWdEL3wDQIVbcyzRyeKLgk2WtWLTWz1ZIAZF/EGbNOwSA6ew3PftJ1PqMiOOGu0OyFMzG53L0zqIpPeNA==",
- "cpu": [
- "ppc64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "aix"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/android-arm": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.19.12.tgz",
- "integrity": "sha512-qg/Lj1mu3CdQlDEEiWrlC4eaPZ1KztwGJ9B6J+/6G+/4ewxJg7gqj8eVYWvao1bXrqGiW2rsBZFSX3q2lcW05w==",
- "cpu": [
- "arm"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "android"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/android-arm64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.19.12.tgz",
- "integrity": "sha512-P0UVNGIienjZv3f5zq0DP3Nt2IE/3plFzuaS96vihvD0Hd6H/q4WXUGpCxD/E8YrSXfNyRPbpTq+T8ZQioSuPA==",
- "cpu": [
- "arm64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "android"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/android-x64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.19.12.tgz",
- "integrity": "sha512-3k7ZoUW6Q6YqhdhIaq/WZ7HwBpnFBlW905Fa4s4qWJyiNOgT1dOqDiVAQFwBH7gBRZr17gLrlFCRzF6jFh7Kew==",
- "cpu": [
- "x64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "android"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/darwin-arm64": {
- "version": "0.19.12",
- "cpu": [
- "arm64"
- ],
- "dev": true,
- "license": "MIT",
- "optional": true,
- "os": [
- "darwin"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/darwin-x64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.19.12.tgz",
- "integrity": "sha512-hKoVkKzFiToTgn+41qGhsUJXFlIjxI/jSYeZf3ugemDYZldIXIxhvwN6erJGlX4t5h417iFuheZ7l+YVn05N3A==",
- "cpu": [
- "x64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "darwin"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/freebsd-arm64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.19.12.tgz",
- "integrity": "sha512-4aRvFIXmwAcDBw9AueDQ2YnGmz5L6obe5kmPT8Vd+/+x/JMVKCgdcRwH6APrbpNXsPz+K653Qg8HB/oXvXVukA==",
- "cpu": [
- "arm64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "freebsd"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/freebsd-x64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.19.12.tgz",
- "integrity": "sha512-EYoXZ4d8xtBoVN7CEwWY2IN4ho76xjYXqSXMNccFSx2lgqOG/1TBPW0yPx1bJZk94qu3tX0fycJeeQsKovA8gg==",
- "cpu": [
- "x64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "freebsd"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/linux-arm": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.19.12.tgz",
- "integrity": "sha512-J5jPms//KhSNv+LO1S1TX1UWp1ucM6N6XuL6ITdKWElCu8wXP72l9MM0zDTzzeikVyqFE6U8YAV9/tFyj0ti+w==",
- "cpu": [
- "arm"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "linux"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/linux-arm64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.19.12.tgz",
- "integrity": "sha512-EoTjyYyLuVPfdPLsGVVVC8a0p1BFFvtpQDB/YLEhaXyf/5bczaGeN15QkR+O4S5LeJ92Tqotve7i1jn35qwvdA==",
- "cpu": [
- "arm64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "linux"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/linux-ia32": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.19.12.tgz",
- "integrity": "sha512-Thsa42rrP1+UIGaWz47uydHSBOgTUnwBwNq59khgIwktK6x60Hivfbux9iNR0eHCHzOLjLMLfUMLCypBkZXMHA==",
- "cpu": [
- "ia32"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "linux"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/linux-loong64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.19.12.tgz",
- "integrity": "sha512-LiXdXA0s3IqRRjm6rV6XaWATScKAXjI4R4LoDlvO7+yQqFdlr1Bax62sRwkVvRIrwXxvtYEHHI4dm50jAXkuAA==",
- "cpu": [
- "loong64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "linux"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/linux-mips64el": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.19.12.tgz",
- "integrity": "sha512-fEnAuj5VGTanfJ07ff0gOA6IPsvrVHLVb6Lyd1g2/ed67oU1eFzL0r9WL7ZzscD+/N6i3dWumGE1Un4f7Amf+w==",
- "cpu": [
- "mips64el"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "linux"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/linux-ppc64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.19.12.tgz",
- "integrity": "sha512-nYJA2/QPimDQOh1rKWedNOe3Gfc8PabU7HT3iXWtNUbRzXS9+vgB0Fjaqr//XNbd82mCxHzik2qotuI89cfixg==",
- "cpu": [
- "ppc64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "linux"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/linux-riscv64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.19.12.tgz",
- "integrity": "sha512-2MueBrlPQCw5dVJJpQdUYgeqIzDQgw3QtiAHUC4RBz9FXPrskyyU3VI1hw7C0BSKB9OduwSJ79FTCqtGMWqJHg==",
- "cpu": [
- "riscv64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "linux"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/linux-s390x": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.19.12.tgz",
- "integrity": "sha512-+Pil1Nv3Umes4m3AZKqA2anfhJiVmNCYkPchwFJNEJN5QxmTs1uzyy4TvmDrCRNT2ApwSari7ZIgrPeUx4UZDg==",
- "cpu": [
- "s390x"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "linux"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/linux-x64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.19.12.tgz",
- "integrity": "sha512-B71g1QpxfwBvNrfyJdVDexenDIt1CiDN1TIXLbhOw0KhJzE78KIFGX6OJ9MrtC0oOqMWf+0xop4qEU8JrJTwCg==",
- "cpu": [
- "x64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "linux"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/netbsd-x64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.19.12.tgz",
- "integrity": "sha512-3ltjQ7n1owJgFbuC61Oj++XhtzmymoCihNFgT84UAmJnxJfm4sYCiSLTXZtE00VWYpPMYc+ZQmB6xbSdVh0JWA==",
- "cpu": [
- "x64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "netbsd"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/openbsd-x64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.19.12.tgz",
- "integrity": "sha512-RbrfTB9SWsr0kWmb9srfF+L933uMDdu9BIzdA7os2t0TXhCRjrQyCeOt6wVxr79CKD4c+p+YhCj31HBkYcXebw==",
- "cpu": [
- "x64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "openbsd"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/sunos-x64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.19.12.tgz",
- "integrity": "sha512-HKjJwRrW8uWtCQnQOz9qcU3mUZhTUQvi56Q8DPTLLB+DawoiQdjsYq+j+D3s9I8VFtDr+F9CjgXKKC4ss89IeA==",
- "cpu": [
- "x64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "sunos"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/win32-arm64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.19.12.tgz",
- "integrity": "sha512-URgtR1dJnmGvX864pn1B2YUYNzjmXkuJOIqG2HdU62MVS4EHpU2946OZoTMnRUHklGtJdJZ33QfzdjGACXhn1A==",
- "cpu": [
- "arm64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "win32"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/win32-ia32": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.19.12.tgz",
- "integrity": "sha512-+ZOE6pUkMOJfmxmBZElNOx72NKpIa/HFOMGzu8fqzQJ5kgf6aTGrcJaFsNiVMH4JKpMipyK+7k0n2UXN7a8YKQ==",
- "cpu": [
- "ia32"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "win32"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/@esbuild/win32-x64": {
- "version": "0.19.12",
- "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.19.12.tgz",
- "integrity": "sha512-T1QyPSDCyMXaO3pzBkF96E8xMkiRYbUEZADd29SyPGabqxMViNoii+NcK7eWJAEoU6RZyEm5lVSIjTmcdoB9HA==",
- "cpu": [
- "x64"
- ],
- "dev": true,
- "optional": true,
- "os": [
- "win32"
- ],
- "peer": true,
- "engines": {
- "node": ">=12"
- }
- },
- "node_modules/vite/node_modules/esbuild": {
- "version": "0.19.12",
- "dev": true,
- "hasInstallScript": true,
- "license": "MIT",
- "peer": true,
- "bin": {
- "esbuild": "bin/esbuild"
- },
- "engines": {
- "node": ">=12"
- },
- "optionalDependencies": {
- "@esbuild/aix-ppc64": "0.19.12",
- "@esbuild/android-arm": "0.19.12",
- "@esbuild/android-arm64": "0.19.12",
- "@esbuild/android-x64": "0.19.12",
- "@esbuild/darwin-arm64": "0.19.12",
- "@esbuild/darwin-x64": "0.19.12",
- "@esbuild/freebsd-arm64": "0.19.12",
- "@esbuild/freebsd-x64": "0.19.12",
- "@esbuild/linux-arm": "0.19.12",
- "@esbuild/linux-arm64": "0.19.12",
- "@esbuild/linux-ia32": "0.19.12",
- "@esbuild/linux-loong64": "0.19.12",
- "@esbuild/linux-mips64el": "0.19.12",
- "@esbuild/linux-ppc64": "0.19.12",
- "@esbuild/linux-riscv64": "0.19.12",
- "@esbuild/linux-s390x": "0.19.12",
- "@esbuild/linux-x64": "0.19.12",
- "@esbuild/netbsd-x64": "0.19.12",
- "@esbuild/openbsd-x64": "0.19.12",
- "@esbuild/sunos-x64": "0.19.12",
- "@esbuild/win32-arm64": "0.19.12",
- "@esbuild/win32-ia32": "0.19.12",
- "@esbuild/win32-x64": "0.19.12"
- }
- },
"node_modules/vscode-css-languageservice": {
"version": "4.3.0",
"dev": true,
diff --git a/web/package.json b/web/package.json
index 591180e155..0f9021820e 100644
--- a/web/package.json
+++ b/web/package.json
@@ -37,8 +37,8 @@
"@codemirror/legacy-modes": "^6.3.3",
"@codemirror/theme-one-dark": "^6.1.2",
"@formatjs/intl-listformat": "^7.5.5",
- "@fortawesome/fontawesome-free": "^6.5.1",
- "@goauthentik/api": "^2024.2.2-1711643691",
+ "@fortawesome/fontawesome-free": "^6.5.2",
+ "@goauthentik/api": "^2024.2.2-1712238004",
"@lit-labs/task": "^3.1.0",
"@lit/context": "^1.1.0",
"@lit/localize": "^0.12.1",
@@ -68,13 +68,13 @@
"yaml": "^2.4.1"
},
"devDependencies": {
- "@babel/core": "^7.24.3",
+ "@babel/core": "^7.24.4",
"@babel/plugin-proposal-class-properties": "^7.18.6",
"@babel/plugin-proposal-decorators": "^7.24.1",
"@babel/plugin-transform-private-methods": "^7.24.1",
"@babel/plugin-transform-private-property-in-object": "^7.24.1",
"@babel/plugin-transform-runtime": "^7.24.3",
- "@babel/preset-env": "^7.24.3",
+ "@babel/preset-env": "^7.24.4",
"@babel/preset-typescript": "^7.24.1",
"@hcaptcha/types": "^1.0.3",
"@jeysal/storybook-addon-css-user-preferences": "^0.2.0",
@@ -105,7 +105,7 @@
"eslint-config-google": "^0.14.0",
"eslint-plugin-custom-elements": "0.0.8",
"eslint-plugin-lit": "^1.11.0",
- "eslint-plugin-sonarjs": "^0.25.0",
+ "eslint-plugin-sonarjs": "^0.25.1",
"eslint-plugin-storybook": "^0.8.0",
"github-slugger": "^2.0.0",
"glob": "^10.3.12",
@@ -129,9 +129,9 @@
"@esbuild/darwin-arm64": "^0.20.1",
"@esbuild/linux-amd64": "^0.18.11",
"@esbuild/linux-arm64": "^0.20.1",
- "@rollup/rollup-darwin-arm64": "4.13.2",
- "@rollup/rollup-linux-arm64-gnu": "4.13.2",
- "@rollup/rollup-linux-x64-gnu": "4.13.2"
+ "@rollup/rollup-darwin-arm64": "4.14.0",
+ "@rollup/rollup-linux-arm64-gnu": "4.14.0",
+ "@rollup/rollup-linux-x64-gnu": "4.14.0"
},
"engines": {
"node": ">=20"
diff --git a/web/xliff/zh-Hans.xlf b/web/xliff/zh-Hans.xlf
index c0c0151c2a..d1c3c828b6 100644
--- a/web/xliff/zh-Hans.xlf
+++ b/web/xliff/zh-Hans.xlf
@@ -8458,51 +8458,67 @@ Bindings to groups/users are checked against the user of the event.
Latest version unknown
+ 最新版本未知
Timestamp
+ 时间戳
Time
+ 时间
Level
+ 等级
Event
+ 事件
Logger
+ 日志记录器
Update internal password on login
+ 登录时更新内部密码
When the user logs in to authentik using this source password backend, update their credentials in authentik.
+ 当用户使用此源密码后端登录 authentik 时,在 authentik 内更新他们的凭据。
Source
+ 源
Resume timeout
+ 恢复超时
Amount of time a user can take to return from the source to continue the flow.
+ 用户从源返回并继续流程可以消耗的时间。
Your Install ID
+ 您的安装 ID
Enter the email associated with your account, and we'll send you a link to reset your password.
+ 输入与您的账户关联的电子邮件地址,我们将会向您发送重置密码链接。
Stage name:
+ 阶段名称:
Please scan the QR code above using the Microsoft Authenticator, Google Authenticator, or other authenticator apps on your device, and enter the code the device displays below to finish setting up the MFA device.
+ 请用 Microsoft 身份验证器、Google 身份验证器或您设备上的其他身份验证器应用扫描上面的二维码,然后在下方输入设备上显示的代码,以完成 MFA 设备设置。
Inject an OAuth or SAML Source into the flow execution. This allows for additional user verification, or to dynamically access different sources for different user identifiers (username, email address, etc).
+ 将 OAuth 或 SAML 源注入到流程执行过程中。这允许额外的用户验证,或者基于不同的用户标识符(用户名、电子邮件地址等)动态访问不同的源。
diff --git a/web/xliff/zh_CN.xlf b/web/xliff/zh_CN.xlf
index 9717ade471..3d2d15a893 100644
--- a/web/xliff/zh_CN.xlf
+++ b/web/xliff/zh_CN.xlf
@@ -7175,10 +7175,6 @@ Bindings to groups/users are checked against the user of the event.