From ca22a4deafee8d5f0ad80e986bf05e6447c3661f Mon Sep 17 00:00:00 2001 From: "gcp-cherry-pick-bot[bot]" <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Date: Wed, 24 Apr 2024 17:41:29 +0200 Subject: [PATCH] website/docs: finalize 2024.4 release notes (cherry-pick #9396) (#9398) website/docs: finalize 2024.4 release notes (#9396) * website/docs: finalize 2024.4 release notes * escape curly braces manually --------- Signed-off-by: Jens Langhammer Co-authored-by: Jens L --- website/docs/releases/2024/v2024.4.md | 10579 +++++++++++++++++++++++- 1 file changed, 10571 insertions(+), 8 deletions(-) diff --git a/website/docs/releases/2024/v2024.4.md b/website/docs/releases/2024/v2024.4.md index 067034f7d1..0f503170b1 100644 --- a/website/docs/releases/2024/v2024.4.md +++ b/website/docs/releases/2024/v2024.4.md @@ -3,12 +3,6 @@ title: Release 2024.4 slug: /releases/2024.4 --- -:::::note -2024.4 has not been released yet! We're publishing these release notes as a preview of what's to come, and for our awesome beta testers trying out release candidates. - -To try out the release candidate, replace your Docker image tag with the latest release candidate number, such as 2024.4.0-rc1. You can find the latest one in [the latest releases on GitHub](https://github.com/goauthentik/authentik/releases). If you don't find any, it means we haven't released one yet. -::::: - ## Highlights - **OAuth/SAML as authentication factor** Enterprise Use an external provider as part of an MFA authentication flow, including custom implementations @@ -97,8 +91,10577 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.4 ## Minor changes/fixes - +- admin: Handle latest version unknown in admin dashboard (#8858) +- api: capabilities: properly set can_save_media when s3 is enabled (#8896) +- api: fix authentication schema (#9238) +- blueprints: fix default username field in user-settings flow (#9136) +- blueprints: fix schema generation for PrimaryKeyRelated fields with non-int PK (#9140) +- blueprints: only create default brand if no other default brand exists (#9222) +- blueprints: use reconcile decorator instead of relying on function name prefix (#8483) +- brands: add indexes to brand domain and default (#9343) +- brands: fix context processor when request doesn't have a tenant (#8643) +- core: add user settable token durations (#7410) +- core: cache user application list under policies (#8895) +- core: delegated group member management (#9254) +- core: fix api schema for users and groups (#9298) +- core: fix blueprint export (#8695) +- core: optionally don't return groups' users and users' groups by default (#9179) +- core: replace authentik_signals_ignored_fields with audit_ignore (#9291) +- core: rework recovery API to return better error messages (#8655) +- enterprise/rac: fix connection token management (#8909) +- enterprise: fix audit middleware import (#9177) +- enterprise: fix read_only activating when no license is installed (#8697) +- enterprise: force license usage update after change to license (#8723) +- enterprise: only check for valid license existing for creating Enterprise objects (#8813) +- enterprise: use tenant uuid instead of install_id when tenants are enabled (#8823) +- events: add context manager to ignore/modify audit events being written (#9181) +- events: add indexes (#9272) +- events: discard notification if user has empty email (#8938) +- events: fix incorrect user logged when using API token authentication (#9302) +- events: fix log_capture (#9075) +- events: rework log messages returned from API and their rendering (#8770) +- events: sanitize args and kwargs saved in system tasks (#8644) +- flows: fix mismatched redirect behaviour for invalid and valid flows (#8794) +- internal: add tests to go flow executor (#9219) +- internal: cleanup static file serving setup code (#8965) +- lib: cache gravatar connection status (#9248) +- lifecycle: gunicorn: fix app preload (#9274) +- lifecycle: migrate: ensure template schema exists before migrating (#8952) +- outposts: improved set secret answers for flow execution (#8013) +- outposts/proxy: Fix invalid redirect on external hosts containing path components (#8915) +- outposts: Enhance config options for k8s outposts (#7363) +- providers/oauth2: fix inconsistent `sub` value when setting via mapping (#8677) +- providers/oauth2: fix interactive device flow (#9076) +- providers/oauth2: fix offline_access requests when prompt doesn't include consent (#8731) +- providers/oauth2: fix refresh_token grant returning incorrect id_token (#9275) +- providers/oauth2: fix validation ordering (#8793) +- providers/oauth2: improve conformance with client_credentials standard (#8471) +- providers/scim: allow custom user and group schemas (#9255) +- rbac: fix permission decorator for global permissions (#8591) +- root: cherry-pick version bump +- root: early spring clean for linting (#8498) +- root: ensure consistent install_id (#8775) +- root: expose session storage configuration (#9337) +- root: fix app settings load order (#8569) +- root: generate python client (#9107) +- root: make redis settings more consistent (#9335) +- root: move database calls from ready() to dedicated startup signal (#9081) +- root: support redis username (#8935) +- sources/ldap: add ability to disable password write on login (#8377) +- sources/ldap: fix default blueprint for mapping user DN to path (#9355) +- sources/oauth: add gitlab type [AUTH-323] (#8195) +- sources/oauth: make URLs not required, only check when no OIDC URLs are defined (#9182) +- sources/scim: cleanup service account when source is deleted (#9319) +- sources/scim: service account should be internal (#9321) +- sources: add SCIM source (#3051) +- stages/authenticator_validate: add ability to limit webauthn device types (#9180) +- stages/authenticator_validate: fix error with get_webauthn_challenge_without_user (#8625) +- stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#9268) +- stages/authenticator_webauthn: add MDS support (#9114) +- stages/authenticator_webauthn: fix attestation value (#9333) +- stages/authenticator_webauthn: fix error when enrolling new device (#8738) +- stages/email: Disable autoescape for text templates (#8812) +- stages/email: fix issue when sending emails to users with same display as email (#8850) +- stages/prompt: fix username field throwing error with existing user (#9342) +- stages/user_write: ensure user data is json-serializable (#8926) +- stages: source stage (#8330) +- tenants: really ensure default tenant cannot be deleted (#8875) +- web/admin: allow custom sorting for bound\* tables (#9080) +- web/admin: don't mark LDAP group property mappings as required (#8772) +- web/admin: don't mark property mappings as required anywhere (#8752) +- web/admin: fix SAML Provider preview (#9192) +- web/admin: fix document title for admin interface (#9362) +- web/admin: fix error in admin interface due to un-hydrated context (#9336) +- web/admin: fix log viewer empty state (#9315) +- web/admin: fix markdown table rendering (#8908) +- web/admin: fix user_write stage's user type input (#9344) +- web/admin: group form dual select (#9354) +- web/admin: remove enterprise preview banner (#8991) +- web/admin: rework captcha stage (#9256) +- web/admin: small fixes (#9002) +- web/flows: fix form input rendering issue (#9297) +- web/flows: general ux improvements (#8558) +- web/flows: fix passwordless hidden without input (#9273) +- web/flows: fix webauthn retry (#8599) +- web/flows: improve authenticator styling (#8560) +- web/flows: update flow background (#9305) +- web: a few minor bugfixes and lintfixes (#9044) +- web: ak-checkbox-group for short, static, multi-select events (#9138) +- web: change "delete" verb to "remove" for one-to-many relationships (#8535) +- web: clean up UserInterface in prep for OAuth and Silo Projects (#8278) +- web: clean up and remove redundant alias '@goauthentik/app' (#8889) +- web: consistent style declarations internally (#9077) +- web: fix save & reset behavior on System ➲ Settings page. (#8528) +- web: improve build speeds even moar!!!!!! (#8954) +- web: maintenance: split tsconfig into “base” and “build” variants. (#9036) +- web: manage stacked modals with a stack (#9193) +- web: move context controllers into reactive controller plugins (#8996) +- web: preserve selected list when provider updates (#9200) +- web: provide InstallID on EnterpriseListPage (#8898) +- web: replace rollup with esbuild (#8699) +- web: restore sourcemaps (#9300) +- web: spell customization with a Z (#8596) +- web: upgrade to lit 3 (#8781) ## API Changes - +#### What's New + +--- + +##### `GET` /sources/scim/ + +##### `POST` /sources/scim/ + +##### `GET` /sources/scim/{slug}/ + +##### `PUT` /sources/scim/{slug}/ + +##### `DELETE` /sources/scim/{slug}/ + +##### `PATCH` /sources/scim/{slug}/ + +##### `GET` /sources/scim/{slug}/used_by/ + +##### `GET` /sources/scim_groups/ + +##### `POST` /sources/scim_groups/ + +##### `GET` /sources/scim_groups/{id}/ + +##### `PUT` /sources/scim_groups/{id}/ + +##### `DELETE` /sources/scim_groups/{id}/ + +##### `PATCH` /sources/scim_groups/{id}/ + +##### `GET` /sources/scim_groups/{id}/used_by/ + +##### `GET` /sources/scim_users/ + +##### `POST` /sources/scim_users/ + +##### `GET` /sources/scim_users/{id}/ + +##### `PUT` /sources/scim_users/{id}/ + +##### `DELETE` /sources/scim_users/{id}/ + +##### `PATCH` /sources/scim_users/{id}/ + +##### `GET` /sources/scim_users/{id}/used_by/ + +##### `GET` /stages/authenticator/webauthn_device_types/ + +##### `GET` /stages/authenticator/webauthn_device_types/{aaguid}/ + +##### `GET` /stages/source/ + +##### `POST` /stages/source/ + +##### `GET` /stages/source/{stage_uuid}/ + +##### `PUT` /stages/source/{stage_uuid}/ + +##### `DELETE` /stages/source/{stage_uuid}/ + +##### `PATCH` /stages/source/{stage_uuid}/ + +##### `GET` /stages/source/{stage_uuid}/used_by/ + +##### `POST` /core/users/{id}/recovery/ + +##### `POST` /core/users/{id}/recovery_email/ + +#### What's Deleted + +--- + +##### `GET` /core/users/{id}/recovery/ + +##### `GET` /core/users/{id}/recovery_email/ + +#### What's Changed + +--- + +##### `GET` /admin/apps/ + +##### `GET` /admin/models/ + +##### `GET` /admin/settings/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Added property `default_token_duration` (string) + + > Default token duration + + - Added property `default_token_length` (integer) + > Default token length + +##### `PUT` /admin/settings/ + +###### Request: + +Changed content type : `application/json` + +- Added property `default_token_duration` (string) + + > Default token duration + +- Added property `default_token_length` (integer) + > Default token length + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Added property `default_token_duration` (string) + + > Default token duration + + - Added property `default_token_length` (integer) + > Default token length + +##### `PATCH` /admin/settings/ + +###### Request: + +Changed content type : `application/json` + +- Added property `default_token_duration` (string) + + > Default token duration + +- Added property `default_token_length` (integer) + > Default token length + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Added property `default_token_duration` (string) + + > Default token duration + + - Added property `default_token_length` (integer) + > Default token length + +##### `GET` /admin/system/ + +##### `POST` /admin/system/ + +##### `GET` /admin/version/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `version_latest_valid` + + * Added property `version_latest_valid` (boolean) + > Check if latest version is valid + +##### `GET` /admin/workers/ + +##### `GET` /authenticators/admin/all/ + +##### `GET` /authenticators/admin/duo/{id}/ + +##### `PUT` /authenticators/admin/duo/{id}/ + +##### `DELETE` /authenticators/admin/duo/{id}/ + +##### `PATCH` /authenticators/admin/duo/{id}/ + +##### `GET` /authenticators/admin/sms/{id}/ + +##### `PUT` /authenticators/admin/sms/{id}/ + +##### `DELETE` /authenticators/admin/sms/{id}/ + +##### `PATCH` /authenticators/admin/sms/{id}/ + +##### `GET` /authenticators/admin/totp/{id}/ + +##### `PUT` /authenticators/admin/totp/{id}/ + +##### `DELETE` /authenticators/admin/totp/{id}/ + +##### `PATCH` /authenticators/admin/totp/{id}/ + +##### `GET` /authenticators/admin/webauthn/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `aaguid` + - `device_type` + + * Added property `device_type` (object) + + - Property `aaguid` (string) + + - Property `description` (string) + + * Added property `aaguid` (string) + +##### `PUT` /authenticators/admin/webauthn/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `aaguid` + - `device_type` + + * Added property `device_type` (object) + + * Added property `aaguid` (string) + +##### `DELETE` /authenticators/admin/webauthn/{id}/ + +##### `PATCH` /authenticators/admin/webauthn/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `aaguid` + - `device_type` + + * Added property `device_type` (object) + + * Added property `aaguid` (string) + +##### `GET` /authenticators/all/ + +##### `GET` /authenticators/duo/{id}/ + +##### `PUT` /authenticators/duo/{id}/ + +##### `DELETE` /authenticators/duo/{id}/ + +##### `PATCH` /authenticators/duo/{id}/ + +##### `GET` /authenticators/sms/{id}/ + +##### `PUT` /authenticators/sms/{id}/ + +##### `DELETE` /authenticators/sms/{id}/ + +##### `PATCH` /authenticators/sms/{id}/ + +##### `GET` /authenticators/totp/{id}/ + +##### `PUT` /authenticators/totp/{id}/ + +##### `DELETE` /authenticators/totp/{id}/ + +##### `PATCH` /authenticators/totp/{id}/ + +##### `GET` /authenticators/webauthn/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `aaguid` + - `device_type` + + * Added property `device_type` (object) + + * Added property `aaguid` (string) + +##### `PUT` /authenticators/webauthn/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `aaguid` + - `device_type` + + * Added property `device_type` (object) + + * Added property `aaguid` (string) + +##### `DELETE` /authenticators/webauthn/{id}/ + +##### `PATCH` /authenticators/webauthn/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `aaguid` + - `device_type` + + * Added property `device_type` (object) + + * Added property `aaguid` (string) + +##### `GET` /core/applications/{slug}/check_access/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `log_messages` (array) + + Changed items (object): > Single log message with all context logged. + + New required properties: + + - `attributes` + - `event` + - `log_level` + - `logger` + - `timestamp` + + * Added property `timestamp` (string) + + * Added property `log_level` (string) + + Enum values: + + - `critical` + - `exception` + - `error` + - `warn` + - `warning` + - `info` + - `debug` + - `notset` + + * Added property `logger` (string) + + * Added property `event` (string) + + * Added property `attributes` (object) + +##### `GET` /core/applications/{slug}/metrics/ + +##### `POST` /core/applications/{slug}/set_icon/ + +##### `POST` /core/applications/{slug}/set_icon_url/ + +##### `GET` /core/authenticated_sessions/{uuid}/ + +##### `DELETE` /core/authenticated_sessions/{uuid}/ + +##### `GET` /core/brands/{brand_uuid}/ + +##### `PUT` /core/brands/{brand_uuid}/ + +##### `DELETE` /core/brands/{brand_uuid}/ + +##### `PATCH` /core/brands/{brand_uuid}/ + +##### `POST` /core/groups/{group_uuid}/add_user/ + +##### `POST` /core/groups/{group_uuid}/remove_user/ + +##### `POST` /core/tokens/{identifier}/set_key/ + +##### `GET` /core/tokens/{identifier}/view_key/ + +##### `POST` /core/users/{id}/impersonate/ + +##### `POST` /core/users/{id}/set_password/ + +##### `GET` /core/users/impersonate_end/ + +##### `GET` /core/users/paths/ + +##### `POST` /core/users/service_account/ + +##### `GET` /crypto/certificatekeypairs/{kp_uuid}/ + +##### `PUT` /crypto/certificatekeypairs/{kp_uuid}/ + +##### `DELETE` /crypto/certificatekeypairs/{kp_uuid}/ + +##### `PATCH` /crypto/certificatekeypairs/{kp_uuid}/ + +##### `GET` /crypto/certificatekeypairs/{kp_uuid}/view_certificate/ + +##### `GET` /crypto/certificatekeypairs/{kp_uuid}/view_private_key/ + +##### `POST` /crypto/certificatekeypairs/generate/ + +##### `GET` /enterprise/license/{license_uuid}/ + +##### `PUT` /enterprise/license/{license_uuid}/ + +##### `DELETE` /enterprise/license/{license_uuid}/ + +##### `PATCH` /enterprise/license/{license_uuid}/ + +##### `GET` /enterprise/license/forecast/ + +##### `GET` /enterprise/license/get_install_id/ + +##### `GET` /enterprise/license/summary/ + +##### `GET` /events/events/actions/ + +##### `GET` /events/events/per_month/ + +##### `GET` /events/events/top_per_user/ + +##### `GET` /events/events/volume/ + +##### `POST` /events/notifications/mark_all_seen/ + +##### `POST` /events/system_tasks/{uuid}/run/ + +##### `POST` /events/transports/{uuid}/test/ + +##### `GET` /flows/instances/{slug}/diagram/ + +##### `GET` /flows/instances/{slug}/execute/ + +##### `GET` /flows/instances/{slug}/export/ + +##### `POST` /flows/instances/{slug}/set_background/ + +##### `POST` /flows/instances/{slug}/set_background_url/ + +##### `POST` /flows/instances/cache_clear/ + +##### `GET` /flows/instances/cache_info/ + +##### `POST` /flows/instances/import/ + +###### Return Type: + +Changed response : **204 No Content** + +- Changed content type : `application/json` + + - Changed property `logs` (array) + + Changed items (object): > Single log message with all context logged. + + New required properties: + + - `attributes` + - `event` + - `log_level` + - `logger` + - `timestamp` + + * Added property `timestamp` (string) + + * Added property `log_level` (string) + + * Added property `logger` (string) + + * Added property `event` (string) + + * Added property `attributes` (object) + +Changed response : **400 Bad Request** + +- Changed content type : `application/json` + + - Changed property `logs` (array) + + Changed items (object): > Single log message with all context logged. + + New required properties: + + - `attributes` + - `event` + - `log_level` + - `logger` + - `timestamp` + + * Added property `timestamp` (string) + + * Added property `log_level` (string) + + * Added property `logger` (string) + + * Added property `event` (string) + + * Added property `attributes` (object) + +##### `GET` /managed/blueprints/{instance_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `status` (string) + +##### `PUT` /managed/blueprints/{instance_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `status` (string) + +##### `DELETE` /managed/blueprints/{instance_uuid}/ + +##### `PATCH` /managed/blueprints/{instance_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `status` (string) + +##### `POST` /managed/blueprints/{instance_uuid}/apply/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `status` (string) + +##### `GET` /managed/blueprints/available/ + +##### `GET` /outposts/instances/{uuid}/health/ + +##### `GET` /outposts/instances/default_settings/ + +##### `GET` /outposts/proxy/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + > Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. + +##### `GET` /outposts/radius/{id}/ + +##### `GET` /outposts/service_connections/all/{uuid}/ + +##### `DELETE` /outposts/service_connections/all/{uuid}/ + +##### `GET` /outposts/service_connections/all/{uuid}/state/ + +##### `GET` /outposts/service_connections/all/types/ + +##### `GET` /outposts/service_connections/docker/{uuid}/ + +##### `PUT` /outposts/service_connections/docker/{uuid}/ + +##### `DELETE` /outposts/service_connections/docker/{uuid}/ + +##### `PATCH` /outposts/service_connections/docker/{uuid}/ + +##### `GET` /outposts/service_connections/kubernetes/{uuid}/ + +##### `PUT` /outposts/service_connections/kubernetes/{uuid}/ + +##### `DELETE` /outposts/service_connections/kubernetes/{uuid}/ + +##### `PATCH` /outposts/service_connections/kubernetes/{uuid}/ + +##### `GET` /policies/all/{policy_uuid}/ + +##### `DELETE` /policies/all/{policy_uuid}/ + +##### `POST` /policies/all/{policy_uuid}/test/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `log_messages` (array) + + Changed items (object): > Single log message with all context logged. + + New required properties: + + - `attributes` + - `event` + - `log_level` + - `logger` + - `timestamp` + + * Added property `timestamp` (string) + + * Added property `log_level` (string) + + * Added property `logger` (string) + + * Added property `event` (string) + + * Added property `attributes` (object) + +##### `POST` /policies/all/cache_clear/ + +##### `GET` /policies/all/cache_info/ + +##### `GET` /policies/all/types/ + +##### `GET` /policies/dummy/{policy_uuid}/ + +##### `PUT` /policies/dummy/{policy_uuid}/ + +##### `DELETE` /policies/dummy/{policy_uuid}/ + +##### `PATCH` /policies/dummy/{policy_uuid}/ + +##### `GET` /policies/event_matcher/{policy_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `action` (string) + + > Match created events with this action type. When left empty, all action types will be matched. + + - Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.scim` + - `authentik.enterprise.stages.source` + + - Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +##### `PUT` /policies/event_matcher/{policy_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `action` (string) + + > Match created events with this action type. When left empty, all action types will be matched. + +- Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.scim` + - `authentik.enterprise.stages.source` + +- Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `action` (string) + + > Match created events with this action type. When left empty, all action types will be matched. + + - Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.scim` + - `authentik.enterprise.stages.source` + + - Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +##### `DELETE` /policies/event_matcher/{policy_uuid}/ + +##### `PATCH` /policies/event_matcher/{policy_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `action` (string) + + > Match created events with this action type. When left empty, all action types will be matched. + +- Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.scim` + - `authentik.enterprise.stages.source` + +- Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `action` (string) + + > Match created events with this action type. When left empty, all action types will be matched. + + - Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.scim` + - `authentik.enterprise.stages.source` + + - Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +##### `GET` /policies/expression/{policy_uuid}/ + +##### `PUT` /policies/expression/{policy_uuid}/ + +##### `DELETE` /policies/expression/{policy_uuid}/ + +##### `PATCH` /policies/expression/{policy_uuid}/ + +##### `GET` /policies/password/{policy_uuid}/ + +##### `PUT` /policies/password/{policy_uuid}/ + +##### `DELETE` /policies/password/{policy_uuid}/ + +##### `PATCH` /policies/password/{policy_uuid}/ + +##### `GET` /policies/password_expiry/{policy_uuid}/ + +##### `PUT` /policies/password_expiry/{policy_uuid}/ + +##### `DELETE` /policies/password_expiry/{policy_uuid}/ + +##### `PATCH` /policies/password_expiry/{policy_uuid}/ + +##### `GET` /policies/reputation/{policy_uuid}/ + +##### `PUT` /policies/reputation/{policy_uuid}/ + +##### `DELETE` /policies/reputation/{policy_uuid}/ + +##### `PATCH` /policies/reputation/{policy_uuid}/ + +##### `GET` /policies/reputation/scores/{reputation_uuid}/ + +##### `DELETE` /policies/reputation/scores/{reputation_uuid}/ + +##### `GET` /propertymappings/all/{pm_uuid}/ + +##### `DELETE` /propertymappings/all/{pm_uuid}/ + +##### `POST` /propertymappings/all/{pm_uuid}/test/ + +##### `GET` /propertymappings/all/types/ + +##### `GET` /propertymappings/ldap/{pm_uuid}/ + +##### `PUT` /propertymappings/ldap/{pm_uuid}/ + +##### `DELETE` /propertymappings/ldap/{pm_uuid}/ + +##### `PATCH` /propertymappings/ldap/{pm_uuid}/ + +##### `GET` /propertymappings/notification/{pm_uuid}/ + +##### `PUT` /propertymappings/notification/{pm_uuid}/ + +##### `DELETE` /propertymappings/notification/{pm_uuid}/ + +##### `PATCH` /propertymappings/notification/{pm_uuid}/ + +##### `GET` /propertymappings/rac/{pm_uuid}/ + +##### `PUT` /propertymappings/rac/{pm_uuid}/ + +##### `DELETE` /propertymappings/rac/{pm_uuid}/ + +##### `PATCH` /propertymappings/rac/{pm_uuid}/ + +##### `GET` /propertymappings/saml/{pm_uuid}/ + +##### `PUT` /propertymappings/saml/{pm_uuid}/ + +##### `DELETE` /propertymappings/saml/{pm_uuid}/ + +##### `PATCH` /propertymappings/saml/{pm_uuid}/ + +##### `GET` /propertymappings/scim/{pm_uuid}/ + +##### `PUT` /propertymappings/scim/{pm_uuid}/ + +##### `DELETE` /propertymappings/scim/{pm_uuid}/ + +##### `PATCH` /propertymappings/scim/{pm_uuid}/ + +##### `GET` /propertymappings/scope/{pm_uuid}/ + +##### `PUT` /propertymappings/scope/{pm_uuid}/ + +##### `DELETE` /propertymappings/scope/{pm_uuid}/ + +##### `PATCH` /propertymappings/scope/{pm_uuid}/ + +##### `GET` /providers/all/{id}/ + +##### `DELETE` /providers/all/{id}/ + +##### `GET` /providers/all/types/ + +##### `GET` /providers/oauth2/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + +##### `PUT` /providers/oauth2/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + +- Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + +- Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + +##### `DELETE` /providers/oauth2/{id}/ + +##### `PATCH` /providers/oauth2/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + +- Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + +- Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + +##### `GET` /providers/oauth2/{id}/preview_user/ + +##### `GET` /providers/oauth2/{id}/setup_urls/ + +##### `GET` /providers/proxy/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + > Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. + +##### `PUT` /providers/proxy/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `mode` (string) + > Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + > Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. + +##### `DELETE` /providers/proxy/{id}/ + +##### `PATCH` /providers/proxy/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `mode` (string) + > Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + > Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. + +##### `GET` /providers/rac/{id}/ + +##### `PUT` /providers/rac/{id}/ + +##### `DELETE` /providers/rac/{id}/ + +##### `PATCH` /providers/rac/{id}/ + +##### `GET` /providers/radius/{id}/ + +##### `PUT` /providers/radius/{id}/ + +##### `DELETE` /providers/radius/{id}/ + +##### `PATCH` /providers/radius/{id}/ + +##### `GET` /providers/saml/{id}/metadata/ + +##### `GET` /providers/saml/{id}/preview_user/ + +##### `POST` /providers/saml/import_metadata/ + +##### `GET` /providers/scim/{id}/ + +##### `PUT` /providers/scim/{id}/ + +##### `DELETE` /providers/scim/{id}/ + +##### `PATCH` /providers/scim/{id}/ + +##### `GET` /rbac/permissions/{id}/ + +##### `GET` /rbac/roles/{uuid}/ + +##### `PUT` /rbac/roles/{uuid}/ + +##### `DELETE` /rbac/roles/{uuid}/ + +##### `PATCH` /rbac/roles/{uuid}/ + +##### `GET` /schema/ + +##### `POST` /sources/all/{slug}/set_icon/ + +##### `POST` /sources/all/{slug}/set_icon_url/ + +##### `GET` /sources/all/types/ + +##### `GET` /sources/all/user_settings/ + +##### `GET` /sources/ldap/{slug}/debug/ + +##### `GET` /sources/oauth/source_types/ + +##### `POST` /sources/plex/redeem_token_authenticated/ + +##### `GET` /sources/saml/{slug}/metadata/ + +##### `GET` /stages/all/types/ + +##### `GET` /stages/all/user_settings/ + +##### `POST` /stages/authenticator/duo/{stage_uuid}/import_device_manual/ + +##### `POST` /stages/authenticator/duo/{stage_uuid}/import_devices_automatic/ + +##### `GET` /stages/email/templates/ + +##### `GET` /admin/metrics/ + +##### `POST` /authenticators/admin/duo/ + +##### `GET` /authenticators/admin/duo/ + +##### `POST` /authenticators/admin/sms/ + +##### `GET` /authenticators/admin/sms/ + +##### `DELETE` /authenticators/admin/static/{id}/ + +##### `GET` /authenticators/admin/static/{id}/ + +##### `PUT` /authenticators/admin/static/{id}/ + +##### `PATCH` /authenticators/admin/static/{id}/ + +##### `POST` /authenticators/admin/totp/ + +##### `GET` /authenticators/admin/totp/ + +##### `POST` /authenticators/admin/webauthn/ + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + New required properties: + + - `aaguid` + - `device_type` + + * Added property `device_type` (object) + + * Added property `aaguid` (string) + +##### `GET` /authenticators/admin/webauthn/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Serializer for WebAuthn authenticator devices + + New required properties: + + - `aaguid` + - `device_type` + + * Added property `device_type` (object) + + * Added property `aaguid` (string) + +##### `GET` /authenticators/duo/ + +##### `GET` /authenticators/duo/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /authenticators/sms/ + +##### `GET` /authenticators/sms/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /authenticators/static/{id}/ + +##### `GET` /authenticators/static/{id}/ + +##### `PUT` /authenticators/static/{id}/ + +##### `PATCH` /authenticators/static/{id}/ + +##### `GET` /authenticators/static/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /authenticators/totp/ + +##### `GET` /authenticators/totp/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /authenticators/webauthn/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Serializer for WebAuthn authenticator devices + + New required properties: + + - `aaguid` + - `device_type` + + * Added property `device_type` (object) + + * Added property `aaguid` (string) + +##### `GET` /authenticators/webauthn/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /core/applications/{slug}/ + +##### `GET` /core/applications/{slug}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `policy_engine_mode` (string) + +##### `PUT` /core/applications/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `policy_engine_mode` (string) + +##### `PATCH` /core/applications/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `policy_engine_mode` (string) + +##### `GET` /core/applications/{slug}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /core/authenticated_sessions/ + +##### `GET` /core/authenticated_sessions/{uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /core/brands/ + +##### `GET` /core/brands/ + +##### `GET` /core/brands/{brand_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /core/brands/current/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `ui_theme` (string) + +##### `DELETE` /core/groups/{group_uuid}/ + +##### `GET` /core/groups/{group_uuid}/ + +##### `PUT` /core/groups/{group_uuid}/ + +##### `PATCH` /core/groups/{group_uuid}/ + +##### `GET` /core/groups/{group_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /core/tokens/{identifier}/ + +##### `GET` /core/tokens/{identifier}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `intent` (string) + + - Changed property `user_obj` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `PUT` /core/tokens/{identifier}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `intent` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `intent` (string) + + - Changed property `user_obj` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `PATCH` /core/tokens/{identifier}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `intent` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `intent` (string) + + - Changed property `user_obj` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `GET` /core/tokens/{identifier}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /core/user_consent/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /core/users/{id}/ + +##### `GET` /core/users/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `type` (string) + +##### `PUT` /core/users/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `type` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `type` (string) + +##### `PATCH` /core/users/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `type` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `type` (string) + +##### `GET` /core/users/{id}/metrics/ + +##### `GET` /core/users/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /crypto/certificatekeypairs/ + +##### `GET` /crypto/certificatekeypairs/ + +##### `GET` /crypto/certificatekeypairs/{kp_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /enterprise/license/ + +##### `GET` /enterprise/license/ + +##### `GET` /enterprise/license/{license_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /events/events/{event_uuid}/ + +##### `GET` /events/events/{event_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `action` (string) + +##### `PUT` /events/events/{event_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `action` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `action` (string) + +##### `PATCH` /events/events/{event_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `action` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `action` (string) + +##### `GET` /events/notifications/{uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /events/rules/{pbm_uuid}/ + +##### `GET` /events/rules/{pbm_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `severity` (string) + > Controls which severity level the created notifications will have. + +##### `PUT` /events/rules/{pbm_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `severity` (string) + > Controls which severity level the created notifications will have. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `severity` (string) + > Controls which severity level the created notifications will have. + +##### `PATCH` /events/rules/{pbm_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `severity` (string) + > Controls which severity level the created notifications will have. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `severity` (string) + > Controls which severity level the created notifications will have. + +##### `GET` /events/rules/{pbm_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /events/system_tasks/{uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `messages` (array) + + Changed items (string -> object): > Single log message with all context logged. + + - Changed property `status` (string) + +##### `DELETE` /events/transports/{uuid}/ + +##### `GET` /events/transports/{uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + +##### `PUT` /events/transports/{uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + +##### `PATCH` /events/transports/{uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + +##### `GET` /events/transports/{uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /flows/bindings/{fsb_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /flows/instances/{slug}/ + +##### `GET` /flows/instances/{slug}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /flows/instances/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + +- Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + +- Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + +- Changed property `policy_engine_mode` (string) + +- Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /flows/instances/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + +- Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + +- Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + +- Changed property `policy_engine_mode` (string) + +- Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /flows/instances/{slug}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /managed/blueprints/ + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `status` (string) + +##### `GET` /managed/blueprints/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Info about a single blueprint instance file + + - Changed property `status` (string) + +##### `GET` /managed/blueprints/{instance_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /oauth2/access_tokens/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /oauth2/authorization_codes/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /oauth2/refresh_tokens/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /outposts/instances/{uuid}/ + +##### `GET` /outposts/instances/{uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `type` (string) + +##### `PUT` /outposts/instances/{uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `type` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `type` (string) + +##### `PATCH` /outposts/instances/{uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `type` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `type` (string) + +##### `GET` /outposts/instances/{uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /outposts/ldap/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `search_mode` (string) + +##### `GET` /outposts/proxy/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Proxy provider serializer for outposts + + - Changed property `mode` (string) + > Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. + +##### `GET` /outposts/radius/ + +##### `GET` /outposts/service_connections/all/ + +##### `GET` /outposts/service_connections/all/{uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /outposts/service_connections/docker/ + +##### `GET` /outposts/service_connections/docker/ + +##### `GET` /outposts/service_connections/docker/{uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /outposts/service_connections/kubernetes/ + +##### `GET` /outposts/service_connections/kubernetes/ + +##### `GET` /outposts/service_connections/kubernetes/{uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /policies/all/ + +##### `GET` /policies/all/{policy_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /policies/bindings/{policy_binding_uuid}/ + +##### `GET` /policies/bindings/{policy_binding_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_obj` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `PUT` /policies/bindings/{policy_binding_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_obj` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `PATCH` /policies/bindings/{policy_binding_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_obj` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `GET` /policies/bindings/{policy_binding_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /policies/dummy/ + +##### `GET` /policies/dummy/ + +##### `GET` /policies/dummy/{policy_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /policies/event_matcher/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `action` (string) + + > Match created events with this action type. When left empty, all action types will be matched. + +- Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.scim` + - `authentik.enterprise.stages.source` + +- Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `action` (string) + + > Match created events with this action type. When left empty, all action types will be matched. + + - Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.scim` + - `authentik.enterprise.stages.source` + + - Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +##### `GET` /policies/event_matcher/ + +###### Parameters: + +Changed: `action` in `query` + +> Match created events with this action type. When left empty, all action types will be matched. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Event Matcher Policy Serializer + + - Changed property `action` (string) + + > Match created events with this action type. When left empty, all action types will be matched. + + - Changed property `app` (string) + + > Match events created by selected application. When left empty, all applications are matched. + + Added enum values: + + - `authentik.sources.scim` + - `authentik.enterprise.stages.source` + + - Changed property `model` (string) + + > Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +##### `GET` /policies/event_matcher/{policy_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /policies/expression/ + +##### `GET` /policies/expression/ + +##### `GET` /policies/expression/{policy_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /policies/password/ + +##### `GET` /policies/password/ + +##### `GET` /policies/password/{policy_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /policies/password_expiry/ + +##### `GET` /policies/password_expiry/ + +##### `GET` /policies/password_expiry/{policy_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /policies/reputation/ + +##### `GET` /policies/reputation/ + +##### `GET` /policies/reputation/{policy_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /policies/reputation/scores/ + +##### `GET` /policies/reputation/scores/{reputation_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /propertymappings/all/ + +##### `GET` /propertymappings/all/{pm_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /propertymappings/ldap/ + +##### `GET` /propertymappings/ldap/ + +##### `GET` /propertymappings/ldap/{pm_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /propertymappings/notification/ + +##### `GET` /propertymappings/notification/ + +##### `GET` /propertymappings/notification/{pm_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /propertymappings/rac/ + +##### `GET` /propertymappings/rac/ + +##### `GET` /propertymappings/rac/{pm_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /propertymappings/saml/ + +##### `GET` /propertymappings/saml/ + +##### `GET` /propertymappings/saml/{pm_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /propertymappings/scim/ + +##### `GET` /propertymappings/scim/ + +##### `GET` /propertymappings/scim/{pm_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /propertymappings/scope/ + +##### `GET` /propertymappings/scope/ + +##### `GET` /propertymappings/scope/{pm_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /providers/all/ + +##### `GET` /providers/all/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /providers/ldap/{id}/ + +##### `GET` /providers/ldap/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `search_mode` (string) + +##### `PUT` /providers/ldap/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `search_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `search_mode` (string) + +##### `PATCH` /providers/ldap/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `search_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `search_mode` (string) + +##### `GET` /providers/ldap/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /providers/oauth2/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + +- Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + +- Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + +##### `GET` /providers/oauth2/ + +###### Parameters: + +Changed: `client_type` in `query` + +> Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + +Changed: `issuer_mode` in `query` + +> Configure how the issuer field of the ID Token should be filled. + +Changed: `sub_mode` in `query` + +> Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > OAuth2Provider Serializer + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + +##### `GET` /providers/oauth2/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /providers/proxy/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `mode` (string) + > Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + > Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. + +##### `GET` /providers/proxy/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > ProxyProvider Serializer + + - Changed property `mode` (string) + > Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. + +##### `GET` /providers/proxy/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /providers/rac/ + +##### `GET` /providers/rac/ + +##### `GET` /providers/rac/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /providers/radius/ + +##### `GET` /providers/radius/ + +##### `GET` /providers/radius/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /providers/saml/{id}/ + +##### `GET` /providers/saml/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `sp_binding` (string) + + > This determines how authentik sends the response back to the Service Provider. + + - Changed property `digest_algorithm` (string) + + - Changed property `signature_algorithm` (string) + +##### `PUT` /providers/saml/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `sp_binding` (string) + + > This determines how authentik sends the response back to the Service Provider. + +- Changed property `digest_algorithm` (string) + +- Changed property `signature_algorithm` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `sp_binding` (string) + + > This determines how authentik sends the response back to the Service Provider. + + - Changed property `digest_algorithm` (string) + + - Changed property `signature_algorithm` (string) + +##### `PATCH` /providers/saml/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `sp_binding` (string) + + > This determines how authentik sends the response back to the Service Provider. + +- Changed property `digest_algorithm` (string) + +- Changed property `signature_algorithm` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `sp_binding` (string) + + > This determines how authentik sends the response back to the Service Provider. + + - Changed property `digest_algorithm` (string) + + - Changed property `signature_algorithm` (string) + +##### `GET` /providers/saml/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /providers/scim/ + +##### `GET` /providers/scim/ + +##### `GET` /providers/scim/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /rac/connection_tokens/{connection_token_uuid}/ + +###### Parameters: + +Changed: `connection_token_uuid` in `path` + +> A UUID string identifying this RAC Connection token. + +##### `GET` /rac/connection_tokens/{connection_token_uuid}/ + +###### Parameters: + +Changed: `connection_token_uuid` in `path` + +> A UUID string identifying this RAC Connection token. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New optional properties: + + - `pk` + + * Changed property `pk` (string) + + * Changed property `endpoint` (string) + + * Changed property `endpoint_obj` (object) + + > Endpoint Serializer + + - Changed property `protocol` (string) + + - Changed property `auth_mode` (string) + +##### `PUT` /rac/connection_tokens/{connection_token_uuid}/ + +###### Parameters: + +Changed: `connection_token_uuid` in `path` + +> A UUID string identifying this RAC Connection token. + +###### Request: + +Changed content type : `application/json` + +New required properties: + +- `endpoint` + +* Added property `pk` (string) + +* Added property `endpoint` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New optional properties: + + - `pk` + + * Changed property `pk` (string) + + * Changed property `endpoint` (string) + + * Changed property `endpoint_obj` (object) + + > Endpoint Serializer + + - Changed property `protocol` (string) + + - Changed property `auth_mode` (string) + +##### `PATCH` /rac/connection_tokens/{connection_token_uuid}/ + +###### Parameters: + +Changed: `connection_token_uuid` in `path` + +> A UUID string identifying this RAC Connection token. + +###### Request: + +Changed content type : `application/json` + +- Added property `pk` (string) + +- Added property `endpoint` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New optional properties: + + - `pk` + + * Changed property `pk` (string) + + * Changed property `endpoint` (string) + + * Changed property `endpoint_obj` (object) + + > Endpoint Serializer + + - Changed property `protocol` (string) + + - Changed property `auth_mode` (string) + +##### `GET` /rac/connection_tokens/{connection_token_uuid}/used_by/ + +###### Parameters: + +Changed: `connection_token_uuid` in `path` + +> A UUID string identifying this RAC Connection token. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /rac/endpoints/{pbm_uuid}/ + +##### `GET` /rac/endpoints/{pbm_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `protocol` (string) + + - Changed property `auth_mode` (string) + +##### `PUT` /rac/endpoints/{pbm_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `protocol` (string) + +- Changed property `auth_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `protocol` (string) + + - Changed property `auth_mode` (string) + +##### `PATCH` /rac/endpoints/{pbm_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `protocol` (string) + +- Changed property `auth_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `protocol` (string) + + - Changed property `auth_mode` (string) + +##### `GET` /rac/endpoints/{pbm_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /rbac/permissions/ + +##### `POST` /rbac/permissions/assigned_by_roles/{uuid}/assign/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `model` (string) + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +##### `PATCH` /rbac/permissions/assigned_by_roles/{uuid}/unassign/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `model` (string) + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +##### `POST` /rbac/permissions/assigned_by_users/{id}/assign/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `model` (string) + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +##### `PATCH` /rbac/permissions/assigned_by_users/{id}/unassign/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `model` (string) + + Added enum values: + + - `authentik_sources_scim.scimsource` + - `authentik_stages_authenticator_webauthn.authenticatorwebauthnstage` + - `authentik_stages_source.sourcestage` + Removed enum value: + + - `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` + +##### `GET` /rbac/permissions/roles/ + +##### `GET` /rbac/permissions/users/ + +##### `POST` /rbac/roles/ + +##### `GET` /rbac/roles/ + +##### `GET` /rbac/roles/{uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /root/config/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `capabilities` (array) + + Changed items (string): + +##### `DELETE` /sources/all/{slug}/ + +##### `GET` /sources/all/{slug}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/all/{slug}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /sources/ldap/{slug}/ + +##### `GET` /sources/ldap/{slug}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Added property `password_login_update_internal_password` (boolean) + + > Update internal authentik password when login succeeds with LDAP + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PUT` /sources/ldap/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Added property `password_login_update_internal_password` (boolean) + + > Update internal authentik password when login succeeds with LDAP + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Added property `password_login_update_internal_password` (boolean) + + > Update internal authentik password when login succeeds with LDAP + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PATCH` /sources/ldap/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Added property `password_login_update_internal_password` (boolean) + + > Update internal authentik password when login succeeds with LDAP + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Added property `password_login_update_internal_password` (boolean) + + > Update internal authentik password when login succeeds with LDAP + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/ldap/{slug}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /sources/oauth/{slug}/ + +##### `GET` /sources/oauth/{slug}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + + - Changed property `provider_type` (string) + + Added enum value: + + - `gitlab` + +##### `PUT` /sources/oauth/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `policy_engine_mode` (string) + +- Changed property `provider_type` (string) + + Added enum value: + + - `gitlab` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + + - Changed property `provider_type` (string) + + Added enum value: + + - `gitlab` + +##### `PATCH` /sources/oauth/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `policy_engine_mode` (string) + +- Changed property `provider_type` (string) + + Added enum value: + + - `gitlab` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + + - Changed property `provider_type` (string) + + Added enum value: + + - `gitlab` + +##### `GET` /sources/oauth/{slug}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /sources/plex/{slug}/ + +##### `GET` /sources/plex/{slug}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PUT` /sources/plex/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PATCH` /sources/plex/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/plex/{slug}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /sources/saml/{slug}/ + +##### `GET` /sources/saml/{slug}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `name_id_policy` (string) + + > NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. + + - Changed property `policy_engine_mode` (string) + + - Changed property `binding_type` (string) + + - Changed property `digest_algorithm` (string) + + - Changed property `signature_algorithm` (string) + +##### `PUT` /sources/saml/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `name_id_policy` (string) + + > NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. + +- Changed property `policy_engine_mode` (string) + +- Changed property `binding_type` (string) + +- Changed property `digest_algorithm` (string) + +- Changed property `signature_algorithm` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `name_id_policy` (string) + + > NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. + + - Changed property `policy_engine_mode` (string) + + - Changed property `binding_type` (string) + + - Changed property `digest_algorithm` (string) + + - Changed property `signature_algorithm` (string) + +##### `PATCH` /sources/saml/{slug}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `name_id_policy` (string) + + > NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. + +- Changed property `policy_engine_mode` (string) + +- Changed property `binding_type` (string) + +- Changed property `digest_algorithm` (string) + +- Changed property `signature_algorithm` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `name_id_policy` (string) + + > NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. + + - Changed property `policy_engine_mode` (string) + + - Changed property `binding_type` (string) + + - Changed property `digest_algorithm` (string) + + - Changed property `signature_algorithm` (string) + +##### `GET` /sources/saml/{slug}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /sources/user_connections/all/{id}/ + +##### `GET` /sources/user_connections/all/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PUT` /sources/user_connections/all/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PATCH` /sources/user_connections/all/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/user_connections/all/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /sources/user_connections/oauth/{id}/ + +##### `GET` /sources/user_connections/oauth/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PUT` /sources/user_connections/oauth/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PATCH` /sources/user_connections/oauth/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/user_connections/oauth/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /sources/user_connections/plex/{id}/ + +##### `GET` /sources/user_connections/plex/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PUT` /sources/user_connections/plex/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PATCH` /sources/user_connections/plex/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/user_connections/plex/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /sources/user_connections/saml/{id}/ + +##### `GET` /sources/user_connections/saml/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PUT` /sources/user_connections/saml/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `PATCH` /sources/user_connections/saml/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/user_connections/saml/{id}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/all/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /stages/authenticator/duo/{stage_uuid}/enrollment_status/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `duo_response` (string) + +##### `GET` /stages/authenticator/duo/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/authenticator/sms/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/authenticator/static/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/authenticator/totp/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/authenticator/validate/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/authenticator/webauthn/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/captcha/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/consent/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/deny/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/dummy/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/email/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/identification/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `DELETE` /stages/invitation/invitations/{invite_uuid}/ + +##### `GET` /stages/invitation/invitations/{invite_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_obj` (object) + + > Flow Serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/invitation/invitations/{invite_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_obj` (object) + + > Flow Serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/invitation/invitations/{invite_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_obj` (object) + + > Flow Serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/invitation/invitations/{invite_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/invitation/stages/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/password/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/prompt/prompts/{prompt_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/prompt/stages/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/user_delete/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/user_login/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/user_logout/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `GET` /stages/user_write/{stage_uuid}/used_by/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Changed items (object): > A list of all objects referencing the queried object + + - Changed property `action` (string) + +##### `POST` /authenticators/admin/static/ + +##### `GET` /authenticators/admin/static/ + +##### `GET` /authenticators/static/ + +##### `POST` /core/applications/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `policy_engine_mode` (string) + +##### `GET` /core/applications/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Application Serializer + + - Changed property `policy_engine_mode` (string) + +##### `POST` /core/groups/ + +##### `GET` /core/groups/ + +###### Parameters: + +Added: `include_users` in `query` + +##### `POST` /core/tokens/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `intent` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `intent` (string) + + - Changed property `user_obj` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `GET` /core/tokens/ + +###### Parameters: + +Changed: `intent` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Token Serializer + + - Changed property `intent` (string) + + - Changed property `user_obj` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `DELETE` /core/user_consent/{id}/ + +##### `GET` /core/user_consent/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user` (object) + + > User Serializer + + - Changed property `type` (string) + + - Changed property `application` (object) + + > Application Serializer + + - Changed property `policy_engine_mode` (string) + +##### `POST` /core/users/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `type` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `type` (string) + +##### `GET` /core/users/ + +###### Parameters: + +Added: `include_groups` in `query` + +Changed: `type` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > User Serializer + + - Changed property `type` (string) + +##### `GET` /core/users/me/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user` (object) + + > User Serializer for information a user can retrieve about themselves + + - Changed property `type` (string) + +##### `POST` /events/events/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `action` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `action` (string) + +##### `GET` /events/events/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Event Serializer + + - Changed property `action` (string) + +##### `DELETE` /events/notifications/{uuid}/ + +##### `GET` /events/notifications/{uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `severity` (string) + + - Changed property `event` (object) + + > Event Serializer + + - Changed property `action` (string) + +##### `PUT` /events/notifications/{uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `event` (object) + + > Event Serializer + + - Changed property `action` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `severity` (string) + + - Changed property `event` (object) + + > Event Serializer + + - Changed property `action` (string) + +##### `PATCH` /events/notifications/{uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `event` (object) + + > Event Serializer + + - Changed property `action` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `severity` (string) + + - Changed property `event` (object) + + > Event Serializer + + - Changed property `action` (string) + +##### `POST` /events/rules/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `severity` (string) + > Controls which severity level the created notifications will have. + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `severity` (string) + > Controls which severity level the created notifications will have. + +##### `GET` /events/rules/ + +###### Parameters: + +Changed: `severity` in `query` + +> Controls which severity level the created notifications will have. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > NotificationRule Serializer + + - Changed property `severity` (string) + > Controls which severity level the created notifications will have. + +##### `GET` /events/system_tasks/ + +###### Parameters: + +Changed: `status` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Serialize TaskInfo and TaskResult + + - Changed property `messages` (array) + + Changed items (string -> object): > Single log message with all context logged. + + - Changed property `status` (string) + +##### `POST` /events/transports/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `mode` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + +##### `GET` /events/transports/ + +###### Parameters: + +Changed: `mode` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > NotificationTransport Serializer + + - Changed property `mode` (string) + +##### `DELETE` /flows/bindings/{fsb_uuid}/ + +##### `GET` /flows/bindings/{fsb_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `invalid_response_action` (string) + + > Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. + + - Changed property `policy_engine_mode` (string) + + - Changed property `stage_obj` (object) + + > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `layout` (string) + +##### `PUT` /flows/bindings/{fsb_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `invalid_response_action` (string) + + > Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `invalid_response_action` (string) + + > Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. + + - Changed property `policy_engine_mode` (string) + + - Changed property `stage_obj` (object) + + > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `layout` (string) + +##### `PATCH` /flows/bindings/{fsb_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `invalid_response_action` (string) + + > Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `invalid_response_action` (string) + + > Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. + + - Changed property `policy_engine_mode` (string) + + - Changed property `stage_obj` (object) + + > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `layout` (string) + +##### `POST` /flows/instances/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + +- Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + +- Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + +- Changed property `policy_engine_mode` (string) + +- Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /flows/instances/ + +###### Parameters: + +Changed: `denied_action` in `query` + +> Configure what should happen when a flow denies access to a user. + +Changed: `designation` in `query` + +> Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Flow Serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /oauth2/access_tokens/{id}/ + +##### `GET` /oauth2/access_tokens/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider` (object) + + > OAuth2Provider Serializer + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + + - Changed property `user` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `DELETE` /oauth2/authorization_codes/{id}/ + +##### `GET` /oauth2/authorization_codes/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider` (object) + + > OAuth2Provider Serializer + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + + - Changed property `user` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `DELETE` /oauth2/refresh_tokens/{id}/ + +##### `GET` /oauth2/refresh_tokens/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider` (object) + + > OAuth2Provider Serializer + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + + - Changed property `user` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `POST` /outposts/instances/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `type` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `type` (string) + +##### `GET` /outposts/instances/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Outpost Serializer + + - Changed property `type` (string) + +##### `GET` /outposts/ldap/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > LDAPProvider Serializer + + - Changed property `search_mode` (string) + +##### `POST` /policies/bindings/ + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `user_obj` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `GET` /policies/bindings/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > PolicyBinding Serializer + + - Changed property `user_obj` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `POST` /providers/ldap/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `search_mode` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `search_mode` (string) + +##### `GET` /providers/ldap/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > LDAPProvider Serializer + + - Changed property `search_mode` (string) + +##### `POST` /providers/saml/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `sp_binding` (string) + + > This determines how authentik sends the response back to the Service Provider. + +- Changed property `digest_algorithm` (string) + +- Changed property `signature_algorithm` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `sp_binding` (string) + + > This determines how authentik sends the response back to the Service Provider. + + - Changed property `digest_algorithm` (string) + + - Changed property `signature_algorithm` (string) + +##### `GET` /providers/saml/ + +###### Parameters: + +Changed: `digest_algorithm` in `query` + +Changed: `signature_algorithm` in `query` + +Changed: `sp_binding` in `query` + +> This determines how authentik sends the response back to the Service Provider. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > SAMLProvider Serializer + + - Changed property `sp_binding` (string) + + > This determines how authentik sends the response back to the Service Provider. + + - Changed property `digest_algorithm` (string) + + - Changed property `signature_algorithm` (string) + +##### `GET` /providers/scim/{id}/sync_status/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `tasks` (array) + + Changed items (object): > Serialize TaskInfo and TaskResult + + - Changed property `messages` (array) + + Changed items (string -> object): > Single log message with all context logged. + + - Changed property `status` (string) + +##### `GET` /rac/connection_tokens/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > ConnectionToken Serializer + + New optional properties: + + - `pk` + + * Changed property `pk` (string) + + * Changed property `endpoint` (string) + + * Changed property `endpoint_obj` (object) + + > Endpoint Serializer + + - Changed property `protocol` (string) + + - Changed property `auth_mode` (string) + +##### `POST` /rac/endpoints/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `protocol` (string) + +- Changed property `auth_mode` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `protocol` (string) + + - Changed property `auth_mode` (string) + +##### `GET` /rac/endpoints/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Endpoint Serializer + + - Changed property `protocol` (string) + + - Changed property `auth_mode` (string) + +##### `GET` /rbac/permissions/assigned_by_roles/ + +###### Parameters: + +Changed: `model` in `query` + +##### `GET` /rbac/permissions/assigned_by_users/ + +###### Parameters: + +Changed: `model` in `query` + +##### `GET` /sources/all/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `POST` /sources/ldap/ + +###### Request: + +Changed content type : `application/json` + +- Added property `password_login_update_internal_password` (boolean) + + > Update internal authentik password when login succeeds with LDAP + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Added property `password_login_update_internal_password` (boolean) + + > Update internal authentik password when login succeeds with LDAP + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/ldap/ + +###### Parameters: + +Added: `password_login_update_internal_password` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > LDAP Source Serializer + + - Added property `password_login_update_internal_password` (boolean) + + > Update internal authentik password when login succeeds with LDAP + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/ldap/{slug}/sync_status/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `tasks` (array) + + Changed items (object): > Serialize TaskInfo and TaskResult + + - Changed property `messages` (array) + + Changed items (string -> object): > Single log message with all context logged. + + - Changed property `status` (string) + +##### `POST` /sources/oauth/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `policy_engine_mode` (string) + +- Changed property `provider_type` (string) + + Added enum value: + + - `gitlab` + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + + - Changed property `provider_type` (string) + + Added enum value: + + - `gitlab` + +##### `GET` /sources/oauth/ + +###### Parameters: + +Changed: `policy_engine_mode` in `query` + +Changed: `user_matching_mode` in `query` + +> How the source determines if an existing user should be authenticated or a new user enrolled. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > OAuth Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + + - Changed property `provider_type` (string) + + Added enum value: + + - `gitlab` + +##### `POST` /sources/plex/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/plex/ + +###### Parameters: + +Changed: `policy_engine_mode` in `query` + +Changed: `user_matching_mode` in `query` + +> How the source determines if an existing user should be authenticated or a new user enrolled. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Plex Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `POST` /sources/plex/redeem_token/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `type` (string) + + - Changed property `flow_info` (object) + + > Contextual flow information for a challenge + + - Changed property `layout` (string) + +##### `POST` /sources/saml/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + +- Changed property `name_id_policy` (string) + + > NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. + +- Changed property `policy_engine_mode` (string) + +- Changed property `binding_type` (string) + +- Changed property `digest_algorithm` (string) + +- Changed property `signature_algorithm` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `name_id_policy` (string) + + > NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. + + - Changed property `policy_engine_mode` (string) + + - Changed property `binding_type` (string) + + - Changed property `digest_algorithm` (string) + + - Changed property `signature_algorithm` (string) + +##### `GET` /sources/saml/ + +###### Parameters: + +Changed: `binding_type` in `query` + +Changed: `digest_algorithm` in `query` + +Changed: `name_id_policy` in `query` + +> NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. + +Changed: `policy_engine_mode` in `query` + +Changed: `signature_algorithm` in `query` + +Changed: `user_matching_mode` in `query` + +> How the source determines if an existing user should be authenticated or a new user enrolled. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > SAMLSource Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `name_id_policy` (string) + + > NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. + + - Changed property `policy_engine_mode` (string) + + - Changed property `binding_type` (string) + + - Changed property `digest_algorithm` (string) + + - Changed property `signature_algorithm` (string) + +##### `GET` /sources/user_connections/all/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > OAuth Source Serializer + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `POST` /sources/user_connections/oauth/ + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/user_connections/oauth/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > OAuth Source Serializer + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `POST` /sources/user_connections/plex/ + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/user_connections/plex/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Plex Source connection Serializer + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `POST` /sources/user_connections/saml/ + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `GET` /sources/user_connections/saml/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > SAML Source Serializer + + - Changed property `source` (object) + + > Source Serializer + + - Changed property `user_matching_mode` (string) + + > How the source determines if an existing user should be authenticated or a new user enrolled. + + - Changed property `policy_engine_mode` (string) + +##### `DELETE` /stages/all/{stage_uuid}/ + +##### `GET` /stages/all/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/authenticator/duo/{stage_uuid}/ + +##### `GET` /stages/authenticator/duo/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/authenticator/duo/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/authenticator/duo/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/authenticator/sms/{stage_uuid}/ + +##### `GET` /stages/authenticator/sms/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider` (string) + + - Changed property `auth_type` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/authenticator/sms/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `provider` (string) + +- Changed property `auth_type` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider` (string) + + - Changed property `auth_type` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/authenticator/sms/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `provider` (string) + +- Changed property `auth_type` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider` (string) + + - Changed property `auth_type` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/authenticator/static/{stage_uuid}/ + +##### `GET` /stages/authenticator/static/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/authenticator/static/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/authenticator/static/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/authenticator/totp/{stage_uuid}/ + +##### `GET` /stages/authenticator/totp/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `digits` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/authenticator/totp/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `digits` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `digits` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/authenticator/totp/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `digits` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `digits` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/authenticator/validate/{stage_uuid}/ + +##### `GET` /stages/authenticator/validate/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `webauthn_allowed_device_types_obj` + + * Added property `webauthn_allowed_device_types` (array) + + Items (string): + + * Added property `webauthn_allowed_device_types_obj` (array) + + Items (object): > WebAuthnDeviceType Serializer + + * Changed property `webauthn_user_verification` (string) + + > Enforce user verification for WebAuthn devices. + + * Changed property `not_configured_action` (string) + + * Changed property `device_classes` (array) + + > Device classes which can be used to authenticate + + Changed items (string): + + * Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/authenticator/validate/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Added property `webauthn_allowed_device_types` (array) + +- Changed property `webauthn_user_verification` (string) + + > Enforce user verification for WebAuthn devices. + +- Changed property `not_configured_action` (string) + +- Changed property `device_classes` (array) + + > Device classes which can be used to authenticate + + Changed items (string): + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `webauthn_allowed_device_types_obj` + + * Added property `webauthn_allowed_device_types` (array) + + * Added property `webauthn_allowed_device_types_obj` (array) + + * Changed property `webauthn_user_verification` (string) + + > Enforce user verification for WebAuthn devices. + + * Changed property `not_configured_action` (string) + + * Changed property `device_classes` (array) + + > Device classes which can be used to authenticate + + Changed items (string): + + * Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/authenticator/validate/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Added property `webauthn_allowed_device_types` (array) + +- Changed property `webauthn_user_verification` (string) + + > Enforce user verification for WebAuthn devices. + +- Changed property `not_configured_action` (string) + +- Changed property `device_classes` (array) + + > Device classes which can be used to authenticate + + Changed items (string): + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `webauthn_allowed_device_types_obj` + + * Added property `webauthn_allowed_device_types` (array) + + * Added property `webauthn_allowed_device_types_obj` (array) + + * Changed property `webauthn_user_verification` (string) + + > Enforce user verification for WebAuthn devices. + + * Changed property `not_configured_action` (string) + + * Changed property `device_classes` (array) + + > Device classes which can be used to authenticate + + Changed items (string): + + * Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/authenticator/webauthn/{stage_uuid}/ + +##### `GET` /stages/authenticator/webauthn/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `device_type_restrictions_obj` + + * Added property `device_type_restrictions` (array) + + * Added property `device_type_restrictions_obj` (array) + + * Changed property `authenticator_attachment` (string) + + * Changed property `user_verification` (string) + + * Changed property `resident_key_requirement` (string) + + * Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/authenticator/webauthn/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Added property `device_type_restrictions` (array) + +- Changed property `authenticator_attachment` (string) + +- Changed property `user_verification` (string) + +- Changed property `resident_key_requirement` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `device_type_restrictions_obj` + + * Added property `device_type_restrictions` (array) + + * Added property `device_type_restrictions_obj` (array) + + * Changed property `authenticator_attachment` (string) + + * Changed property `user_verification` (string) + + * Changed property `resident_key_requirement` (string) + + * Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/authenticator/webauthn/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Added property `device_type_restrictions` (array) + +- Changed property `authenticator_attachment` (string) + +- Changed property `user_verification` (string) + +- Changed property `resident_key_requirement` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `device_type_restrictions_obj` + + * Added property `device_type_restrictions` (array) + + * Added property `device_type_restrictions_obj` (array) + + * Changed property `authenticator_attachment` (string) + + * Changed property `user_verification` (string) + + * Changed property `resident_key_requirement` (string) + + * Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/captcha/{stage_uuid}/ + +##### `GET` /stages/captcha/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/captcha/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/captcha/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/consent/{stage_uuid}/ + +##### `GET` /stages/consent/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/consent/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `mode` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/consent/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `mode` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/deny/{stage_uuid}/ + +##### `GET` /stages/deny/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/deny/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/deny/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/dummy/{stage_uuid}/ + +##### `GET` /stages/dummy/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/dummy/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/dummy/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/email/{stage_uuid}/ + +##### `GET` /stages/email/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/email/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/email/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/identification/{stage_uuid}/ + +##### `GET` /stages/identification/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_fields` (array) + + > Fields of the user object to match against. (Hold shift to select multiple options) + + Changed items (string): + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/identification/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_fields` (array) + + > Fields of the user object to match against. (Hold shift to select multiple options) + + Changed items (string): + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_fields` (array) + + > Fields of the user object to match against. (Hold shift to select multiple options) + + Changed items (string): + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/identification/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_fields` (array) + + > Fields of the user object to match against. (Hold shift to select multiple options) + + Changed items (string): + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_fields` (array) + + > Fields of the user object to match against. (Hold shift to select multiple options) + + Changed items (string): + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/invitation/invitations/ + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `flow_obj` (object) + + > Flow Serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/invitation/invitations/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Invitation Serializer + + - Changed property `flow_obj` (object) + + > Flow Serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `authentication` (string) + + > Required level of authentication and authorization to access a flow. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/invitation/stages/{stage_uuid}/ + +##### `GET` /stages/invitation/stages/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/invitation/stages/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/invitation/stages/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/password/{stage_uuid}/ + +##### `GET` /stages/password/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/password/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/password/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/prompt/stages/{stage_uuid}/ + +##### `GET` /stages/prompt/stages/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/prompt/stages/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/prompt/stages/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/user_delete/{stage_uuid}/ + +##### `GET` /stages/user_delete/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/user_delete/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/user_delete/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/user_login/{stage_uuid}/ + +##### `GET` /stages/user_login/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `network_binding` (string) + + > Bind sessions created by this stage to the configured network + + - Changed property `geoip_binding` (string) + + > Bind sessions created by this stage to the configured GeoIP location + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/user_login/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `network_binding` (string) + + > Bind sessions created by this stage to the configured network + +- Changed property `geoip_binding` (string) + + > Bind sessions created by this stage to the configured GeoIP location + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `network_binding` (string) + + > Bind sessions created by this stage to the configured network + + - Changed property `geoip_binding` (string) + + > Bind sessions created by this stage to the configured GeoIP location + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/user_login/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `network_binding` (string) + + > Bind sessions created by this stage to the configured network + +- Changed property `geoip_binding` (string) + + > Bind sessions created by this stage to the configured GeoIP location + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `network_binding` (string) + + > Bind sessions created by this stage to the configured network + + - Changed property `geoip_binding` (string) + + > Bind sessions created by this stage to the configured GeoIP location + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/user_logout/{stage_uuid}/ + +##### `GET` /stages/user_logout/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/user_logout/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/user_logout/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/user_write/{stage_uuid}/ + +##### `GET` /stages/user_write/{stage_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_creation_mode` (string) + + - Changed property `user_type` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/user_write/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_creation_mode` (string) + +- Changed property `user_type` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_creation_mode` (string) + + - Changed property `user_type` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/user_write/{stage_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_creation_mode` (string) + +- Changed property `user_type` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `user_creation_mode` (string) + + - Changed property `user_type` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /core/transactional/applications/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `provider_model` (string) + +- Changed property `app` (object) + + > Application Serializer + + - Changed property `policy_engine_mode` (string) + +- Changed property `provider` (object) + + Updated `authentik_providers_oauth2.oauth2provider` provider_model: + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + + Updated `authentik_providers_proxy.proxyprovider` provider_model: + + - Changed property `mode` (string) + > Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. + + Updated `authentik_providers_saml.samlprovider` provider_model: + + - Changed property `sp_binding` (string) + + > This determines how authentik sends the response back to the Service Provider. + + - Changed property `digest_algorithm` (string) + + - Changed property `signature_algorithm` (string) + + Updated `authentik_providers_ldap.ldapprovider` provider_model: + + - Changed property `search_mode` (string) + +##### `GET` /core/user_consent/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > UserConsent Serializer + + - Changed property `user` (object) + + > User Serializer + + - Changed property `type` (string) + + - Changed property `application` (object) + + > Application Serializer + + - Changed property `policy_engine_mode` (string) + +##### `GET` /events/notifications/ + +###### Parameters: + +Changed: `severity` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Notification Serializer + + - Changed property `severity` (string) + + - Changed property `event` (object) + + > Event Serializer + + - Changed property `action` (string) + +##### `POST` /flows/bindings/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `invalid_response_action` (string) + + > Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. + +- Changed property `policy_engine_mode` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `invalid_response_action` (string) + + > Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. + + - Changed property `policy_engine_mode` (string) + + - Changed property `stage_obj` (object) + + > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `layout` (string) + +##### `GET` /flows/bindings/ + +###### Parameters: + +Changed: `invalid_response_action` in `query` + +> Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. + +Changed: `policy_engine_mode` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > FlowStageBinding Serializer + + - Changed property `invalid_response_action` (string) + + > Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. + + - Changed property `policy_engine_mode` (string) + + - Changed property `stage_obj` (object) + + > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `layout` (string) + +##### `GET` /flows/executor/{flow_slug}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Updated `ak-stage-dummy` component: + New required properties: + + - `name` + + * Added property `name` (string) + + Updated `ak-provider-oauth2-device-code` component: + + - Changed property `type` (string) + + - Changed property `flow_info` (object) + + > Contextual flow information for a challenge + + - Changed property `layout` (string) + + Updated `ak-stage-prompt` component: + + - Changed property `fields` (array) + + Changed items (object): > Serializer for a single Prompt field + + - Changed property `type` (string) + + Updated `ak-stage-identification` component: + New required properties: + + - `flow_designation` + + * Added property `flow_designation` (string) + + Enum values: + + - `authentication` + - `authorization` + - `invalidation` + - `enrollment` + - `unenrollment` + - `recovery` + - `stage_configuration` + +##### `POST` /flows/executor/{flow_slug}/ + +###### Request: + +Changed content type : `application/json` + +Updated `ak-source-oauth-apple` component: + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + Updated `ak-stage-dummy` component: + New required properties: + + - `name` + + * Added property `name` (string) + + Updated `ak-provider-oauth2-device-code` component: + + - Changed property `type` (string) + + - Changed property `flow_info` (object) + + > Contextual flow information for a challenge + + - Changed property `layout` (string) + + Updated `ak-stage-prompt` component: + + - Changed property `fields` (array) + + Changed items (object): > Serializer for a single Prompt field + + - Changed property `type` (string) + + Updated `ak-stage-identification` component: + New required properties: + + - `flow_designation` + + * Added property `flow_designation` (string) + +##### `GET` /flows/inspector/{flow_slug}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `plans` (array) + + Changed items (object): > Serializer for an active FlowPlan + + - Changed property `next_planned_stage` (object) + + > FlowStageBinding Serializer + + - Changed property `invalid_response_action` (string) + > Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. + + - Changed property `current_stage` (object) + + > FlowStageBinding Serializer + + - Changed property `invalid_response_action` (string) + + > Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. + + - Changed property `policy_engine_mode` (string) + + - Changed property `stage_obj` (object) + + > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `layout` (string) + +##### `GET` /oauth2/access_tokens/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Serializer for BaseGrantModel and RefreshToken + + - Changed property `provider` (object) + + > OAuth2Provider Serializer + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + + - Changed property `user` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `GET` /oauth2/authorization_codes/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant + + - Changed property `provider` (object) + + > OAuth2Provider Serializer + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + + - Changed property `user` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `GET` /oauth2/refresh_tokens/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Serializer for BaseGrantModel and RefreshToken + + - Changed property `provider` (object) + + > OAuth2Provider Serializer + + - Changed property `client_type` (string) + + > Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + - Changed property `issuer_mode` (string) + > Configure how the issuer field of the ID Token should be filled. + + - Changed property `user` (object) + + > User Serializer + + - Changed property `type` (string) + +##### `GET` /stages/all/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/authenticator/duo/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/authenticator/duo/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > AuthenticatorDuoStage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/authenticator/sms/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `provider` (string) + +- Changed property `auth_type` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `provider` (string) + + - Changed property `auth_type` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/authenticator/sms/ + +###### Parameters: + +Changed: `auth_type` in `query` + +Changed: `provider` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > AuthenticatorSMSStage Serializer + + - Changed property `provider` (string) + + - Changed property `auth_type` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/authenticator/static/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/authenticator/static/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > AuthenticatorStaticStage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/authenticator/totp/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `digits` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `digits` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/authenticator/totp/ + +###### Parameters: + +Changed: `digits` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > AuthenticatorTOTPStage Serializer + + - Changed property `digits` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/authenticator/validate/ + +###### Request: + +Changed content type : `application/json` + +- Added property `webauthn_allowed_device_types` (array) + +- Changed property `webauthn_user_verification` (string) + + > Enforce user verification for WebAuthn devices. + +- Changed property `not_configured_action` (string) + +- Changed property `device_classes` (array) + + > Device classes which can be used to authenticate + + Changed items (string): + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + New required properties: + + - `webauthn_allowed_device_types_obj` + + * Added property `webauthn_allowed_device_types` (array) + + * Added property `webauthn_allowed_device_types_obj` (array) + + * Changed property `webauthn_user_verification` (string) + + > Enforce user verification for WebAuthn devices. + + * Changed property `not_configured_action` (string) + + * Changed property `device_classes` (array) + + > Device classes which can be used to authenticate + + Changed items (string): + + * Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/authenticator/validate/ + +###### Parameters: + +Changed: `not_configured_action` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > AuthenticatorValidateStage Serializer + + New required properties: + + - `webauthn_allowed_device_types_obj` + + * Added property `webauthn_allowed_device_types` (array) + + * Added property `webauthn_allowed_device_types_obj` (array) + + * Changed property `webauthn_user_verification` (string) + + > Enforce user verification for WebAuthn devices. + + * Changed property `not_configured_action` (string) + + * Changed property `device_classes` (array) + + > Device classes which can be used to authenticate + + Changed items (string): + + * Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/authenticator/webauthn/ + +###### Request: + +Changed content type : `application/json` + +- Added property `device_type_restrictions` (array) + +- Changed property `authenticator_attachment` (string) + +- Changed property `user_verification` (string) + +- Changed property `resident_key_requirement` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + New required properties: + + - `device_type_restrictions_obj` + + * Added property `device_type_restrictions` (array) + + * Added property `device_type_restrictions_obj` (array) + + * Changed property `authenticator_attachment` (string) + + * Changed property `user_verification` (string) + + * Changed property `resident_key_requirement` (string) + + * Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/authenticator/webauthn/ + +###### Parameters: + +Added: `device_type_restrictions` in `query` + +Changed: `authenticator_attachment` in `query` + +Changed: `resident_key_requirement` in `query` + +Changed: `user_verification` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > AuthenticatorWebAuthnStage Serializer + + New required properties: + + - `device_type_restrictions_obj` + + * Added property `device_type_restrictions` (array) + + * Added property `device_type_restrictions_obj` (array) + + * Changed property `authenticator_attachment` (string) + + * Changed property `user_verification` (string) + + * Changed property `resident_key_requirement` (string) + + * Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/captcha/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/captcha/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > CaptchaStage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/consent/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `mode` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `mode` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/consent/ + +###### Parameters: + +Changed: `mode` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > ConsentStage Serializer + + - Changed property `mode` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/deny/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/deny/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > DenyStage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/dummy/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/dummy/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > DummyStage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/email/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/email/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > EmailStage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/identification/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_fields` (array) + + > Fields of the user object to match against. (Hold shift to select multiple options) + + Changed items (string): + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `user_fields` (array) + + > Fields of the user object to match against. (Hold shift to select multiple options) + + Changed items (string): + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/identification/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > IdentificationStage Serializer + + - Changed property `user_fields` (array) + + > Fields of the user object to match against. (Hold shift to select multiple options) + + Changed items (string): + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/invitation/stages/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/invitation/stages/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > InvitationStage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/password/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/password/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > PasswordStage Serializer + + - Changed property `backends` (array) + + > Selection of backends to test the password against. + + Changed items (string): + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `DELETE` /stages/prompt/prompts/{prompt_uuid}/ + +##### `GET` /stages/prompt/prompts/{prompt_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `type` (string) + + - Changed property `promptstage_set` (array) + + Changed items (object): > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PUT` /stages/prompt/prompts/{prompt_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `type` (string) + +- Changed property `promptstage_set` (array) + + Changed items (object): > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `type` (string) + + - Changed property `promptstage_set` (array) + + Changed items (object): > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `PATCH` /stages/prompt/prompts/{prompt_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `type` (string) + +- Changed property `promptstage_set` (array) + + Changed items (object): > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `type` (string) + + - Changed property `promptstage_set` (array) + + Changed items (object): > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/prompt/prompts/preview/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `type` (string) + +- Changed property `promptstage_set` (array) + + Changed items (object): > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `type` (string) + + - Changed property `flow_info` (object) + + > Contextual flow information for a challenge + + - Changed property `layout` (string) + + - Changed property `fields` (array) + + Changed items (object): > Serializer for a single Prompt field + + - Changed property `type` (string) + +##### `POST` /stages/prompt/stages/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/prompt/stages/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > PromptStage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/user_delete/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/user_delete/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > UserDeleteStage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/user_login/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `network_binding` (string) + + > Bind sessions created by this stage to the configured network + +- Changed property `geoip_binding` (string) + + > Bind sessions created by this stage to the configured GeoIP location + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `network_binding` (string) + + > Bind sessions created by this stage to the configured network + + - Changed property `geoip_binding` (string) + + > Bind sessions created by this stage to the configured GeoIP location + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/user_login/ + +###### Parameters: + +Changed: `geoip_binding` in `query` + +> Bind sessions created by this stage to the configured GeoIP location + +Changed: `network_binding` in `query` + +> Bind sessions created by this stage to the configured network + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > UserLoginStage Serializer + + - Changed property `network_binding` (string) + + > Bind sessions created by this stage to the configured network + + - Changed property `geoip_binding` (string) + + > Bind sessions created by this stage to the configured GeoIP location + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/user_logout/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/user_logout/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > UserLogoutStage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/user_write/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `user_creation_mode` (string) + +- Changed property `user_type` (string) + +- Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `user_creation_mode` (string) + + - Changed property `user_type` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/user_write/ + +###### Parameters: + +Changed: `user_creation_mode` in `query` + +Changed: `user_type` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > UserWriteStage Serializer + + - Changed property `user_creation_mode` (string) + + - Changed property `user_type` (string) + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `POST` /stages/prompt/prompts/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `type` (string) + +- Changed property `promptstage_set` (array) + + Changed items (object): > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `type` (string) + + - Changed property `promptstage_set` (array) + + Changed items (object): > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string) + +##### `GET` /stages/prompt/prompts/ + +###### Parameters: + +Changed: `type` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Prompt Serializer + + - Changed property `type` (string) + + - Changed property `promptstage_set` (array) + + Changed items (object): > Stage Serializer + + - Changed property `flow_set` (array) + + Changed items (object): > Stripped down flow serializer + + - Changed property `designation` (string) + + > Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. + + - Changed property `denied_action` (string) + + > Configure what should happen when a flow denies access to a user. + + - Changed property `policy_engine_mode` (string) + + - Changed property `layout` (string)