diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e9e2a4cec2..d33b391b8f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -30,7 +30,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: prepare ts api client run: | - docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 + make gen-web - name: Building Docker Image uses: docker/build-push-action@v2 with: @@ -51,9 +51,8 @@ jobs: go-version: "^1.15" - name: prepare go api client run: | + make gen-outpost cd outpost - go get -u github.com/go-swagger/go-swagger/cmd/swagger - swagger generate client -f ../swagger.yaml -A authentik -t pkg/ go build -v ./cmd/proxy/server.go - name: Set up QEMU uses: docker/setup-qemu-action@v1.1.0 @@ -91,9 +90,8 @@ jobs: go-version: "^1.15" - name: prepare go api client run: | + make gen-outpost cd outpost - go get -u github.com/go-swagger/go-swagger/cmd/swagger - swagger generate client -f ../swagger.yaml -A authentik -t pkg/ go build -v ./cmd/ldap/server.go - name: Set up QEMU uses: docker/setup-qemu-action@v1.1.0 diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml index 2f03dc6942..c9a5966c70 100644 --- a/.github/workflows/tag.yml +++ b/.github/workflows/tag.yml @@ -13,7 +13,7 @@ jobs: - uses: actions/checkout@v2 - name: prepare ts api client run: | - docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 + make gen-web - name: Pre-release test run: | sudo apt-get install -y pwgen diff --git a/Makefile b/Makefile index 242d727f88..5cb2886b99 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,7 @@ .SHELLFLAGS += -x -e PWD = $(shell pwd) +UID = $(shell id -u) +GID = $(shell id -g) all: lint-fix lint test gen @@ -25,16 +27,35 @@ lint: bandit -r authentik tests lifecycle -x node_modules pylint authentik tests lifecycle -gen: - ./manage.py generate_swagger -o swagger.yaml -f yaml +gen-build: + ./manage.py spectacular --file schema.yml + +gen-web: docker run \ --rm -v ${PWD}:/local \ + --user ${UID}:${GID} \ openapitools/openapi-generator-cli generate \ - -i /local/swagger.yaml \ + -i /local/schema.yml \ -g typescript-fetch \ -o /local/web/api \ --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 cd web/api && npx tsc +gen-outpost: + docker run \ + --rm -v ${PWD}:/local \ + --user ${UID}:${GID} \ + openapitools/openapi-generator-cli generate \ + --git-host goauthentik.io \ + --git-repo-id outpost \ + --git-user-id api \ + -i /local/schema.yml \ + -g go \ + -o /local/outpost/api \ + --additional-properties=packageName=api,enumClassPrefix=true + rm -f outpost/api/go.mod outpost/api/go.sum + +gen: gen-build gen-web gen-outpost + run: go run -v cmd/server/main.go diff --git a/Pipfile b/Pipfile index 96c6a30062..6ca7b5f3d8 100644 --- a/Pipfile +++ b/Pipfile @@ -22,7 +22,7 @@ django-storages = "*" djangorestframework = "*" djangorestframework-guardian = "*" docker = "*" -drf_yasg = "*" +drf-spectacular = "*" facebook-sdk = "*" geoip2 = "*" gunicorn = "*" diff --git a/Pipfile.lock b/Pipfile.lock index ad7d7226e4..ad387aab8b 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "8a32708c1c04f8da03c817df973de28c37c97ee773f571ce0b3f3f834e1b7094" + "sha256": "61354b75aa954ea0a995ee1909b861092a4be5c1af66d3c00c7c7845e056d064" }, "pipfile-spec": 6, "requires": { @@ -56,6 +56,7 @@ "sha256:f881853d2643a29e643609da57b96d5f9c9b93f62429dcc1cbb413c7d07f0e1a", "sha256:fe60131d21b31fd1a14bd43e6bb88256f69dfc3188b3a89d736d6c71ed43ec95" ], + "markers": "python_version >= '3.6'", "version": "==3.7.4.post0" }, "aioredis": { @@ -70,6 +71,7 @@ "sha256:03e16e94f2b34c31f8bf1206d8ddd3ccaa4c315f7f6a1879b7b1210d229568c2", "sha256:493a2ac6788ce270a2f6a765b017299f60c1998f5a8617908ee9be082f7300fb" ], + "markers": "python_version >= '3.6'", "version": "==5.0.6" }, "asgiref": { @@ -77,6 +79,7 @@ "sha256:92906c611ce6c967347bbfea733f13d6313901d54dcca88195eaeb52b2a8e8ee", "sha256:d1216dfbdfb63826470995d31caed36225dcaf34f182e0fa257a4dd9e86f1b78" ], + "markers": "python_version >= '3.6'", "version": "==3.3.4" }, "async-timeout": { @@ -84,6 +87,7 @@ "sha256:0c3c816a028d47f659d6ff5c745cb2acf1f966da1fe5c19c77a70282b25f4c5f", "sha256:4291ca197d287d274d0b6cb5d6f8f8f82d434ed288f962539ff18cc9012f9ea3" ], + "markers": "python_full_version >= '3.5.3'", "version": "==3.0.1" }, "attrs": { @@ -91,6 +95,7 @@ "sha256:149e90d6d8ac20db7a955ad60cf0e6881a3f20d37096140088356da6c716b0b1", "sha256:ef6aaac3ca6cd92904cdd0d83f629a15f18053ec84e6432106f7a4d04ae4f5fb" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==21.2.0" }, "autobahn": { @@ -98,6 +103,7 @@ "sha256:9195df8af03b0ff29ccd4b7f5abbde957ee90273465942205f9a1bad6c3f07ac", "sha256:e126c1f583e872fb59e79d36977cfa1f2d0a8a79f90ae31f406faae7664b8e03" ], + "markers": "python_version >= '3.7'", "version": "==21.3.1" }, "automat": { @@ -127,6 +133,7 @@ "sha256:4b4aa58c61d4b125bc6ec1597924b2749e19de8f2c9a374ac087aa2561e71828", "sha256:69dc0b6fdc0855f5a4f8b1d29c96b9cec44e71054fea0f968e5904d6ccfd4fd9" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", "version": "==1.20.73" }, "cachetools": { @@ -134,6 +141,7 @@ "sha256:2cc0b89715337ab6dbba85b5b50effe2b0c74e035d83ee8ed637cf52f12ae001", "sha256:61b5ed1e22a0924aed1d23b478f37e8d52549ff8a961de2909c69bf950020cff" ], + "markers": "python_version ~= '3.5'", "version": "==4.2.2" }, "cbor2": { @@ -220,6 +228,7 @@ "sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa", "sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==4.0.0" }, "click": { @@ -227,6 +236,7 @@ "sha256:d2b5255c7c6349bc1bd1e59e08cd12acbbd63ce649f2588755783aa94dfb6b1a", "sha256:dacca89f4bfadd5de3d7489b7c8a566eee0d3676333fbb50030263894c38c0dc" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==7.1.2" }, "click-didyoumean": { @@ -256,20 +266,6 @@ ], "version": "==15.1.0" }, - "coreapi": { - "hashes": [ - "sha256:46145fcc1f7017c076a2ef684969b641d18a2991051fddec9458ad3f78ffc1cb", - "sha256:bf39d118d6d3e171f10df9ede5666f63ad80bba9a29a8ec17726a66cf52ee6f3" - ], - "version": "==2.3.3" - }, - "coreschema": { - "hashes": [ - "sha256:5e6ef7bf38c1525d5e55a895934ab4273548629f16aed5c0a6caa74ebf45551f", - "sha256:9503506007d482ab0867ba14724b93c18a33b22b6d19fb419ef2d239dd4a1607" - ], - "version": "==0.0.4" - }, "cryptography": { "hashes": [ "sha256:0f1212a66329c80d68aeeb39b8a16d54ef57071bf22ff4e521657b27372e327d", @@ -300,6 +296,7 @@ "sha256:76ffae916ba3aa66b46996c14fa713e46004788167a4873d647544e750e0e99f", "sha256:a9af943c79717bc52fe64a3c236ae5d3adccc8b5be19c881b442d2c3db233393" ], + "markers": "python_version >= '3.6'", "version": "==3.0.2" }, "defusedxml": { @@ -402,13 +399,13 @@ "index": "pypi", "version": "==5.0.0" }, - "drf-yasg": { + "drf-spectacular": { "hashes": [ - "sha256:8b72e5b1875931a8d11af407be3a9a5ba8776541492947a0df5bafda6b7f8267", - "sha256:d50f197c7f02545d0b736df88c6d5cf874f8fea2507ad85ad7de6ae5bf2d9e5a" + "sha256:4a77c233c99e028b8905cd2cf05388524838ade97b95d5c6e4861e0c3c95af31", + "sha256:d7f64b97e8940b143a0e8d1de20523e8d7d5fe8ec557aec574513282c413b0b3" ], "index": "pypi", - "version": "==1.20.0" + "version": "==0.16.0" }, "facebook-sdk": { "hashes": [ @@ -422,6 +419,7 @@ "hashes": [ "sha256:b1bead90b70cf6ec3f0710ae53a525360fa360d306a86583adc6bf83a4db537d" ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==0.18.2" }, "geoip2": { @@ -437,6 +435,7 @@ "sha256:588bdb03a41ecb4978472b847881e5518b5d9ec6153d3d679aa127a55e13b39f", "sha256:9ad25fba07f46a628ad4d0ca09f38dcb262830df2ac95b217f9b0129c9e42206" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", "version": "==1.30.0" }, "gunicorn": { @@ -452,6 +451,7 @@ "sha256:36a3cb8c0a032f56e2da7084577878a035d3b61d104230d4bd49c0c6b555a9c6", "sha256:47222cb6067e4a307d535814917cd98fd0a57b6788ce715755fa2b6c28b56042" ], + "markers": "python_version >= '3.6'", "version": "==0.12.0" }, "hiredis": { @@ -498,6 +498,7 @@ "sha256:f52010e0a44e3d8530437e7da38d11fb822acfb0d5b12e9cd5ba655509937ca0", "sha256:f8196f739092a78e4f6b1b2172679ed3343c39c61a3e9d722ce6fcf1dac2824a" ], + "markers": "python_version >= '3.6'", "version": "==2.0.0" }, "httptools": { @@ -546,27 +547,15 @@ "sha256:1a29730d366e996aaacffb2f1f1cb9593dc38e2ddd30c91250c6dde09ea9b417", "sha256:f38b2b640938a4f35ade69ac3d053042959b62a0f1076a5bbaa1b9526605a8a2" ], + "markers": "python_version >= '3.5'", "version": "==0.5.1" }, - "itypes": { - "hashes": [ - "sha256:03da6872ca89d29aef62773672b2d408f490f80db48b23079a4b194c86dd04c6", - "sha256:af886f129dea4a2a1e3d36595a2d139589e4dd287f5cab0b40e799ee81570ff1" - ], - "version": "==1.2.0" - }, - "jinja2": { - "hashes": [ - "sha256:2f2de5285cf37f33d33ecd4a9080b75c87cd0c1994d5a9c6df17131ea1f049c6", - "sha256:ea8d7dd814ce9df6de6a761ec7f1cac98afe305b8cdc4aaae4e114b8d8ce24c5" - ], - "version": "==3.0.0" - }, "jmespath": { "hashes": [ "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9", "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f" ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==0.10.0" }, "jsonschema": { @@ -581,6 +570,7 @@ "sha256:6dc509178ac4269b0e66ab4881f70a2035c33d3a622e20585f965986a5182006", "sha256:f4965fba0a4718d47d470beeb5d6446e3357a62402b16c510b6a2f251e05ac3c" ], + "markers": "python_version >= '3.6'", "version": "==5.0.2" }, "kubernetes": { @@ -593,7 +583,10 @@ }, "ldap3": { "hashes": [ + "sha256:8c949edbad2be8a03e719ba48bd6779f327ec156929562814b3e84ab56889c8c", + "sha256:afc6fc0d01f02af82cd7bfabd3bbfd5dc96a6ae91e97db0a2dab8a0f1b436056", "sha256:18c3ee656a6775b9b0d60f7c6c5b094d878d1d90fc03d56731039f0a4b546a91", + "sha256:4139c91f0eef9782df7b77c8cbc6243086affcb6a8a249b768a9658438e5da59", "sha256:c1df41d89459be6f304e0ceec4b00fdea533dbbcd83c802b1272dcdb94620b57" ], "index": "pypi", @@ -651,49 +644,11 @@ "index": "pypi", "version": "==4.6.3" }, - "markupsafe": { - "hashes": [ - "sha256:007dc055dbce5b1104876acee177dbfd18757e19d562cd440182e1f492e96b95", - "sha256:031bf79a27d1c42f69c276d6221172417b47cb4b31cdc73d362a9bf5a1889b9f", - "sha256:161d575fa49395860b75da5135162481768b11208490d5a2143ae6785123e77d", - "sha256:24bbc3507fb6dfff663af7900a631f2aca90d5a445f272db5fc84999fa5718bc", - "sha256:2efaeb1baff547063bad2b2893a8f5e9c459c4624e1a96644bbba08910ae34e0", - "sha256:32200f562daaab472921a11cbb63780f1654552ae49518196fc361ed8e12e901", - "sha256:3261fae28155e5c8634dd7710635fe540a05b58f160cef7713c7700cb9980e66", - "sha256:3b54a9c68995ef4164567e2cd1a5e16db5dac30b2a50c39c82db8d4afaf14f63", - "sha256:3c352ff634e289061711608f5e474ec38dbaa21e3e168820d53d5f4015e5b91b", - "sha256:3fb47f97f1d338b943126e90b79cad50d4fcfa0b80637b5a9f468941dbbd9ce5", - "sha256:441ce2a8c17683d97e06447fcbccbdb057cbf587c78eb75ae43ea7858042fe2c", - "sha256:45535241baa0fc0ba2a43961a1ac7562ca3257f46c4c3e9c0de38b722be41bd1", - "sha256:4aca81a687975b35e3e80bcf9aa93fe10cd57fac37bf18b2314c186095f57e05", - "sha256:4cc563836f13c57f1473bc02d1e01fc37bab70ad4ee6be297d58c1d66bc819bf", - "sha256:4fae0677f712ee090721d8b17f412f1cbceefbf0dc180fe91bab3232f38b4527", - "sha256:58bc9fce3e1557d463ef5cee05391a05745fd95ed660f23c1742c711712c0abb", - "sha256:664832fb88b8162268928df233f4b12a144a0c78b01d38b81bdcf0fc96668ecb", - "sha256:70820a1c96311e02449591cbdf5cd1c6a34d5194d5b55094ab725364375c9eb2", - "sha256:79b2ae94fa991be023832e6bcc00f41dbc8e5fe9d997a02db965831402551730", - "sha256:83cf0228b2f694dcdba1374d5312f2277269d798e65f40344964f642935feac1", - "sha256:87de598edfa2230ff274c4de7fcf24c73ffd96208c8e1912d5d0fee459767d75", - "sha256:8f806bfd0f218477d7c46a11d3e52dc7f5fdfaa981b18202b7dc84bbc287463b", - "sha256:90053234a6479738fd40d155268af631c7fca33365f964f2208867da1349294b", - "sha256:a00dce2d96587651ef4fa192c17e039e8cfab63087c67e7d263a5533c7dad715", - "sha256:a08cd07d3c3c17cd33d9e66ea9dee8f8fc1c48e2d11bd88fd2dc515a602c709b", - "sha256:a19d39b02a24d3082856a5b06490b714a9d4179321225bbf22809ff1e1887cc8", - "sha256:d00a669e4a5bec3ee6dbeeeedd82a405ced19f8aeefb109a012ea88a45afff96", - "sha256:dab0c685f21f4a6c95bfc2afd1e7eae0033b403dd3d8c1b6d13a652ada75b348", - "sha256:df561f65049ed3556e5b52541669310e88713fdae2934845ec3606f283337958", - "sha256:e4570d16f88c7f3032ed909dc9e905a17da14a1c4cfd92608e3fda4cb1208bbd", - "sha256:e77e4b983e2441aff0c0d07ee711110c106b625f440292dfe02a2f60c8218bd6", - "sha256:e79212d09fc0e224d20b43ad44bb0a0a3416d1e04cf6b45fed265114a5d43d20", - "sha256:f58b5ba13a5689ca8317b98439fccfbcc673acaaf8241c1869ceea40f5d585bf", - "sha256:fef86115fdad7ae774720d7103aa776144cf9b66673b4afa9bcaa7af990ed07b" - ], - "version": "==2.0.0" - }, "maxminddb": { "hashes": [ "sha256:47e86a084dd814fac88c99ea34ba3278a74bc9de5a25f4b815b608798747c7dc" ], + "markers": "python_version >= '3.6'", "version": "==2.0.3" }, "msgpack": { @@ -769,6 +724,7 @@ "sha256:f21756997ad8ef815d8ef3d34edd98804ab5ea337feedcd62fb52d22bf531281", "sha256:fc13a9524bc18b6fb6e0dbec3533ba0496bbed167c56d0aabefd965584557d80" ], + "markers": "python_version >= '3.6'", "version": "==5.1.0" }, "oauthlib": { @@ -776,6 +732,7 @@ "sha256:bee41cc35fcca6e988463cacc3bcb8a96224f470ca547e697b604cc697b2f889", "sha256:df884cd6cbe20e32633f1db1072e9356f53638e4361bef4e8b03c9127c9328ea" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==3.1.0" }, "packaging": { @@ -791,6 +748,7 @@ "sha256:030e4f9df5f53db2292eec37c6255957eb76168c6f974e4176c711cf91ed34aa", "sha256:b6c5a9643e3545bcbfd9451766cbaa5d9c67e7303c7bc32c750b6fa70ecb107d" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==0.10.1" }, "prompt-toolkit": { @@ -798,6 +756,7 @@ "sha256:bf00f22079f5fadc949f42ae8ff7f05702826a97059ffcc6281036ad40ac6f04", "sha256:e1b4f11b9336a28fa11810bc623c357420f69dfdb6d2dac41ca2c21a55c033bc" ], + "markers": "python_full_version >= '3.6.1'", "version": "==3.0.18" }, "psycopg2-binary": { @@ -843,15 +802,37 @@ }, "pyasn1": { "hashes": [ + "sha256:7ab8a544af125fb704feadb008c99a88805126fb525280b2270bb25cc1d78a12", + "sha256:03840c999ba71680a131cfaee6fab142e1ed9bbd9c693e285cc6aca0d555e576", + "sha256:014c0e9976956a08139dc0712ae195324a75e142284d5f87f1a87ee1b068a359", + "sha256:08c3c53b75eaa48d71cf8c710312316392ed40899cb34710d092e96745a358b7", + "sha256:6e7545f1a61025a4e58bb336952c5061697da694db1cae97b116e9c46abcf7c8", + "sha256:5c9414dcfede6e441f7e8f81b43b34e834731003427e5b09e4e00e3172a10f00", + "sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba", + "sha256:0458773cfe65b153891ac249bcf1b5f8f320b7c2ce462151f8fa74de8934becf", + "sha256:fec3e9d8e36808a28efb59b489e4528c10ad0f480e57dcc32b4de5c9d8c9fdf3", + "sha256:78fa6da68ed2727915c4767bb386ab32cdba863caa7dbe473eaae45f9959da86", "sha256:39c7e2ec30515947ff4e87fb6f456dfc6e84857d34be479c9d4a4ba4bf46aa5d", - "sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba" + "sha256:99fcc3c8d804d1bc6d9a099921e39d827026409a58f2a720dcdb89374ea0c776", + "sha256:e89bf84b5437b532b0803ba5c9a5e054d21fec423a89952a74f87fa2c9b7bce2" ], "version": "==0.4.8" }, "pyasn1-modules": { "hashes": [ + "sha256:426edb7a5e8879f1ec54a1864f16b882c2837bfd06eee62f2c982315ee2473ed", + "sha256:c29a5e5cc7a3f05926aff34e097e84f8589cd790ce0ed41b67aed6857b26aafd", + "sha256:65cebbaffc913f4fe9e4808735c95ea22d7a7775646ab690518c056784bc21b4", + "sha256:cbac4bc38d117f2a49aeedec4407d23e8866ea4ac27ff2cf7fb3e5b570df19e0", + "sha256:b80486a6c77252ea3a3e9b1e360bc9cf28eaac41263d173c032581ad2f20fe45", + "sha256:a99324196732f53093a84c4369c996713eb8c89d360a496b599fb1a9c47fc3eb", + "sha256:0fe1b68d1e486a1ed5473f1302bd991c1611d319bba158e98b106ff86e1d7199", + "sha256:a50b808ffeb97cb3601dd25981f6b016cbb3d31fbf57a8b8a87428e6158d0c74", + "sha256:15b7c67fabc7fc240d87fb9aabf999cf82311a6d6fb2c70d00d3d0604878c811", + "sha256:f39edd8c4ecaa4556e989147ebf219227e2cd2e8a43c7e7fcb1f1c18c5fd6a3d", "sha256:905f84c712230b2c592c19470d3ca8d552de726050d1d1716282a1f6146be65e", - "sha256:a50b808ffeb97cb3601dd25981f6b016cbb3d31fbf57a8b8a87428e6158d0c74" + "sha256:0845a5582f6a02bb3e1bde9ecfc4bfcae6ec3210dd270522fee602365430c3f8", + "sha256:fe0644d9ab041506b62782e92b06b8c68cca799e1a9636ec398675459e031405" ], "version": "==0.2.8" }, @@ -860,6 +841,7 @@ "sha256:2d475327684562c3a96cc71adf7dc8c4f0565175cf86b6d7a404ff4c771f15f0", "sha256:7582ad22678f0fcd81102833f60ef8d0e57288b6b5fb00323d101be910e35705" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==2.20" }, "pycryptodome": { @@ -903,6 +885,7 @@ "sha256:412e00137858f04bde0729913874a48485665f2d36fe9ee449f26be864af9316", "sha256:7ead136e03655af85069b6f47b23eb7c3e5c221aa9f022a4fbb499f5b7308f29" ], + "markers": "python_version >= '3.5'", "version": "==2.0.2" }, "pyjwt": { @@ -925,12 +908,14 @@ "sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1", "sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b" ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==2.4.7" }, "pyrsistent": { "hashes": [ "sha256:2e636185d9eb976a18a8a8e96efce62f2905fea90041958d8cc2a189756ebf3e" ], + "markers": "python_version >= '3.5'", "version": "==0.17.3" }, "python-dateutil": { @@ -938,6 +923,7 @@ "sha256:73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c", "sha256:75bb3f31ea686f1197762692a9ee6a7550b59fc6ca3a1f4b5d7e32fb98e2da2a" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==2.8.1" }, "python-dotenv": { @@ -994,6 +980,7 @@ "sha256:0e7e0cfca8660dea8b7d5cd8c4f6c5e29e11f31158c0b0ae91a397f00e5a05a2", "sha256:432b788c4530cfe16d8d943a09d40ca6c16149727e4afe8c2c9d5580c59d9f24" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==3.5.3" }, "requests": { @@ -1001,10 +988,12 @@ "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804", "sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==2.25.1" }, "requests-oauthlib": { "hashes": [ + "sha256:fa6c47b933f01060936d87ae9327fead68768b69c6c9ea2109c48be30f2d4dbc", "sha256:7f71572defaecd16372f9006f33c2ec8c077c3cfa6f5911a9a90202beb513f3d", "sha256:b4261601a71fd721a8bd6d7aa1cc1d6a8a93b4a9f5e96626f8e4d91e8beeaa6a" ], @@ -1019,50 +1008,6 @@ "markers": "python_version >= '3.6'", "version": "==4.7.2" }, - "ruamel.yaml": { - "hashes": [ - "sha256:44bc6b54fddd45e4bc0619059196679f9e8b79c027f4131bb072e6a22f4d5e28", - "sha256:ac79fb25f5476e8e9ed1c53b8a2286d2c3f5dde49eb37dbcee5c7eb6a8415a22" - ], - "version": "==0.17.4" - }, - "ruamel.yaml.clib": { - "hashes": [ - "sha256:058a1cc3df2a8aecc12f983a48bda99315cebf55a3b3a5463e37bb599b05727b", - "sha256:1236df55e0f73cd138c0eca074ee086136c3f16a97c2ac719032c050f7e0622f", - "sha256:1f8c0a4577c0e6c99d208de5c4d3fd8aceed9574bb154d7a2b21c16bb924154c", - "sha256:2602e91bd5c1b874d6f93d3086f9830f3e907c543c7672cf293a97c3fabdcd91", - "sha256:28116f204103cb3a108dfd37668f20abe6e3cafd0d3fd40dba126c732457b3cc", - "sha256:2d24bd98af676f4990c4d715bcdc2a60b19c56a3fb3a763164d2d8ca0e806ba7", - "sha256:2fd336a5c6415c82e2deb40d08c222087febe0aebe520f4d21910629018ab0f3", - "sha256:30dca9bbcbb1cc858717438218d11eafb78666759e5094dd767468c0d577a7e7", - "sha256:44c7b0498c39f27795224438f1a6be6c5352f82cb887bc33d962c3a3acc00df6", - "sha256:464e66a04e740d754170be5e740657a3b3b6d2bcc567f0c3437879a6e6087ff6", - "sha256:46d6d20815064e8bb023ea8628cfb7402c0f0e83de2c2227a88097e239a7dffd", - "sha256:4df5019e7783d14b79217ad9c56edf1ba7485d614ad5a385d1b3c768635c81c0", - "sha256:4e52c96ca66de04be42ea2278012a2342d89f5e82b4512fb6fb7134e377e2e62", - "sha256:5254af7d8bdf4d5484c089f929cb7f5bafa59b4f01d4f48adda4be41e6d29f99", - "sha256:52ae5739e4b5d6317b52f5b040b1b6639e8af68a5b8fd606a8b08658fbd0cab5", - "sha256:53b9dd1abd70e257a6e32f934ebc482dac5edb8c93e23deb663eac724c30b026", - "sha256:6c0a5dc52fc74eb87c67374a4e554d4761fd42a4d01390b7e868b30d21f4b8bb", - "sha256:73b3d43e04cc4b228fa6fa5d796409ece6fcb53a6c270eb2048109cbcbc3b9c2", - "sha256:74161d827407f4db9072011adcfb825b5258a5ccb3d2cd518dd6c9edea9e30f1", - "sha256:75f0ee6839532e52a3a53f80ce64925ed4aed697dd3fa890c4c918f3304bd4f4", - "sha256:839dd72545ef7ba78fd2aa1a5dd07b33696adf3e68fae7f31327161c1093001b", - "sha256:8be05be57dc5c7b4a0b24edcaa2f7275866d9c907725226cdde46da09367d923", - "sha256:8e8fd0a22c9d92af3a34f91e8a2594eeb35cba90ab643c5e0e643567dc8be43e", - "sha256:a873e4d4954f865dcb60bdc4914af7eaae48fb56b60ed6daa1d6251c72f5337c", - "sha256:ab845f1f51f7eb750a78937be9f79baea4a42c7960f5a94dde34e69f3cce1988", - "sha256:b1e981fe1aff1fd11627f531524826a4dcc1f26c726235a52fcb62ded27d150f", - "sha256:b4b0d31f2052b3f9f9b5327024dc629a253a83d8649d4734ca7f35b60ec3e9e5", - "sha256:c6ac7e45367b1317e56f1461719c853fd6825226f45b835df7436bb04031fd8a", - "sha256:daf21aa33ee9b351f66deed30a3d450ab55c14242cfdfcd377798e2c0d25c9f1", - "sha256:e9f7d1d8c26a6a12c23421061f9022bb62704e38211fe375c645485f38df34a2", - "sha256:f6061a31880c1ed6b6ce341215336e2f3d0c1deccd84957b6fa8ca474b41e89f" - ], - "markers": "platform_python_implementation == 'CPython' and python_version < '3.10'", - "version": "==0.2.2" - }, "s3transfer": { "hashes": [ "sha256:9b3752887a2880690ce628bc263d6d13a3864083aeacff4890c1c9839a5eb0bc", @@ -1091,6 +1036,7 @@ "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926", "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==1.16.0" }, "sqlparse": { @@ -1098,6 +1044,7 @@ "sha256:017cde379adbd6a1f15a61873f43e8274179378e95ef3fede90b5aa64d304ed0", "sha256:0f91fd2e829c44362cbcfab3e9ae12e22badaa8a29ad5ff599f9ec109f0454e8" ], + "markers": "python_version >= '3.5'", "version": "==0.4.1" }, "structlog": { @@ -1153,6 +1100,7 @@ "sha256:7d6f89745680233f1c4db9ddb748df5e88d2a7a37962be174c0fd04c8dba1dc8", "sha256:c16b55f9a67b2419cfdf8846576e2ec9ba94fe6978a83080c352a80db31c93fb" ], + "markers": "python_version >= '3.6'", "version": "==21.2.1" }, "typing-extensions": { @@ -1168,6 +1116,7 @@ "sha256:07620c3f3f8eed1f12600845892b0e036a2420acf513c53f7de0abd911a5894f", "sha256:5af8ad10cec94f215e3f48112de2022e1d5a37ed427fbd88652fa908f2ab7cae" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==3.0.1" }, "urllib3": { @@ -1212,6 +1161,7 @@ "sha256:4c9dceab6f76ed92105027c49c823800dd33cacce13bdedc5b914e3514b7fb30", "sha256:7d3b1624a953da82ef63462013bbd271d3eb75751489f9807598e8f340bd637e" ], + "markers": "python_version >= '3.6'", "version": "==5.0.0" }, "watchgod": { @@ -1241,6 +1191,7 @@ "sha256:2e50d26ca593f70aba7b13a489435ef88b8fc3b5c5643c1ce8808ff9b40f0b32", "sha256:d376bd60eace9d437ab6d7ee16f4ab4e821c9dae591e1b783c58ebd8aaf80c5c" ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==0.59.0" }, "websockets": { @@ -1327,6 +1278,7 @@ "sha256:f0b059678fd549c66b89bed03efcabb009075bd131c248ecdf087bdb6faba24a", "sha256:fcbb48a93e8699eae920f8d92f7160c03567b421bc17362a9ffbbd706a816f71" ], + "markers": "python_version >= '3.6'", "version": "==1.6.3" }, "zope.interface": { @@ -1383,6 +1335,7 @@ "sha256:f44e517131a98f7a76696a7b21b164bcb85291cee106a23beccce454e1f433a4", "sha256:f7ee479e96f7ee350db1cf24afa5685a5899e2b34992fb99e1f7c1b0b758d263" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==5.4.0" } }, @@ -1399,6 +1352,7 @@ "sha256:4db03ab5fc3340cf619dbc25e42c2cc3755154ce6009469766d7143d1fc2ee4e", "sha256:8a398dfce302c13f14bab13e2b14fe385d32b73f4e4853b9bdfb64598baa1975" ], + "markers": "python_version ~= '3.6'", "version": "==2.5.6" }, "attrs": { @@ -1406,6 +1360,7 @@ "sha256:149e90d6d8ac20db7a955ad60cf0e6881a3f20d37096140088356da6c716b0b1", "sha256:ef6aaac3ca6cd92904cdd0d83f629a15f18053ec84e6432106f7a4d04ae4f5fb" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==21.2.0" }, "bandit": { @@ -1444,6 +1399,7 @@ "sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa", "sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==4.0.0" }, "click": { @@ -1451,6 +1407,7 @@ "sha256:d2b5255c7c6349bc1bd1e59e08cd12acbbd63ce649f2588755783aa94dfb6b1a", "sha256:dacca89f4bfadd5de3d7489b7c8a566eee0d3676333fbb50030263894c38c0dc" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==7.1.2" }, "colorama": { @@ -1524,6 +1481,7 @@ "sha256:6c4cc71933456991da20917998acbe6cf4fb41eeaab7d6d67fbc05ecd4c865b0", "sha256:96bf5c08b157a666fec41129e6d327235284cca4c81e92109260f353ba138005" ], + "markers": "python_version >= '3.4'", "version": "==4.0.7" }, "gitpython": { @@ -1531,6 +1489,7 @@ "sha256:29fe82050709760081f588dd50ce83504feddbebdc4da6956d02351552b1c135", "sha256:ee24bdc93dce357630764db659edaf6b8d664d4ff5447ccfeedd2dc5c253f41e" ], + "markers": "python_version >= '3.5'", "version": "==3.1.17" }, "idna": { @@ -1552,6 +1511,7 @@ "sha256:0a943902919f65c5684ac4e0154b1ad4fac6dcaa5d9f3426b732f1c8b5419be6", "sha256:2bb1680aad211e3c9944dbce1d4ba09a989f04e238296c87fe2139faa26d655d" ], + "markers": "python_version >= '3.6' and python_version < '4.0'", "version": "==5.8.0" }, "lazy-object-proxy": { @@ -1579,6 +1539,7 @@ "sha256:ed361bb83436f117f9917d282a456f9e5009ea12fd6de8742d1a4752c3017e93", "sha256:f5144c75445ae3ca2057faac03fda5a902eff196702b0a24daf1d6ce0650514b" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", "version": "==1.6.0" }, "mccabe": { @@ -1615,6 +1576,7 @@ "sha256:42df03e7797b796625b1029c0400279c7c34fd7df24a7d7818a1abb5b38710dd", "sha256:c68c661ac5cc81058ac94247278eeda6d2e6aecb3e227b0387c30d277e7ef8d4" ], + "markers": "python_version >= '2.6'", "version": "==5.6.0" }, "pluggy": { @@ -1622,6 +1584,7 @@ "sha256:15b2acde666561e1298d71b523007ed7364de07029219b604cf808bfa1c765b0", "sha256:966c145cd83c96502c3c3868f50408687b38434af77734af1e9ca461a4081d2d" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==0.13.1" }, "py": { @@ -1629,6 +1592,7 @@ "sha256:21b81bda15b66ef5e1a777a21c4dcd9c20ad3efd0b3f817e7a809035269e1bd3", "sha256:3b80836aa6d1feeaa108e046da6423ab8f6ceda6468545ae8d02d9d58d18818a" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==1.10.0" }, "pylint": { @@ -1659,6 +1623,7 @@ "sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1", "sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b" ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==2.4.7" }, "pytest": { @@ -1763,6 +1728,7 @@ "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804", "sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==2.25.1" }, "requests-mock": { @@ -1786,6 +1752,7 @@ "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926", "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254" ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==1.16.0" }, "smmap": { @@ -1793,6 +1760,7 @@ "sha256:7e65386bd122d45405ddf795637b7f7d2b532e7e401d46bbe3fb49b9986d5182", "sha256:a9a7479e4c572e2e775c404dcd3080c8dc49f39918c2cf74913d30c4c478e3c2" ], + "markers": "python_version >= '3.5'", "version": "==4.0.0" }, "stevedore": { @@ -1800,6 +1768,7 @@ "sha256:3a5bbd0652bf552748871eaa73a4a8dc2899786bc497a2aa1fcb4dcdb0debeee", "sha256:50d7b78fbaf0d04cd62411188fa7eedcb03eb7f4c4b37005615ceebe582aa82a" ], + "markers": "python_version >= '3.6'", "version": "==3.3.0" }, "toml": { @@ -1807,6 +1776,7 @@ "sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b", "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f" ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==0.10.2" }, "urllib3": { diff --git a/authentik/admin/api/meta.py b/authentik/admin/api/meta.py index 485a3e2666..36c3edab18 100644 --- a/authentik/admin/api/meta.py +++ b/authentik/admin/api/meta.py @@ -1,5 +1,5 @@ """Meta API""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.fields import CharField from rest_framework.permissions import IsAdminUser from rest_framework.request import Request @@ -22,7 +22,7 @@ class AppsViewSet(ViewSet): permission_classes = [IsAdminUser] - @swagger_auto_schema(responses={200: AppSerializer(many=True)}) + @extend_schema(responses={200: AppSerializer(many=True)}) def list(self, request: Request) -> Response: """List current messages and pass into Serializer""" data = [] diff --git a/authentik/admin/api/metrics.py b/authentik/admin/api/metrics.py index d9d6b2dc4f..88b5b007ce 100644 --- a/authentik/admin/api/metrics.py +++ b/authentik/admin/api/metrics.py @@ -7,12 +7,12 @@ from django.db.models import Count, ExpressionWrapper, F from django.db.models.fields import DurationField from django.db.models.functions import ExtractHour from django.utils.timezone import now -from drf_yasg.utils import swagger_auto_schema, swagger_serializer_method +from drf_spectacular.utils import extend_schema, extend_schema_field from rest_framework.fields import IntegerField, SerializerMethodField from rest_framework.permissions import IsAdminUser from rest_framework.request import Request from rest_framework.response import Response -from rest_framework.viewsets import ViewSet +from rest_framework.views import APIView from authentik.core.api.utils import PassiveSerializer from authentik.events.models import Event, EventAction @@ -58,24 +58,24 @@ class LoginMetricsSerializer(PassiveSerializer): logins_per_1h = SerializerMethodField() logins_failed_per_1h = SerializerMethodField() - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_per_1h(self, _): """Get successful logins per hour for the last 24 hours""" return get_events_per_1h(action=EventAction.LOGIN) - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_failed_per_1h(self, _): """Get failed logins per hour for the last 24 hours""" return get_events_per_1h(action=EventAction.LOGIN_FAILED) -class AdministrationMetricsViewSet(ViewSet): +class AdministrationMetricsViewSet(APIView): """Login Metrics per 1h""" permission_classes = [IsAdminUser] - @swagger_auto_schema(responses={200: LoginMetricsSerializer(many=False)}) - def list(self, request: Request) -> Response: + @extend_schema(responses={200: LoginMetricsSerializer(many=False)}) + def get(self, request: Request) -> Response: """Login Metrics per 1h""" serializer = LoginMetricsSerializer(True) return Response(serializer.data) diff --git a/authentik/admin/api/tasks.py b/authentik/admin/api/tasks.py index bec34cdd1a..cfce015ee9 100644 --- a/authentik/admin/api/tasks.py +++ b/authentik/admin/api/tasks.py @@ -4,7 +4,8 @@ from importlib import import_module from django.contrib import messages from django.http.response import Http404 from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, ChoiceField, DateTimeField, ListField from rest_framework.permissions import IsAdminUser @@ -34,9 +35,13 @@ class TaskViewSet(ViewSet): """Read-only view set that returns all background tasks""" permission_classes = [IsAdminUser] + serializer_class = TaskSerializer - @swagger_auto_schema( - responses={200: TaskSerializer(many=False), 404: "Task not found"} + @extend_schema( + responses={ + 200: TaskSerializer(many=False), + 404: OpenApiResponse(description="Task not found"), + } ) # pylint: disable=invalid-name def retrieve(self, request: Request, pk=None) -> Response: @@ -46,18 +51,19 @@ class TaskViewSet(ViewSet): raise Http404 return Response(TaskSerializer(task, many=False).data) - @swagger_auto_schema(responses={200: TaskSerializer(many=True)}) + @extend_schema(responses={200: TaskSerializer(many=True)}) def list(self, request: Request) -> Response: """List system tasks""" tasks = sorted(TaskInfo.all().values(), key=lambda task: task.task_name) return Response(TaskSerializer(tasks, many=True).data) - @swagger_auto_schema( + @extend_schema( + request=OpenApiTypes.NONE, responses={ - 204: "Task retried successfully", - 404: "Task not found", - 500: "Failed to retry task", - } + 204: OpenApiResponse(description="Task retried successfully"), + 404: OpenApiResponse(description="Task not found"), + 500: OpenApiResponse(description="Failed to retry task"), + }, ) @action(detail=True, methods=["post"]) # pylint: disable=invalid-name diff --git a/authentik/admin/api/version.py b/authentik/admin/api/version.py index 0397cc8975..49b07f9bed 100644 --- a/authentik/admin/api/version.py +++ b/authentik/admin/api/version.py @@ -2,14 +2,13 @@ from os import environ from django.core.cache import cache -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from packaging.version import parse from rest_framework.fields import SerializerMethodField -from rest_framework.mixins import ListModelMixin from rest_framework.permissions import IsAuthenticated from rest_framework.request import Request from rest_framework.response import Response -from rest_framework.viewsets import GenericViewSet +from rest_framework.views import APIView from authentik import ENV_GIT_HASH_KEY, __version__ from authentik.admin.tasks import VERSION_CACHE_KEY, update_latest_version @@ -47,17 +46,14 @@ class VersionSerializer(PassiveSerializer): ) -class VersionViewSet(ListModelMixin, GenericViewSet): +class VersionView(APIView): """Get running and latest version.""" permission_classes = [IsAuthenticated] pagination_class = None filter_backends = [] - def get_queryset(self): # pragma: no cover - return None - - @swagger_auto_schema(responses={200: VersionSerializer(many=False)}) - def list(self, request: Request) -> Response: + @extend_schema(responses={200: VersionSerializer(many=False)}) + def get(self, request: Request) -> Response: """Get running and latest version.""" return Response(VersionSerializer(True).data) diff --git a/authentik/admin/api/workers.py b/authentik/admin/api/workers.py index 6b400b44da..4433fecd9a 100644 --- a/authentik/admin/api/workers.py +++ b/authentik/admin/api/workers.py @@ -1,25 +1,22 @@ """authentik administration overview""" -from rest_framework.mixins import ListModelMixin +from drf_spectacular.utils import extend_schema, inline_serializer +from rest_framework.fields import IntegerField from rest_framework.permissions import IsAdminUser from rest_framework.request import Request from rest_framework.response import Response -from rest_framework.serializers import Serializer -from rest_framework.viewsets import GenericViewSet +from rest_framework.views import APIView from authentik.root.celery import CELERY_APP -class WorkerViewSet(ListModelMixin, GenericViewSet): +class WorkerView(APIView): """Get currently connected worker count.""" - serializer_class = Serializer permission_classes = [IsAdminUser] - def get_queryset(self): # pragma: no cover - return None - - def list(self, request: Request) -> Response: + @extend_schema( + responses=inline_serializer("Workers", fields={"count": IntegerField()}) + ) + def get(self, request: Request) -> Response: """Get currently connected worker count.""" - return Response( - {"pagination": {"count": len(CELERY_APP.control.ping(timeout=0.5))}} - ) + return Response({"count": len(CELERY_APP.control.ping(timeout=0.5))}) diff --git a/authentik/admin/tests/test_api.py b/authentik/admin/tests/test_api.py index 92fbd9b83c..75e1dac2bf 100644 --- a/authentik/admin/tests/test_api.py +++ b/authentik/admin/tests/test_api.py @@ -74,21 +74,21 @@ class TestAdminAPI(TestCase): def test_version(self): """Test Version API""" - response = self.client.get(reverse("authentik_api:admin_version-list")) + response = self.client.get(reverse("authentik_api:admin_version")) self.assertEqual(response.status_code, 200) body = loads(response.content) self.assertEqual(body["version_current"], __version__) def test_workers(self): """Test Workers API""" - response = self.client.get(reverse("authentik_api:admin_workers-list")) + response = self.client.get(reverse("authentik_api:admin_workers")) self.assertEqual(response.status_code, 200) body = loads(response.content) - self.assertEqual(body["pagination"]["count"], 0) + self.assertEqual(body["count"], 0) def test_metrics(self): """Test metrics API""" - response = self.client.get(reverse("authentik_api:admin_metrics-list")) + response = self.client.get(reverse("authentik_api:admin_metrics")) self.assertEqual(response.status_code, 200) def test_apps(self): diff --git a/authentik/api/auth.py b/authentik/api/auth.py index 97f821b56a..412b69d5e4 100644 --- a/authentik/api/auth.py +++ b/authentik/api/auth.py @@ -3,6 +3,7 @@ from base64 import b64decode from binascii import Error from typing import Any, Optional, Union +from drf_spectacular.authentication import OpenApiAuthenticationExtension from rest_framework.authentication import BaseAuthentication, get_authorization_header from rest_framework.exceptions import AuthenticationFailed from rest_framework.request import Request @@ -55,3 +56,18 @@ class AuthentikTokenAuthentication(BaseAuthentication): return None return (token.user, None) # pragma: no cover + + +class TokenSchema(OpenApiAuthenticationExtension): + """Auth schema""" + + target_class = AuthentikTokenAuthentication + name = "authentik" + + def get_security_definition(self, auto_schema): + """Auth schema""" + return { + "type": "apiKey", + "in": "header", + "name": "Authorization", + } diff --git a/authentik/api/pagination.py b/authentik/api/pagination.py index 04bfefd1e6..fab9c625c7 100644 --- a/authentik/api/pagination.py +++ b/authentik/api/pagination.py @@ -30,3 +30,47 @@ class Pagination(pagination.PageNumberPagination): "results": data, } ) + + def get_paginated_response_schema(self, schema): + return { + "type": "object", + "properties": { + "pagination": { + "type": "object", + "properties": { + "next": { + "type": "number", + }, + "previous": { + "type": "number", + }, + "count": { + "type": "number", + }, + "current": { + "type": "number", + }, + "total_pages": { + "type": "number", + }, + "start_index": { + "type": "number", + }, + "end_index": { + "type": "number", + }, + }, + "required": [ + "next", + "previous", + "count", + "current", + "total_pages", + "start_index", + "end_index", + ], + }, + "results": schema, + }, + "required": ["pagination", "results"], + } diff --git a/authentik/api/pagination_schema.py b/authentik/api/pagination_schema.py deleted file mode 100644 index 3d4f86c61d..0000000000 --- a/authentik/api/pagination_schema.py +++ /dev/null @@ -1,97 +0,0 @@ -"""Swagger Pagination Schema class""" -from typing import OrderedDict - -from drf_yasg import openapi -from drf_yasg.inspectors import PaginatorInspector - - -class PaginationInspector(PaginatorInspector): - """Swagger Pagination Schema class""" - - def get_paginated_response(self, paginator, response_schema): - """ - :param BasePagination paginator: the paginator - :param openapi.Schema response_schema: the response schema that must be paged. - :rtype: openapi.Schema - """ - - return openapi.Schema( - type=openapi.TYPE_OBJECT, - properties=OrderedDict( - ( - ( - "pagination", - openapi.Schema( - type=openapi.TYPE_OBJECT, - properties=OrderedDict( - ( - ("next", openapi.Schema(type=openapi.TYPE_NUMBER)), - ( - "previous", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ("count", openapi.Schema(type=openapi.TYPE_NUMBER)), - ( - "current", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ( - "total_pages", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ( - "start_index", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ( - "end_index", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ) - ), - required=[ - "next", - "previous", - "count", - "current", - "total_pages", - "start_index", - "end_index", - ], - ), - ), - ("results", response_schema), - ) - ), - required=["results", "pagination"], - ) - - def get_paginator_parameters(self, paginator): - """ - Get the pagination parameters for a single paginator **instance**. - - Should return :data:`.NotHandled` if this inspector - does not know how to handle the given `paginator`. - - :param BasePagination paginator: the paginator - :rtype: list[openapi.Parameter] - """ - - return [ - openapi.Parameter( - "page", - openapi.IN_QUERY, - "Page Index", - False, - None, - openapi.TYPE_INTEGER, - ), - openapi.Parameter( - "page_size", - openapi.IN_QUERY, - "Page Size", - False, - None, - openapi.TYPE_INTEGER, - ), - ] diff --git a/authentik/api/schema.py b/authentik/api/schema.py index f60b333b81..4548a80f01 100644 --- a/authentik/api/schema.py +++ b/authentik/api/schema.py @@ -1,102 +1,70 @@ """Error Response schema, from https://github.com/axnsan12/drf-yasg/issues/224""" -from drf_yasg import openapi -from drf_yasg.inspectors.view import SwaggerAutoSchema -from drf_yasg.utils import force_real_str, is_list_view -from rest_framework import exceptions, status -from rest_framework.settings import api_settings +from django.utils.translation import gettext_lazy as _ +from drf_spectacular.plumbing import ( + ResolvedComponent, + build_array_type, + build_basic_type, + build_object_type, +) +from drf_spectacular.settings import spectacular_settings +from drf_spectacular.types import OpenApiTypes -class ErrorResponseAutoSchema(SwaggerAutoSchema): - """Inspector which includes an error schema""" +def build_standard_type(obj, **kwargs): + """Build a basic type with optional add ons.""" + schema = build_basic_type(obj) + schema.update(kwargs) + return schema - def get_generic_error_schema(self): - """Get a generic error schema""" - return openapi.Schema( - "Generic API Error", - type=openapi.TYPE_OBJECT, - properties={ - "detail": openapi.Schema( - type=openapi.TYPE_STRING, description="Error details" - ), - "code": openapi.Schema( - type=openapi.TYPE_STRING, description="Error code" - ), - }, - required=["detail"], + +GENERIC_ERROR = build_object_type( + description=_("Generic API Error"), + properties={ + "detail": build_standard_type(OpenApiTypes.STR), + "code": build_standard_type(OpenApiTypes.STR), + }, + required=["detail"], +) +VALIDATION_ERROR = build_object_type( + description=_("Validation Error"), + properties={ + "non_field_errors": build_array_type(build_standard_type(OpenApiTypes.STR)), + "code": build_standard_type(OpenApiTypes.STR), + }, + required=["detail"], + additionalProperties={}, +) + + +def postprocess_schema_responses(result, generator, **kwargs): # noqa: W0613 + """Workaround to set a default response for endpoints. + Workaround suggested at + + for the missing drf-spectacular feature discussed in + . + """ + + def create_component(name, schema, type_=ResolvedComponent.SCHEMA): + """Register a component and return a reference to it.""" + component = ResolvedComponent( + name=name, + type=type_, + schema=schema, + object=name, ) + generator.registry.register_on_missing(component) + return component - def get_validation_error_schema(self): - """Get a generic validation error schema""" - return openapi.Schema( - "Validation Error", - type=openapi.TYPE_OBJECT, - properties={ - api_settings.NON_FIELD_ERRORS_KEY: openapi.Schema( - description="List of validation errors not related to any field", - type=openapi.TYPE_ARRAY, - items=openapi.Schema(type=openapi.TYPE_STRING), - ), - }, - additional_properties=openapi.Schema( - description=( - "A list of error messages for each " - "field that triggered a validation error" - ), - type=openapi.TYPE_ARRAY, - items=openapi.Schema(type=openapi.TYPE_STRING), - ), - ) + generic_error = create_component("GenericError", GENERIC_ERROR) + validation_error = create_component("ValidationError", VALIDATION_ERROR) - def get_response_serializers(self): - responses = super().get_response_serializers() - definitions = self.components.with_scope( - openapi.SCHEMA_DEFINITIONS - ) # type: openapi.ReferenceResolver + for path in result["paths"].values(): + for method in path.values(): + method["responses"].setdefault("400", validation_error.ref) + method["responses"].setdefault("403", generic_error.ref) - definitions.setdefault("GenericError", self.get_generic_error_schema) - definitions.setdefault("ValidationError", self.get_validation_error_schema) - definitions.setdefault("APIException", self.get_generic_error_schema) + result["components"] = generator.registry.build( + spectacular_settings.APPEND_COMPONENTS + ) - if self.get_request_serializer() or self.get_query_serializer(): - responses.setdefault( - exceptions.ValidationError.status_code, - openapi.Response( - description=force_real_str( - exceptions.ValidationError.default_detail - ), - schema=openapi.SchemaRef(definitions, "ValidationError"), - ), - ) - - security = self.get_security() - if security is None or len(security) > 0: - # Note: 401 error codes are coerced into 403 see - # rest_framework/views.py:433:handle_exception - # This is b/c the API uses token auth which doesn't have WWW-Authenticate header - responses.setdefault( - status.HTTP_403_FORBIDDEN, - openapi.Response( - description="Authentication credentials were invalid, absent or insufficient.", - schema=openapi.SchemaRef(definitions, "GenericError"), - ), - ) - if not is_list_view(self.path, self.method, self.view): - responses.setdefault( - exceptions.PermissionDenied.status_code, - openapi.Response( - description="Permission denied.", - schema=openapi.SchemaRef(definitions, "APIException"), - ), - ) - responses.setdefault( - exceptions.NotFound.status_code, - openapi.Response( - description=( - "Object does not exist or caller " - "has insufficient permissions to access it." - ), - schema=openapi.SchemaRef(definitions, "APIException"), - ), - ) - - return responses + return result diff --git a/authentik/api/templates/api/swagger.html b/authentik/api/templates/api/browser.html similarity index 100% rename from authentik/api/templates/api/swagger.html rename to authentik/api/templates/api/browser.html diff --git a/authentik/api/tests/test_config.py b/authentik/api/tests/test_config.py index 8e31e3ee09..6f6f60f319 100644 --- a/authentik/api/tests/test_config.py +++ b/authentik/api/tests/test_config.py @@ -11,6 +11,6 @@ class TestConfig(APITestCase): def test_config(self): """Test YAML generation""" response = self.client.get( - reverse("authentik_api:configs-list"), + reverse("authentik_api:config"), ) self.assertTrue(loads(response.content.decode())) diff --git a/authentik/api/tests/test_schema.py b/authentik/api/tests/test_schema.py new file mode 100644 index 0000000000..d86597d964 --- /dev/null +++ b/authentik/api/tests/test_schema.py @@ -0,0 +1,22 @@ +"""Schema generation tests""" +from django.urls import reverse +from rest_framework.test import APITestCase +from yaml import safe_load + + +class TestSchemaGeneration(APITestCase): + """Generic admin tests""" + + def test_schema(self): + """Test generation""" + response = self.client.get( + reverse("authentik_api:schema"), + ) + self.assertTrue(safe_load(response.content.decode())) + + def test_browser(self): + """Test API Browser""" + response = self.client.get( + reverse("authentik_api:schema-browser"), + ) + self.assertEqual(response.status_code, 200) diff --git a/authentik/api/tests/test_swagger.py b/authentik/api/tests/test_swagger.py deleted file mode 100644 index 7857248cea..0000000000 --- a/authentik/api/tests/test_swagger.py +++ /dev/null @@ -1,31 +0,0 @@ -"""Swagger generation tests""" -from json import loads - -from django.urls import reverse -from rest_framework.test import APITestCase -from yaml import safe_load - - -class TestSwaggerGeneration(APITestCase): - """Generic admin tests""" - - def test_yaml(self): - """Test YAML generation""" - response = self.client.get( - reverse("authentik_api:schema-json", kwargs={"format": ".yaml"}), - ) - self.assertTrue(safe_load(response.content.decode())) - - def test_json(self): - """Test JSON generation""" - response = self.client.get( - reverse("authentik_api:schema-json", kwargs={"format": ".json"}), - ) - self.assertTrue(loads(response.content.decode())) - - def test_browser(self): - """Test API Browser""" - response = self.client.get( - reverse("authentik_api:swagger"), - ) - self.assertEqual(response.status_code, 200) diff --git a/authentik/api/v2/config.py b/authentik/api/v2/config.py index 808d0525c0..078f0e5a33 100644 --- a/authentik/api/v2/config.py +++ b/authentik/api/v2/config.py @@ -1,10 +1,10 @@ """core Configs API""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.fields import BooleanField, CharField, ListField from rest_framework.permissions import AllowAny from rest_framework.request import Request from rest_framework.response import Response -from rest_framework.viewsets import ViewSet +from rest_framework.views import APIView from authentik.core.api.utils import PassiveSerializer from authentik.lib.config import CONFIG @@ -29,13 +29,13 @@ class ConfigSerializer(PassiveSerializer): error_reporting_send_pii = BooleanField(read_only=True) -class ConfigsViewSet(ViewSet): +class ConfigView(APIView): """Read-only view set that returns the current session's Configs""" permission_classes = [AllowAny] - @swagger_auto_schema(responses={200: ConfigSerializer(many=False)}) - def list(self, request: Request) -> Response: + @extend_schema(responses={200: ConfigSerializer(many=False)}) + def get(self, request: Request) -> Response: """Retrive public configuration options""" config = ConfigSerializer( { diff --git a/authentik/api/v2/urls.py b/authentik/api/v2/urls.py index d46be9528c..54666fe639 100644 --- a/authentik/api/v2/urls.py +++ b/authentik/api/v2/urls.py @@ -1,17 +1,15 @@ """api v2 urls""" -from django.urls import path, re_path -from drf_yasg import openapi -from drf_yasg.views import get_schema_view +from django.urls import path +from drf_spectacular.views import SpectacularAPIView from rest_framework import routers -from rest_framework.permissions import AllowAny from authentik.admin.api.meta import AppsViewSet from authentik.admin.api.metrics import AdministrationMetricsViewSet from authentik.admin.api.tasks import TaskViewSet -from authentik.admin.api.version import VersionViewSet -from authentik.admin.api.workers import WorkerViewSet -from authentik.api.v2.config import ConfigsViewSet -from authentik.api.views import SwaggerView +from authentik.admin.api.version import VersionView +from authentik.admin.api.workers import WorkerView +from authentik.api.v2.config import ConfigView +from authentik.api.views import APIBrowserView from authentik.core.api.applications import ApplicationViewSet from authentik.core.api.groups import GroupViewSet from authentik.core.api.propertymappings import PropertyMappingViewSet @@ -100,11 +98,6 @@ from authentik.stages.user_write.api import UserWriteStageViewSet router = routers.DefaultRouter() -router.register("root/config", ConfigsViewSet, basename="configs") - -router.register("admin/version", VersionViewSet, basename="admin_version") -router.register("admin/workers", WorkerViewSet, basename="admin_workers") -router.register("admin/metrics", AdministrationMetricsViewSet, basename="admin_metrics") router.register("admin/system_tasks", TaskViewSet, basename="admin_system_tasks") router.register("admin/apps", AppsViewSet, basename="apps") @@ -114,7 +107,6 @@ router.register("core/users", UserViewSet) router.register("core/user_consent", UserConsentViewSet) router.register("core/tokens", TokenViewSet) -router.register("outposts/outposts", OutpostViewSet) router.register("outposts/instances", OutpostViewSet) router.register("outposts/service_connections/all", ServiceConnectionViewSet) router.register("outposts/service_connections/docker", DockerServiceConnectionViewSet) @@ -196,32 +188,25 @@ router.register("stages/user_write", UserWriteStageViewSet) router.register("stages/dummy", DummyStageViewSet) router.register("policies/dummy", DummyPolicyViewSet) -info = openapi.Info( - title="authentik API", - default_version="v2beta", - contact=openapi.Contact(email="hello@beryju.org"), - license=openapi.License( - name="GNU GPLv3", - url="https://github.com/goauthentik/authentik/blob/master/LICENSE", - ), -) -SchemaView = get_schema_view(info, public=True, permission_classes=(AllowAny,)) - urlpatterns = ( [ - path("", SwaggerView.as_view(), name="swagger"), + path("", APIBrowserView.as_view(), name="schema-browser"), ] + router.urls + [ + path( + "admin/metrics/", + AdministrationMetricsViewSet.as_view(), + name="admin_metrics", + ), + path("admin/version/", VersionView.as_view(), name="admin_version"), + path("admin/workers/", WorkerView.as_view(), name="admin_workers"), + path("root/config/", ConfigView.as_view(), name="config"), path( "flows/executor//", FlowExecutorView.as_view(), name="flow-executor", ), - re_path( - r"^swagger(?P\.json|\.yaml)$", - SchemaView.without_ui(cache_timeout=0), - name="schema-json", - ), + path("schema/", SpectacularAPIView.as_view(), name="schema"), ] ) diff --git a/authentik/api/views.py b/authentik/api/views.py index 580050ba66..36193ed170 100644 --- a/authentik/api/views.py +++ b/authentik/api/views.py @@ -5,18 +5,15 @@ from django.urls import reverse from django.views.generic import TemplateView -class SwaggerView(TemplateView): - """Show swagger view based on rapi-doc""" +class APIBrowserView(TemplateView): + """Show browser view based on rapi-doc""" - template_name = "api/swagger.html" + template_name = "api/browser.html" def get_context_data(self, **kwargs: Any) -> dict[str, Any]: path = self.request.build_absolute_uri( reverse( - "authentik_api:schema-json", - kwargs={ - "format": ".json", - }, + "authentik_api:schema", ) ) return super().get_context_data(path=path, **kwargs) diff --git a/authentik/core/api/applications.py b/authentik/core/api/applications.py index bcbb29b8c2..189407f3ee 100644 --- a/authentik/core/api/applications.py +++ b/authentik/core/api/applications.py @@ -5,8 +5,8 @@ from django.core.cache import cache from django.db.models import QuerySet from django.http.response import HttpResponseBadRequest from django.shortcuts import get_object_or_404 -from drf_yasg import openapi -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import SerializerMethodField from rest_framework.parsers import MultiPartParser @@ -58,6 +58,9 @@ class ApplicationSerializer(ModelSerializer): "meta_publisher", "policy_engine_mode", ] + extra_kwargs = { + "meta_icon": {"read_only": True}, + } class ApplicationViewSet(ModelViewSet): @@ -92,10 +95,10 @@ class ApplicationViewSet(ModelViewSet): applications.append(application) return applications - @swagger_auto_schema( + @extend_schema( responses={ - 204: "Access granted", - 403: "Access denied", + 204: OpenApiResponse(description="Access granted"), + 403: OpenApiResponse(description="Access denied"), } ) @action(detail=True, methods=["GET"]) @@ -111,12 +114,12 @@ class ApplicationViewSet(ModelViewSet): return Response(status=204) return Response(status=403) - @swagger_auto_schema( - manual_parameters=[ - openapi.Parameter( + @extend_schema( + parameters=[ + OpenApiParameter( name="superuser_full_list", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ] ) @@ -151,17 +154,20 @@ class ApplicationViewSet(ModelViewSet): return self.get_paginated_response(serializer.data) @permission_required("authentik_core.change_application") - @swagger_auto_schema( - request_body=no_body, - manual_parameters=[ - openapi.Parameter( + @extend_schema( + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( name="file", - in_=openapi.IN_FORM, - type=openapi.TYPE_FILE, + location=OpenApiParameter.QUERY, # TODO: In Form + type=OpenApiTypes.BINARY, required=True, ) ], - responses={200: "Success", 400: "Bad request"}, + responses={ + 200: OpenApiResponse(description="Success"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action( detail=True, @@ -184,7 +190,7 @@ class ApplicationViewSet(ModelViewSet): @permission_required( "authentik_core.view_application", ["authentik_events.view_event"] ) - @swagger_auto_schema(responses={200: CoordinateSerializer(many=True)}) + @extend_schema(responses={200: CoordinateSerializer(many=True)}) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=unused-argument def metrics(self, request: Request, slug: str): diff --git a/authentik/core/api/propertymappings.py b/authentik/core/api/propertymappings.py index fc1954b49a..798a7a7226 100644 --- a/authentik/core/api/propertymappings.py +++ b/authentik/core/api/propertymappings.py @@ -1,8 +1,8 @@ """PropertyMapping API Views""" from json import dumps -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework import mixins from rest_framework.decorators import action @@ -81,7 +81,7 @@ class PropertyMappingViewSet( def get_queryset(self): return PropertyMapping.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable property-mapping types""" @@ -100,14 +100,17 @@ class PropertyMappingViewSet( return Response(TypeCreateSerializer(data, many=True).data) @permission_required("authentik_core.view_propertymapping") - @swagger_auto_schema( - request_body=PolicyTestSerializer(), - responses={200: PropertyMappingTestResultSerializer, 400: "Invalid parameters"}, - manual_parameters=[ - openapi.Parameter( + @extend_schema( + request=PolicyTestSerializer(), + responses={ + 200: PropertyMappingTestResultSerializer, + 400: OpenApiResponse(description="Invalid parameters"), + }, + parameters=[ + OpenApiParameter( name="format_result", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], ) diff --git a/authentik/core/api/providers.py b/authentik/core/api/providers.py index f4f8ec22d8..a6a7c2e886 100644 --- a/authentik/core/api/providers.py +++ b/authentik/core/api/providers.py @@ -1,6 +1,6 @@ """Provider API Views""" from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework import mixins from rest_framework.decorators import action from rest_framework.fields import ReadOnlyField @@ -22,7 +22,7 @@ class ProviderSerializer(ModelSerializer, MetaNameSerializer): component = SerializerMethodField() - def get_component(self, obj: Provider): # pragma: no cover + def get_component(self, obj: Provider) -> str: # pragma: no cover """Get object component so that we know how to edit the object""" # pyright: reportGeneralTypeIssues=false if obj.__class__ == Provider: @@ -66,7 +66,7 @@ class ProviderViewSet( def get_queryset(self): return Provider.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable provider types""" diff --git a/authentik/core/api/sources.py b/authentik/core/api/sources.py index e1da3a2fb4..def370b2aa 100644 --- a/authentik/core/api/sources.py +++ b/authentik/core/api/sources.py @@ -1,7 +1,7 @@ """Source API Views""" from typing import Iterable -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework import mixins from rest_framework.decorators import action from rest_framework.request import Request @@ -24,7 +24,7 @@ class SourceSerializer(ModelSerializer, MetaNameSerializer): component = SerializerMethodField() - def get_component(self, obj: Source): + def get_component(self, obj: Source) -> str: """Get object component so that we know how to edit the object""" # pyright: reportGeneralTypeIssues=false if obj.__class__ == Source: @@ -64,7 +64,7 @@ class SourceViewSet( def get_queryset(self): return Source.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable source types""" @@ -87,7 +87,7 @@ class SourceViewSet( ) return Response(TypeCreateSerializer(data, many=True).data) - @swagger_auto_schema(responses={200: UserSettingSerializer(many=True)}) + @extend_schema(responses={200: UserSettingSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def user_settings(self, request: Request) -> Response: """Get all sources the user can configure""" diff --git a/authentik/core/api/tokens.py b/authentik/core/api/tokens.py index db07f4c9d3..9ef14ac9b1 100644 --- a/authentik/core/api/tokens.py +++ b/authentik/core/api/tokens.py @@ -1,6 +1,6 @@ """Tokens API Viewset""" from django.http.response import Http404 -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField from rest_framework.request import Request @@ -67,10 +67,10 @@ class TokenViewSet(ModelViewSet): serializer.save(user=self.request.user, intent=TokenIntents.INTENT_API) @permission_required("authentik_core.view_token_key") - @swagger_auto_schema( + @extend_schema( responses={ 200: TokenViewSerializer(many=False), - 404: "Token not found or expired", + 404: OpenApiResponse(description="Token not found or expired"), } ) @action(detail=True, pagination_class=None, filter_backends=[]) diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py index a3f3156782..39aeb696ce 100644 --- a/authentik/core/api/users.py +++ b/authentik/core/api/users.py @@ -7,7 +7,7 @@ from django.urls import reverse_lazy from django.utils.http import urlencode from django_filters.filters import BooleanFilter, CharFilter from django_filters.filterset import FilterSet -from drf_yasg.utils import swagger_auto_schema, swagger_serializer_method +from drf_spectacular.utils import OpenApiResponse, extend_schema, extend_schema_field from guardian.utils import get_anonymous_user from rest_framework.decorators import action from rest_framework.fields import CharField, JSONField, SerializerMethodField @@ -77,13 +77,13 @@ class UserMetricsSerializer(PassiveSerializer): logins_failed_per_1h = SerializerMethodField() authorizations_per_1h = SerializerMethodField() - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_per_1h(self, _): """Get successful logins per hour for the last 24 hours""" user = self.context["user"] return get_events_per_1h(action=EventAction.LOGIN, user__pk=user.pk) - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_failed_per_1h(self, _): """Get failed logins per hour for the last 24 hours""" user = self.context["user"] @@ -91,7 +91,7 @@ class UserMetricsSerializer(PassiveSerializer): action=EventAction.LOGIN_FAILED, context__username=user.username ) - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_authorizations_per_1h(self, _): """Get failed logins per hour for the last 24 hours""" user = self.context["user"] @@ -142,7 +142,7 @@ class UserViewSet(ModelViewSet): def get_queryset(self): return User.objects.all().exclude(pk=get_anonymous_user().pk) - @swagger_auto_schema(responses={200: SessionUserSerializer(many=False)}) + @extend_schema(responses={200: SessionUserSerializer(many=False)}) @action(detail=False, pagination_class=None, filter_backends=[]) # pylint: disable=invalid-name def me(self, request: Request) -> Response: @@ -158,7 +158,7 @@ class UserViewSet(ModelViewSet): return Response(serializer.data) @permission_required("authentik_core.view_user", ["authentik_events.view_event"]) - @swagger_auto_schema(responses={200: UserMetricsSerializer(many=False)}) + @extend_schema(responses={200: UserMetricsSerializer(many=False)}) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=invalid-name, unused-argument def metrics(self, request: Request, pk: int) -> Response: @@ -169,8 +169,11 @@ class UserViewSet(ModelViewSet): return Response(serializer.data) @permission_required("authentik_core.reset_user_password") - @swagger_auto_schema( - responses={"200": LinkSerializer(many=False), "404": "No recovery flow found."}, + @extend_schema( + responses={ + "200": LinkSerializer(many=False), + "404": OpenApiResponse(description="No recovery flow found."), + }, ) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=invalid-name, unused-argument diff --git a/authentik/core/api/utils.py b/authentik/core/api/utils.py index 7b8a988723..380208e089 100644 --- a/authentik/core/api/utils.py +++ b/authentik/core/api/utils.py @@ -28,6 +28,9 @@ class PassiveSerializer(Serializer): ) -> Model: # pragma: no cover return Model() + class Meta: + model = Model + class MetaNameSerializer(PassiveSerializer): """Add verbose names to response""" diff --git a/authentik/crypto/api.py b/authentik/crypto/api.py index d07d6b7221..e7b54cb688 100644 --- a/authentik/crypto/api.py +++ b/authentik/crypto/api.py @@ -5,8 +5,8 @@ from cryptography.hazmat.primitives.serialization import load_pem_private_key from cryptography.x509 import load_pem_x509_certificate from django.http.response import HttpResponse from django.utils.translation import gettext_lazy as _ -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import ( CharField, @@ -125,9 +125,12 @@ class CertificateKeyPairViewSet(ModelViewSet): filterset_class = CertificateKeyPairFilter @permission_required(None, ["authentik_crypto.add_certificatekeypair"]) - @swagger_auto_schema( - request_body=CertificateGenerationSerializer(), - responses={200: CertificateKeyPairSerializer, 400: "Bad request"}, + @extend_schema( + request=CertificateGenerationSerializer(), + responses={ + 200: CertificateKeyPairSerializer, + 400: OpenApiResponse(description="Bad request"), + }, ) @action(detail=False, methods=["POST"]) def generate(self, request: Request) -> Response: @@ -147,12 +150,12 @@ class CertificateKeyPairViewSet(ModelViewSet): serializer = self.get_serializer(instance) return Response(serializer.data) - @swagger_auto_schema( - manual_parameters=[ - openapi.Parameter( + @extend_schema( + parameters=[ + OpenApiParameter( name="download", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], responses={200: CertificateDataSerializer(many=False)}, @@ -180,12 +183,12 @@ class CertificateKeyPairViewSet(ModelViewSet): CertificateDataSerializer({"data": certificate.certificate_data}).data ) - @swagger_auto_schema( - manual_parameters=[ - openapi.Parameter( + @extend_schema( + parameters=[ + OpenApiParameter( name="download", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], responses={200: CertificateDataSerializer(many=False)}, diff --git a/authentik/events/api/event.py b/authentik/events/api/event.py index 6246f7b1ca..d0c4e396d2 100644 --- a/authentik/events/api/event.py +++ b/authentik/events/api/event.py @@ -2,7 +2,8 @@ import django_filters from django.db.models.aggregates import Count from django.db.models.fields.json import KeyTextTransform -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework.decorators import action from rest_framework.fields import CharField, DictField, IntegerField @@ -38,12 +39,6 @@ class EventSerializer(ModelSerializer): ] -class EventTopPerUserParams(PassiveSerializer): - """Query params for top_per_user""" - - top_n = IntegerField(default=15) - - class EventTopPerUserSerializer(PassiveSerializer): """Response object of Event's top_per_user""" @@ -111,12 +106,19 @@ class EventViewSet(ReadOnlyModelViewSet): ] filterset_class = EventsFilter - @swagger_auto_schema( - method="GET", + @extend_schema( + methods=["GET"], responses={200: EventTopPerUserSerializer(many=True)}, - query_serializer=EventTopPerUserParams, + parameters=[ + OpenApiParameter( + "top_n", + type=OpenApiTypes.INT, + location=OpenApiParameter.QUERY, + required=False, + ) + ], ) - @action(detail=False, methods=["GET"]) + @action(detail=False, methods=["GET"], pagination_class=None) def top_per_user(self, request: Request): """Get the top_n events grouped by user count""" filtered_action = request.query_params.get("action", EventAction.LOGIN) @@ -134,7 +136,7 @@ class EventViewSet(ReadOnlyModelViewSet): .order_by("-counted_events")[:top_n] ) - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def actions(self, request: Request) -> Response: """Get all actions""" diff --git a/authentik/events/api/notification_transport.py b/authentik/events/api/notification_transport.py index a688f120db..05b857e870 100644 --- a/authentik/events/api/notification_transport.py +++ b/authentik/events/api/notification_transport.py @@ -1,5 +1,6 @@ """NotificationTransport API Views""" -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, ListField, SerializerMethodField from rest_framework.request import Request @@ -22,7 +23,7 @@ class NotificationTransportSerializer(ModelSerializer): mode_verbose = SerializerMethodField() - def get_mode_verbose(self, instance: NotificationTransport): + def get_mode_verbose(self, instance: NotificationTransport) -> str: """Return selected mode with a UI Label""" return TransportMode(instance.mode).label @@ -58,12 +59,12 @@ class NotificationTransportViewSet(ModelViewSet): serializer_class = NotificationTransportSerializer @permission_required("authentik_events.change_notificationtransport") - @swagger_auto_schema( + @extend_schema( responses={ 200: NotificationTransportTestSerializer(many=False), - 503: "Failed to test transport", + 500: OpenApiResponse(description="Failed to test transport"), }, - request_body=no_body, + request=OpenApiTypes.NONE, ) @action(detail=True, pagination_class=None, filter_backends=[], methods=["post"]) # pylint: disable=invalid-name, unused-argument @@ -83,4 +84,4 @@ class NotificationTransportViewSet(ModelViewSet): response.is_valid() return Response(response.data) except NotificationTransportError as exc: - return Response(str(exc.__cause__ or None), status=503) + return Response(str(exc.__cause__ or None), status=500) diff --git a/authentik/flows/api/flows.py b/authentik/flows/api/flows.py index 7fddfc3c5e..b7830c5e6d 100644 --- a/authentik/flows/api/flows.py +++ b/authentik/flows/api/flows.py @@ -6,8 +6,8 @@ from django.db.models import Model from django.http.response import HttpResponseBadRequest, JsonResponse from django.urls import reverse from django.utils.translation import gettext as _ -from drf_yasg import openapi -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework.decorators import action from rest_framework.parsers import MultiPartParser @@ -41,7 +41,7 @@ class FlowSerializer(ModelSerializer): cache_count = SerializerMethodField() - def get_cache_count(self, flow: Flow): + def get_cache_count(self, flow: Flow) -> int: """Get count of cached flows""" return len(cache.keys(f"{cache_key(flow)}*")) @@ -61,6 +61,9 @@ class FlowSerializer(ModelSerializer): "cache_count", "policy_engine_mode", ] + extra_kwargs = { + "background": {"read_only": True}, + } class FlowDiagramSerializer(Serializer): @@ -97,16 +100,19 @@ class FlowViewSet(ModelViewSet): filterset_fields = ["flow_uuid", "name", "slug", "designation"] @permission_required(None, ["authentik_flows.view_flow_cache"]) - @swagger_auto_schema(responses={200: CacheSerializer(many=False)}) + @extend_schema(responses={200: CacheSerializer(many=False)}) @action(detail=False, pagination_class=None, filter_backends=[]) def cache_info(self, request: Request) -> Response: """Info about cached flows""" return Response(data={"count": len(cache.keys("flow_*"))}) @permission_required(None, ["authentik_flows.clear_flow_cache"]) - @swagger_auto_schema( - request_body=no_body, - responses={204: "Successfully cleared cache", 400: "Bad request"}, + @extend_schema( + request=OpenApiTypes.NONE, + responses={ + 204: OpenApiResponse(description="Successfully cleared cache"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action(detail=False, methods=["POST"]) def cache_clear(self, request: Request) -> Response: @@ -133,17 +139,20 @@ class FlowViewSet(ModelViewSet): "authentik_stages_prompt.change_prompt", ], ) - @swagger_auto_schema( - request_body=no_body, - manual_parameters=[ - openapi.Parameter( + @extend_schema( + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( name="file", - in_=openapi.IN_FORM, - type=openapi.TYPE_FILE, + location=OpenApiParameter.QUERY, # TODO: Form + type=OpenApiTypes.BINARY, required=True, ) ], - responses={204: "Successfully imported flow", 400: "Bad request"}, + responses={ + 204: OpenApiResponse(description="Successfully imported flow"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action(detail=False, methods=["POST"], parser_classes=(MultiPartParser,)) def import_flow(self, request: Request) -> Response: @@ -171,11 +180,9 @@ class FlowViewSet(ModelViewSet): "authentik_stages_prompt.view_prompt", ], ) - @swagger_auto_schema( + @extend_schema( responses={ - "200": openapi.Response( - "File Attachment", schema=openapi.Schema(type=openapi.TYPE_FILE) - ), + "200": OpenApiResponse(response=OpenApiTypes.BINARY), }, ) @action(detail=True, pagination_class=None, filter_backends=[]) @@ -188,7 +195,7 @@ class FlowViewSet(ModelViewSet): response["Content-Disposition"] = f'attachment; filename="{flow.slug}.akflow"' return response - @swagger_auto_schema(responses={200: FlowDiagramSerializer()}) + @extend_schema(responses={200: FlowDiagramSerializer()}) @action(detail=True, pagination_class=None, filter_backends=[], methods=["get"]) # pylint: disable=unused-argument def diagram(self, request: Request, slug: str) -> Response: @@ -259,17 +266,20 @@ class FlowViewSet(ModelViewSet): return Response({"diagram": diagram}) @permission_required("authentik_flows.change_flow") - @swagger_auto_schema( - request_body=no_body, - manual_parameters=[ - openapi.Parameter( + @extend_schema( + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( name="file", - in_=openapi.IN_FORM, - type=openapi.TYPE_FILE, + location=OpenApiParameter.QUERY, # TODO: Form + type=OpenApiTypes.BINARY, required=True, ) ], - responses={200: "Success", 400: "Bad request"}, + responses={ + 200: OpenApiResponse(description="Success"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action( detail=True, @@ -289,8 +299,11 @@ class FlowViewSet(ModelViewSet): app.save() return Response({}) - @swagger_auto_schema( - responses={200: LinkSerializer(many=False), 400: "Flow not applicable"}, + @extend_schema( + responses={ + 200: LinkSerializer(many=False), + 400: OpenApiResponse(description="Flow not applicable"), + }, ) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=unused-argument diff --git a/authentik/flows/api/stages.py b/authentik/flows/api/stages.py index 749e4a7ace..a700e3b381 100644 --- a/authentik/flows/api/stages.py +++ b/authentik/flows/api/stages.py @@ -1,7 +1,7 @@ """Flow Stage API Views""" from typing import Iterable -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework import mixins from rest_framework.decorators import action from rest_framework.fields import BooleanField @@ -68,7 +68,7 @@ class StageViewSet( def get_queryset(self): return Stage.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable stage types""" @@ -86,7 +86,7 @@ class StageViewSet( data = sorted(data, key=lambda x: x["name"]) return Response(TypeCreateSerializer(data, many=True).data) - @swagger_auto_schema(responses={200: StageUserSettingSerializer(many=True)}) + @extend_schema(responses={200: StageUserSettingSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def user_settings(self, request: Request) -> Response: """Get all stages the user can configure""" diff --git a/authentik/flows/views.py b/authentik/flows/views.py index 3935b9a108..509f86fd44 100644 --- a/authentik/flows/views.py +++ b/authentik/flows/views.py @@ -10,8 +10,8 @@ from django.template.response import TemplateResponse from django.utils.decorators import method_decorator from django.views.decorators.clickjacking import xframe_options_sameorigin from django.views.generic import View -from drf_yasg import openapi -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from rest_framework.permissions import AllowAny from rest_framework.views import APIView from sentry_sdk import capture_exception @@ -22,7 +22,6 @@ from authentik.events.models import cleanse_dict from authentik.flows.challenge import ( AccessDeniedChallenge, Challenge, - ChallengeResponse, ChallengeTypes, HttpChallengeResponse, RedirectChallenge, @@ -125,19 +124,21 @@ class FlowExecutorView(APIView): self.current_stage_view.request = request return super().dispatch(request) - @swagger_auto_schema( + @extend_schema( responses={ 200: Challenge(), - 404: "No Token found", # This error can be raised by the email stage + 404: OpenApiResponse( + description="No Token found" + ), # This error can be raised by the email stage }, - request_body=no_body, - manual_parameters=[ - openapi.Parameter( - "query", - openapi.IN_QUERY, + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( + name="query", + location=OpenApiParameter.QUERY, required=True, description="Querystring as received", - type=openapi.TYPE_STRING, + type=OpenApiTypes.STR, ) ], operation_id="flows_executor_get", @@ -157,16 +158,16 @@ class FlowExecutorView(APIView): self._logger.warning(exc) return to_stage_response(request, FlowErrorResponse(request, exc)) - @swagger_auto_schema( + @extend_schema( responses={200: Challenge()}, - request_body=ChallengeResponse(), - manual_parameters=[ - openapi.Parameter( - "query", - openapi.IN_QUERY, + request=OpenApiTypes.OBJECT, + parameters=[ + OpenApiParameter( + name="query", + location=OpenApiParameter.QUERY, required=True, description="Querystring as received", - type=openapi.TYPE_STRING, + type=OpenApiTypes.STR, ) ], operation_id="flows_executor_solve", diff --git a/authentik/outposts/api/outpost_service_connections.py b/authentik/outposts/api/outpost_service_connections.py index 39b54c1e5f..fdc28ca8bf 100644 --- a/authentik/outposts/api/outpost_service_connections.py +++ b/authentik/outposts/api/outpost_service_connections.py @@ -2,7 +2,7 @@ from dataclasses import asdict from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from kubernetes.client.configuration import Configuration from kubernetes.config.config_exception import ConfigException from kubernetes.config.kube_config import load_kube_config_from_dict @@ -69,7 +69,7 @@ class ServiceConnectionViewSet( search_fields = ["name"] filterset_fields = ["name"] - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable service connection types""" @@ -87,7 +87,7 @@ class ServiceConnectionViewSet( ) return Response(TypeCreateSerializer(data, many=True).data) - @swagger_auto_schema(responses={200: ServiceConnectionStateSerializer(many=False)}) + @extend_schema(responses={200: ServiceConnectionStateSerializer(many=False)}) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=unused-argument, invalid-name def state(self, request: Request, pk: str) -> Response: diff --git a/authentik/outposts/api/outposts.py b/authentik/outposts/api/outposts.py index d026fa5031..2def9d3da4 100644 --- a/authentik/outposts/api/outposts.py +++ b/authentik/outposts/api/outposts.py @@ -1,7 +1,7 @@ """Outpost API Views""" from dacite.core import from_dict from dacite.exceptions import DaciteError -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.fields import BooleanField, CharField, DateTimeField from rest_framework.request import Request @@ -72,8 +72,8 @@ class OutpostViewSet(ModelViewSet): ] ordering = ["name"] - @swagger_auto_schema(responses={200: OutpostHealthSerializer(many=True)}) - @action(methods=["GET"], detail=True) + @extend_schema(responses={200: OutpostHealthSerializer(many=True)}) + @action(methods=["GET"], detail=True, pagination_class=None) # pylint: disable=invalid-name, unused-argument def health(self, request: Request, pk: int) -> Response: """Get outposts current health""" @@ -90,7 +90,7 @@ class OutpostViewSet(ModelViewSet): ) return Response(OutpostHealthSerializer(states, many=True).data) - @swagger_auto_schema(responses={200: OutpostDefaultConfigSerializer(many=False)}) + @extend_schema(responses={200: OutpostDefaultConfigSerializer(many=False)}) @action(detail=False, methods=["GET"]) def default_settings(self, request: Request) -> Response: """Global default outpost config""" diff --git a/authentik/policies/api/policies.py b/authentik/policies/api/policies.py index 9a089e93a3..9de4e0b664 100644 --- a/authentik/policies/api/policies.py +++ b/authentik/policies/api/policies.py @@ -1,6 +1,7 @@ """policy API Views""" from django.core.cache import cache -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiResponse, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework import mixins from rest_framework.decorators import action @@ -96,7 +97,7 @@ class PolicyViewSet( "bindings", "promptstage_set" ) - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable policy types""" @@ -114,16 +115,19 @@ class PolicyViewSet( return Response(TypeCreateSerializer(data, many=True).data) @permission_required(None, ["authentik_policies.view_policy_cache"]) - @swagger_auto_schema(responses={200: CacheSerializer(many=False)}) + @extend_schema(responses={200: CacheSerializer(many=False)}) @action(detail=False, pagination_class=None, filter_backends=[]) def cache_info(self, request: Request) -> Response: """Info about cached policies""" return Response(data={"count": len(cache.keys("policy_*"))}) @permission_required(None, ["authentik_policies.clear_policy_cache"]) - @swagger_auto_schema( - request_body=no_body, - responses={204: "Successfully cleared cache", 400: "Bad request"}, + @extend_schema( + request=OpenApiTypes.NONE, + responses={ + 204: OpenApiResponse(description="Successfully cleared cache"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action(detail=False, methods=["POST"]) def cache_clear(self, request: Request) -> Response: @@ -137,9 +141,12 @@ class PolicyViewSet( return Response(status=204) @permission_required("authentik_policies.view_policy") - @swagger_auto_schema( - request_body=PolicyTestSerializer(), - responses={200: PolicyTestResultSerializer(), 400: "Invalid parameters"}, + @extend_schema( + request=PolicyTestSerializer(), + responses={ + 200: PolicyTestResultSerializer(), + 400: OpenApiResponse(description="Invalid parameters"), + }, ) @action(detail=True, pagination_class=None, filter_backends=[], methods=["POST"]) # pylint: disable=unused-argument, invalid-name diff --git a/authentik/providers/oauth2/api/provider.py b/authentik/providers/oauth2/api/provider.py index b090ef72c5..db95e393ef 100644 --- a/authentik/providers/oauth2/api/provider.py +++ b/authentik/providers/oauth2/api/provider.py @@ -1,7 +1,7 @@ """OAuth2Provider API Views""" from django.urls import reverse from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import ReadOnlyField from rest_framework.generics import get_object_or_404 @@ -67,10 +67,10 @@ class OAuth2ProviderViewSet(ModelViewSet): queryset = OAuth2Provider.objects.all() serializer_class = OAuth2ProviderSerializer - @swagger_auto_schema( + @extend_schema( responses={ - 200: OAuth2ProviderSetupURLs(many=False), - 404: "Provider has no application assigned", + 200: OAuth2ProviderSetupURLs, + 404: OpenApiResponse(description="Provider has no application assigned"), } ) @action(methods=["GET"], detail=True) diff --git a/authentik/providers/proxy/api.py b/authentik/providers/proxy/api.py index c729d12412..3cfb8e1206 100644 --- a/authentik/providers/proxy/api.py +++ b/authentik/providers/proxy/api.py @@ -1,7 +1,7 @@ """ProxyProvider API Views""" from typing import Any -from drf_yasg.utils import swagger_serializer_method +from drf_spectacular.utils import extend_schema_field from rest_framework.exceptions import ValidationError from rest_framework.fields import CharField, ListField, SerializerMethodField from rest_framework.serializers import ModelSerializer @@ -107,7 +107,7 @@ class ProxyOutpostConfigSerializer(ModelSerializer): "forward_auth_mode", ] - @swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer) + @extend_schema_field(OpenIDConnectConfigurationSerializer) def get_oidc_configuration(self, obj: ProxyProvider): """Embed OpenID Connect provider information""" return ProviderInfoView(request=self.context["request"]._request).get_info(obj) diff --git a/authentik/providers/saml/api.py b/authentik/providers/saml/api.py index 84630d81df..804f4b9197 100644 --- a/authentik/providers/saml/api.py +++ b/authentik/providers/saml/api.py @@ -5,8 +5,8 @@ from defusedxml.ElementTree import fromstring from django.http.response import HttpResponse from django.shortcuts import get_object_or_404 from django.utils.translation import gettext_lazy as _ -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, FileField, ReadOnlyField from rest_framework.parsers import MultiPartParser @@ -80,16 +80,16 @@ class SAMLProviderViewSet(ModelViewSet): queryset = SAMLProvider.objects.all() serializer_class = SAMLProviderSerializer - @swagger_auto_schema( + @extend_schema( responses={ 200: SAMLMetadataSerializer(many=False), - 404: "Provider has no application assigned", + 404: OpenApiResponse(description="Provider has no application assigned"), }, - manual_parameters=[ - openapi.Parameter( + parameters=[ + OpenApiParameter( name="download", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], ) @@ -118,9 +118,12 @@ class SAMLProviderViewSet(ModelViewSet): "authentik_crypto.add_certificatekeypair", ], ) - @swagger_auto_schema( - request_body=SAMLProviderImportSerializer(), - responses={204: "Successfully imported provider", 400: "Bad request"}, + @extend_schema( + request=SAMLProviderImportSerializer(), + responses={ + 204: OpenApiResponse(description="Successfully imported provider"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action(detail=False, methods=["POST"], parser_classes=(MultiPartParser,)) def import_metadata(self, request: Request) -> Response: diff --git a/authentik/root/settings.py b/authentik/root/settings.py index a10276c066..195c1c38bc 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -128,7 +128,7 @@ INSTALLED_APPS = [ "authentik.stages.user_write", "rest_framework", "django_filters", - "drf_yasg", + "drf_spectacular", "guardian", "django_prometheus", "channels", @@ -137,15 +137,28 @@ INSTALLED_APPS = [ GUARDIAN_MONKEY_PATCH = False -SWAGGER_SETTINGS = { - "DEFAULT_AUTO_SCHEMA_CLASS": "authentik.api.schema.ErrorResponseAutoSchema", - "DEFAULT_INFO": "authentik.api.v2.urls.info", - "DEFAULT_PAGINATOR_INSPECTORS": [ - "authentik.api.pagination_schema.PaginationInspector", - ], - "SECURITY_DEFINITIONS": { - "Bearer": {"type": "apiKey", "name": "Authorization", "in": "header"} +SPECTACULAR_SETTINGS = { + "TITLE": "authentik", + "DESCRIPTION": "Making authentication simple.", + "VERSION": __version__, + "COMPONENT_SPLIT_REQUEST": True, + "CONTACT": { + "email": "hello@beryju.org", }, + "LICENSE": { + "name": "GNU GPLv3", + "url": "https://github.com/goauthentik/authentik/blob/master/LICENSE", + }, + "ENUM_NAME_OVERRIDES": { + "ChallengeChoices": "authentik.flows.challenge.ChallengeTypes", + "FlowDesignationEnum": "authentik.flows.models.FlowDesignation", + "PolicyEngineMode": "authentik.policies.models.PolicyEngineMode", + }, + "ENUM_ADD_EXPLICIT_BLANK_NULL_CHOICE": False, + "POSTPROCESSING_HOOKS": [ + "authentik.api.schema.postprocess_schema_responses", + "drf_spectacular.hooks.postprocess_schema_enums", + ], } REST_FRAMEWORK = { @@ -167,6 +180,7 @@ REST_FRAMEWORK = { "DEFAULT_RENDERER_CLASSES": [ "rest_framework.renderers.JSONRenderer", ], + "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema", } CACHES = { @@ -446,7 +460,6 @@ _LOGGING_HANDLER_MAP = { "kubernetes": "INFO", "asyncio": "WARNING", "aioredis": "WARNING", - "drf_yasg.utils": "WARNING", } for handler_name, level in _LOGGING_HANDLER_MAP.items(): # pyright: reportGeneralTypeIssues=false diff --git a/authentik/sources/ldap/api.py b/authentik/sources/ldap/api.py index c74be3a9d1..9196186f32 100644 --- a/authentik/sources/ldap/api.py +++ b/authentik/sources/ldap/api.py @@ -1,7 +1,7 @@ """Source API Views""" from django.http.response import Http404 from django.utils.text import slugify -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.request import Request from rest_framework.response import Response @@ -48,8 +48,11 @@ class LDAPSourceViewSet(ModelViewSet): serializer_class = LDAPSourceSerializer lookup_field = "slug" - @swagger_auto_schema( - responses={200: TaskSerializer(many=False), 404: "Task not found"} + @extend_schema( + responses={ + 200: TaskSerializer(many=False), + 404: OpenApiResponse(description="Task not found"), + } ) @action(methods=["GET"], detail=True) # pylint: disable=unused-argument diff --git a/authentik/sources/oauth/api/source.py b/authentik/sources/oauth/api/source.py index b2813af1f9..8899cfc897 100644 --- a/authentik/sources/oauth/api/source.py +++ b/authentik/sources/oauth/api/source.py @@ -1,6 +1,6 @@ """OAuth Source Serializer""" from django.urls.base import reverse_lazy -from drf_yasg.utils import swagger_auto_schema, swagger_serializer_method +from drf_spectacular.utils import extend_schema, extend_schema_field from rest_framework.decorators import action from rest_framework.fields import BooleanField, CharField, SerializerMethodField from rest_framework.request import Request @@ -43,7 +43,7 @@ class OAuthSourceSerializer(SourceSerializer): type = SerializerMethodField() - @swagger_serializer_method(serializer_or_field=SourceTypeSerializer) + @extend_schema_field(SourceTypeSerializer) def get_type(self, instace: OAuthSource) -> SourceTypeSerializer: """Get source's type configuration""" return SourceTypeSerializer(instace.type).data @@ -85,7 +85,7 @@ class OAuthSourceViewSet(ModelViewSet): serializer_class = OAuthSourceSerializer lookup_field = "slug" - @swagger_auto_schema(responses={200: SourceTypeSerializer(many=True)}) + @extend_schema(responses={200: SourceTypeSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def source_types(self, request: Request) -> Response: """Get all creatable source types""" diff --git a/authentik/sources/plex/api.py b/authentik/sources/plex/api.py index d9c351aef4..00200982af 100644 --- a/authentik/sources/plex/api.py +++ b/authentik/sources/plex/api.py @@ -1,7 +1,7 @@ """Plex Source Serializer""" from django.shortcuts import get_object_or_404 -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.exceptions import PermissionDenied from rest_framework.fields import CharField @@ -50,18 +50,18 @@ class PlexSourceViewSet(ModelViewSet): lookup_field = "slug" @permission_required(None) - @swagger_auto_schema( - request_body=PlexTokenRedeemSerializer(), + @extend_schema( + request=PlexTokenRedeemSerializer(), responses={ 200: RedirectChallenge(), - 400: "Token not found", - 403: "Access denied", + 400: OpenApiResponse(description="Token not found"), + 403: OpenApiResponse(description="Access denied"), }, - manual_parameters=[ - openapi.Parameter( + parameters=[ + OpenApiParameter( name="slug", - in_=openapi.IN_QUERY, - type=openapi.TYPE_STRING, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.STR, ) ], ) diff --git a/authentik/sources/saml/api.py b/authentik/sources/saml/api.py index 91a4407fb5..88cde35cb1 100644 --- a/authentik/sources/saml/api.py +++ b/authentik/sources/saml/api.py @@ -1,5 +1,5 @@ """SAMLSource API Views""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.request import Request from rest_framework.response import Response @@ -39,7 +39,7 @@ class SAMLSourceViewSet(ModelViewSet): serializer_class = SAMLSourceSerializer lookup_field = "slug" - @swagger_auto_schema(responses={200: SAMLMetadataSerializer(many=False)}) + @extend_schema(responses={200: SAMLMetadataSerializer(many=False)}) @action(methods=["GET"], detail=True) # pylint: disable=unused-argument def metadata(self, request: Request, slug: str) -> Response: diff --git a/authentik/stages/authenticator_static/api.py b/authentik/stages/authenticator_static/api.py index 555a42bab3..340d2b4df0 100644 --- a/authentik/stages/authenticator_static/api.py +++ b/authentik/stages/authenticator_static/api.py @@ -1,6 +1,6 @@ """AuthenticatorStaticStage API Views""" from django_filters.rest_framework import DjangoFilterBackend -from django_otp.plugins.otp_static.models import StaticDevice +from django_otp.plugins.otp_static.models import StaticDevice, StaticToken from guardian.utils import get_anonymous_user from rest_framework.filters import OrderingFilter, SearchFilter from rest_framework.permissions import IsAdminUser @@ -27,14 +27,24 @@ class AuthenticatorStaticStageViewSet(ModelViewSet): serializer_class = AuthenticatorStaticStageSerializer +class StaticDeviceTokenSerializer(ModelSerializer): + """Serializer for static device's tokens""" + + class Meta: + + model = StaticToken + fields = ["token"] + + class StaticDeviceSerializer(ModelSerializer): """Serializer for static authenticator devices""" + token_set = StaticDeviceTokenSerializer(many=True, read_only=True) + class Meta: model = StaticDevice fields = ["name", "token_set", "pk"] - depth = 2 class StaticDeviceViewSet(ModelViewSet): diff --git a/authentik/stages/email/api.py b/authentik/stages/email/api.py index 27b5d67524..e13d9584f2 100644 --- a/authentik/stages/email/api.py +++ b/authentik/stages/email/api.py @@ -1,5 +1,5 @@ """EmailStage API Views""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.request import Request from rest_framework.response import Response @@ -52,7 +52,7 @@ class EmailStageViewSet(ModelViewSet): queryset = EmailStage.objects.all() serializer_class = EmailStageSerializer - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def templates(self, request: Request) -> Response: """Get all available templates, including custom templates""" diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 19eee21717..24e7923d54 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -305,8 +305,7 @@ stages: displayName: Build static files for e2e inputs: script: | - docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 - sudo chmod 777 -R web/api/ + make gen-web cd web cd api && npm i && cd .. npm i @@ -394,36 +393,19 @@ stages: - task: CmdLine@2 inputs: script: bash <(curl -s https://codecov.io/bash) - - stage: generate - jobs: - - job: swagger_generate - pool: - vmImage: 'ubuntu-latest' - steps: - - task: NodeTool@0 - inputs: - versionSpec: '16.x' - displayName: 'Install Node.js' - - task: CmdLine@2 - inputs: - script: | - docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 - - task: PublishPipelineArtifact@1 - inputs: - targetPath: 'web/api/' - artifact: 'ts_swagger_client' - publishLocation: 'pipeline' - stage: Build jobs: - job: build_server pool: vmImage: 'ubuntu-latest' steps: - - task: DownloadPipelineArtifact@2 + - task: NodeTool@0 inputs: - buildType: 'current' - artifactName: 'ts_swagger_client' - path: "web/api/" + versionSpec: '16.x' + displayName: 'Install Node.js' + - task: CmdLine@2 + inputs: + script: make gen-web - task: Bash@3 inputs: targetType: 'inline' diff --git a/outpost/.gitignore b/outpost/.gitignore index 5cd2df6d58..8c6492ca8e 100644 --- a/outpost/.gitignore +++ b/outpost/.gitignore @@ -1,2 +1 @@ -pkg/client/ -pkg/models/ +api/ diff --git a/outpost/Makefile b/outpost/Makefile index d4eaa5f5c0..03a50e4ffd 100644 --- a/outpost/Makefile +++ b/outpost/Makefile @@ -1,8 +1,4 @@ -all: clean generate - -generate: - go get -u github.com/go-swagger/go-swagger/cmd/swagger - swagger generate client -f ../swagger.yaml -A authentik -t pkg/ +all: clean run: go run -v . diff --git a/outpost/README.md b/outpost/README.md index ead8007f8f..45971c9c59 100644 --- a/outpost/README.md +++ b/outpost/README.md @@ -1,13 +1,16 @@ # authentik outpost -[![CI Build status](https://img.shields.io/azure-devops/build/beryjuorg/authentik/3?style=flat-square)](https://dev.azure.com/beryjuorg/authentik/_build?definitionId=8) +[![CI Build status](https://img.shields.io/azure-devops/build/beryjuorg/authentik/8?style=flat-square)](https://dev.azure.com/beryjuorg/authentik/_build?definitionId=8) ![Docker pulls (proxy)](https://img.shields.io/docker/pulls/beryju/authentik-proxy.svg?style=flat-square) +![Docker pulls (ldap)](https://img.shields.io/docker/pulls/beryju/authentik-ldap.svg?style=flat-square) Reverse Proxy based on [oauth2_proxy](https://github.com/oauth2-proxy/oauth2-proxy), completely managed and monitored by authentik. +LDAP Server using [ldap](https://github.com/nmcclain/ldap), completely managed and monitored by authentik. + ## Usage -authentik Proxy is built to be configured by authentik itself, hence the only options you can directly give it are connection params. +authentik Outpost is built to be configured by authentik itself, hence the only options you can directly give it are connection params. The following environment variable are implemented: @@ -19,6 +22,6 @@ The following environment variable are implemented: ## Development -authentik Proxy uses an auto-generated API Client to communicate with authentik. This client is not kept in git. To generate the client locally, run `make generate`. +authentik outpost uses an auto-generated API Client to communicate with authentik. This client is not kept in git. To generate the client locally, run `make gen-outpost` in the root directory of the repo. -Afterwards you can build the proxy like any other Go project, using `go build`. +Afterwards you can build the outpost like any other Go project, using `go build ./cmd/proxy/server.go` or `go build ./cmd/ldap/server.go`. diff --git a/outpost/azure-pipelines.yml b/outpost/azure-pipelines.yml index b3c39d43bb..62f1242b87 100644 --- a/outpost/azure-pipelines.yml +++ b/outpost/azure-pipelines.yml @@ -15,7 +15,7 @@ variables: stages: - stage: generate jobs: - - job: swagger_generate + - job: generate_api pool: vmImage: 'ubuntu-latest' steps: @@ -24,16 +24,11 @@ stages: version: '1.16.3' - task: CmdLine@2 inputs: - script: | - sudo wget -O /usr/local/bin/swagger https://github.com/go-swagger/go-swagger/releases/latest/download/swagger_linux_amd64 - sudo chmod +x /usr/local/bin/swagger - mkdir -p $(go env GOPATH) - swagger generate client -f ../swagger.yaml -A authentik -t pkg/ - workingDirectory: 'outpost/' + script: make gen-outpost - task: PublishPipelineArtifact@1 inputs: - targetPath: 'outpost/pkg/' - artifact: 'go_swagger_client' + targetPath: 'outpost/api/' + artifact: 'go_api_client' publishLocation: 'pipeline' - stage: lint jobs: @@ -47,12 +42,17 @@ stages: - task: DownloadPipelineArtifact@2 inputs: buildType: 'current' - artifactName: 'go_swagger_client' - path: "outpost/pkg/" + artifactName: 'go_api_client' + path: "outpost/api/" - task: CmdLine@2 inputs: script: | - docker run --rm -v $(pwd):/app -w /app golangci/golangci-lint:v1.39.0 golangci-lint run -v --timeout 200s + docker run \ + --rm \ + -v $(pwd):/app \ + -w /app \ + golangci/golangci-lint:v1.39.0 \ + golangci-lint run -v --timeout 200s workingDirectory: 'outpost/' - stage: build_go jobs: @@ -66,8 +66,8 @@ stages: - task: DownloadPipelineArtifact@2 inputs: buildType: 'current' - artifactName: 'go_swagger_client' - path: "outpost/pkg/" + artifactName: 'go_api_client' + path: "outpost/api/" - task: Go@0 inputs: command: 'build' @@ -83,8 +83,8 @@ stages: - task: DownloadPipelineArtifact@2 inputs: buildType: 'current' - artifactName: 'go_swagger_client' - path: "outpost/pkg/" + artifactName: 'go_api_client' + path: "outpost/api/" - task: Go@0 inputs: command: 'build' @@ -102,8 +102,8 @@ stages: - task: DownloadPipelineArtifact@2 inputs: buildType: 'current' - artifactName: 'go_swagger_client' - path: "outpost/pkg/" + artifactName: 'go_api_client' + path: "outpost/api/" - task: Bash@3 inputs: targetType: 'inline' @@ -138,8 +138,8 @@ stages: - task: DownloadPipelineArtifact@2 inputs: buildType: 'current' - artifactName: 'go_swagger_client' - path: "outpost/pkg/" + artifactName: 'go_api_client' + path: "outpost/api/" - task: Bash@3 inputs: targetType: 'inline' diff --git a/outpost/go.mod b/outpost/go.mod index 667cccb939..a6bbf30a41 100644 --- a/outpost/go.mod +++ b/outpost/go.mod @@ -1,23 +1,21 @@ module goauthentik.io/outpost -go 1.14 +go 1.16 require ( github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect github.com/coreos/go-oidc v2.2.1+incompatible - github.com/felixge/httpsnoop v1.0.2 // indirect github.com/getsentry/sentry-go v0.10.0 github.com/go-ldap/ldap/v3 v3.3.0 github.com/go-openapi/analysis v0.20.1 // indirect - github.com/go-openapi/errors v0.20.0 + github.com/go-openapi/errors v0.20.0 // indirect github.com/go-openapi/runtime v0.19.28 github.com/go-openapi/strfmt v0.20.1 - github.com/go-openapi/swag v0.19.15 - github.com/go-openapi/validate v0.20.2 + github.com/go-openapi/swag v0.19.15 // indirect + github.com/go-openapi/validate v0.20.2 // indirect github.com/go-redis/redis/v7 v7.4.0 // indirect - github.com/go-swagger/go-swagger v0.27.0 // indirect github.com/golang/protobuf v1.5.2 // indirect - github.com/google/uuid v1.2.0 // indirect + github.com/google/uuid v1.2.0 github.com/gorilla/websocket v1.4.2 github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a github.com/justinas/alice v1.2.0 @@ -25,9 +23,9 @@ require ( github.com/magiconair/properties v1.8.5 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484 // indirect - github.com/nmcclain/ldap v0.0.0-20191021200707-3b3b69a7e9e3 // indirect + github.com/nmcclain/ldap v0.0.0-20191021200707-3b3b69a7e9e3 github.com/oauth2-proxy/oauth2-proxy v0.0.0-20200831161845-e4e5580852dc - github.com/pelletier/go-toml v1.9.0 // indirect + github.com/pelletier/go-toml v1.9.1 // indirect github.com/pkg/errors v0.9.1 github.com/pquerna/cachecontrol v0.0.0-20201205024021-ac21108117ac // indirect github.com/recws-org/recws v1.3.1 @@ -37,10 +35,11 @@ require ( github.com/spf13/jwalterweatherman v1.1.0 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/spf13/viper v1.7.1 // indirect + go.mongodb.org/mongo-driver v1.5.2 // indirect golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 // indirect - golang.org/x/net v0.0.0-20210423184538-5f58ad60dda6 // indirect - golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558 // indirect - golang.org/x/sys v0.0.0-20210426080607-c94f62235c83 // indirect + golang.org/x/net v0.0.0-20210510120150-4163338589ed // indirect + golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558 + golang.org/x/sys v0.0.0-20210514084401-e8d321eab015 // indirect google.golang.org/appengine v1.6.7 // indirect gopkg.in/ini.v1 v1.62.0 // indirect gopkg.in/square/go-jose.v2 v2.5.1 // indirect diff --git a/outpost/go.sum b/outpost/go.sum index 1382969c34..8ce40262de 100644 --- a/outpost/go.sum +++ b/outpost/go.sum @@ -43,7 +43,6 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/CloudyKit/fastprinter v0.0.0-20200109182630-33d98a066a53/go.mod h1:+3IMCy2vIlbG1XG/0ggNQv0SvxCAIpPM5b1nCz56Xno= github.com/CloudyKit/jet/v3 v3.0.0/go.mod h1:HKQPgSJmdK8hdoAbKUUWajkHyHo4RaU5rMdUywE7VMo= -github.com/FZambia/sentinel v1.0.0 h1:KJ0ryjKTZk5WMp0dXvSdNqp3lFaW1fNFuEYfrkLOYIc= github.com/FZambia/sentinel v1.0.0/go.mod h1:ytL1Am/RLlAoAXG6Kj5LNuw/TRRQrv2rt2FT26vP5gI= github.com/Joker/hpp v1.0.0/go.mod h1:8x5n+M1Hp5hC0g8okX3sR3vFQwynaX/UgSOM9MeBKzY= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= @@ -104,7 +103,6 @@ github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3Ee github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= -github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -126,9 +124,6 @@ github.com/etcd-io/bbolt v1.3.3/go.mod h1:ZF2nL25h33cCyBtcyWeZ2/I3HQOfTP+0PIEvHj github.com/fasthttp-contrib/websocket v0.0.0-20160511215533-1f3b11f56072/go.mod h1:duJ4Jxv5lDcvg4QuQr0oowTf7dz4/CR8NtyCooz9HL8= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= -github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/felixge/httpsnoop v1.0.2 h1:+nS9g82KMXccJ/wp0zyRW9ZBHFETmMGtkk+2CTTrW4o= -github.com/felixge/httpsnoop v1.0.2/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/frankban/quicktest v1.10.0 h1:Gfh+GAJZOAoKZsIZeZbdn2JF10kN1XHNvjsvQK8gVkE= github.com/frankban/quicktest v1.10.0/go.mod h1:ui7WezCLWMWxVWr1GETZY3smRy0G4KWq9vcPtJmFl7Y= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= @@ -177,8 +172,6 @@ github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpX github.com/go-openapi/errors v0.19.9/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/errors v0.20.0 h1:Sxpo9PjEHDzhs3FbnGNonvDgWcMW2U7wGTcDDSFSceM= github.com/go-openapi/errors v0.20.0/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= -github.com/go-openapi/inflect v0.19.0 h1:9jCH9scKIbHeV9m12SmPilScz6krDxKRasNNSNPXu/4= -github.com/go-openapi/inflect v0.19.0/go.mod h1:lHpZVlpIQqLyKwJ4N+YSc9hchQy/i12fJykb83CRBH4= github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= @@ -208,7 +201,6 @@ github.com/go-openapi/runtime v0.19.4/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29g github.com/go-openapi/runtime v0.19.15/go.mod h1:dhGWCTKRXlAfGnQG0ONViOZpjfg0m2gUt9nTQPQZuoo= github.com/go-openapi/runtime v0.19.16/go.mod h1:5P9104EJgYcizotuXhEuUrzVc+j1RiSjahULvYmlv98= github.com/go-openapi/runtime v0.19.24/go.mod h1:Lm9YGCeecBnUUkFTxPC4s1+lwrkJ0pthx8YvyjCfkgk= -github.com/go-openapi/runtime v0.19.27/go.mod h1:BvrQtn6iVb2QmiVXRsFAm6ZCAZBpbVKFfN6QWCp582M= github.com/go-openapi/runtime v0.19.28 h1:9lYu6axek8LJrVkMVViVirRcpoaCxXX7+sSvmizGVnA= github.com/go-openapi/runtime v0.19.28/go.mod h1:BvrQtn6iVb2QmiVXRsFAm6ZCAZBpbVKFfN6QWCp582M= github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= @@ -259,9 +251,6 @@ github.com/go-redis/redis/v7 v7.4.0/go.mod h1:JDNMw23GTyLNC4GZu9njt15ctBQVn7xjRf github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/go-swagger/go-swagger v0.27.0 h1:K7+nkBuf4oS1jTBrdvWqYFpqD69V5CN8HamZzCDDhAI= -github.com/go-swagger/go-swagger v0.27.0/go.mod h1:WodZVysInJilkW7e6IRw+dZGp5yW6rlMFZ4cb+THl9A= -github.com/go-swagger/scan-repo-boundary v0.0.0-20180623220736-973b3573c013/go.mod h1:b65mBPzqzZWxOZGxSWrqs4GInLIn+u99Q9q7p+GKni0= github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY= github.com/gobuffalo/depgen v0.1.0/go.mod h1:+ifsuy7fhi15RWncXQQKjWS9JPkdah5sZvtHc2RXGlg= @@ -323,7 +312,6 @@ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/gomodule/redigo v1.7.1-0.20190322064113-39e2c31b7ca3/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4= github.com/gomodule/redigo v1.7.1-0.20190724094224-574c33c3df38/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4= -github.com/gomodule/redigo v1.8.1 h1:Abmo0bI7Xf0IhdIPc7HZQzZcShdnmxeoVuDDtIQp8N8= github.com/gomodule/redigo v1.8.1/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= @@ -350,7 +338,6 @@ github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs= github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -359,8 +346,6 @@ github.com/googleapis/gax-go/v2 v2.0.5 h1:sjZBwGj9Jlw33ImPtvFviGYvseOtDM7hkSKB7+ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4= -github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc= @@ -399,8 +384,6 @@ github.com/iris-contrib/go.uuid v2.0.0+incompatible/go.mod h1:iz2lgM/1UnEf1kP0L/ github.com/iris-contrib/jade v1.1.3/go.mod h1:H/geBymxJhShH5kecoiOCSssPX7QWYH7UaeZTSWddIk= github.com/iris-contrib/pongo2 v0.0.1/go.mod h1:Ssh+00+3GAZqSQb30AvBRNxBx7rf0GqwkjqxNd0u65g= github.com/iris-contrib/schema v0.0.1/go.mod h1:urYA3uvUNG1TIIjOSCzHr9/LmbQo8LrOcOqfqxa4hXw= -github.com/jessevdk/go-flags v1.5.0 h1:1jKYvbxEjfUl0fmqTCOfonvskHHXMjBySTLW4y9LFvc= -github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a h1:zPPuIq2jAWWPTrGt70eK/BSch+gFAGrNzecsoENgu2o= github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= @@ -464,7 +447,6 @@ github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= -github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A= github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= @@ -532,9 +514,8 @@ github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtP github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/pelletier/go-toml v1.4.0/go.mod h1:PN7xzY2wHTK0K9p34ErDQMlFxa51Fk0OUruD3k1mMwo= github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= -github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= -github.com/pelletier/go-toml v1.9.0 h1:NOd0BRdOKpPf0SxkL3HxSQOG7rNh+4kl6PHcBPFs7Q0= -github.com/pelletier/go-toml v1.9.0/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/pelletier/go-toml v1.9.1 h1:a6qW1EVNZWH9WGI6CsYdD8WAylkoXBS5yv0XHlh17Tc= +github.com/pelletier/go-toml v1.9.1/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pierrec/lz4 v2.5.2+incompatible h1:WCjObylUIOlKy/+7Abdn34TLIkXiA4UWUMhxq9m9ZXI= github.com/pierrec/lz4 v2.5.2+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= github.com/pingcap/errors v0.11.4 h1:lFuQV/oaUMGcD2tqt+01ROSmJs75VG1ToEOkZIZ4nE4= @@ -567,7 +548,6 @@ github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFR github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/schollz/closestmatch v2.1.0+incompatible/go.mod h1:RtP1ddjLong6gTkbtmuhtR2uUrrJOpYzYRvbcPAid+g= @@ -594,7 +574,6 @@ github.com/spf13/cast v1.3.1 h1:nFm6S0SMdyzrzcmThSipiEubIDy8WEXKNZ0UOgiRpng= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= -github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= @@ -603,7 +582,6 @@ github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/spf13/viper v1.6.3/go.mod h1:jUMtyi0/lB5yZH/FjyGAoH7IMNrIhlBf6pXZmbMDvzw= -github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= github.com/spf13/viper v1.7.1 h1:pM5oEahlgWv/WnHXpgbKz7iLIxRf65tye2Ci+XFK5sk= github.com/spf13/viper v1.7.1/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -621,8 +599,6 @@ github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69 github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/toqueteos/webbrowser v1.2.0 h1:tVP/gpK69Fx+qMJKsLE7TD8LuGWPnEV71wBN9rrstGQ= -github.com/toqueteos/webbrowser v1.2.0/go.mod h1:XWoZq4cyp9WeUeak7w7LXRUQf1F1ATJMir8RTqb4ayM= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= @@ -657,7 +633,6 @@ github.com/yudai/pp v2.0.1+incompatible/go.mod h1:PuxR/8QJ7cyCkFp/aUDS+JY727OFEZ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/gopher-lua v0.0.0-20190206043414-8bfc7677f583/go.mod h1:gqRgreBUhTSL0GeU64rtZ3Uq3wtjOa/TB2YfrtkCbVQ= github.com/yuin/gopher-lua v0.0.0-20191213034115-f46add6fdb5c/go.mod h1:gqRgreBUhTSL0GeU64rtZ3Uq3wtjOa/TB2YfrtkCbVQ= github.com/yuin/gopher-lua v0.0.0-20191220021717-ab39c6098bdb h1:ZkM6LRnq40pR1Ox0hTHlnpkcOTuFIDQpZ1IN8rKKhX0= @@ -670,8 +645,9 @@ go.mongodb.org/mongo-driver v1.3.4/go.mod h1:MSWZXKOynuguX+JSvwP8i+58jYCXxbia8HS go.mongodb.org/mongo-driver v1.4.3/go.mod h1:WcMNYLx/IlOxLe6JRJiv2uXuCz6zBLndR4SoGjYphSc= go.mongodb.org/mongo-driver v1.4.4/go.mod h1:WcMNYLx/IlOxLe6JRJiv2uXuCz6zBLndR4SoGjYphSc= go.mongodb.org/mongo-driver v1.4.6/go.mod h1:WcMNYLx/IlOxLe6JRJiv2uXuCz6zBLndR4SoGjYphSc= -go.mongodb.org/mongo-driver v1.5.1 h1:9nOVLGDfOaZ9R0tBumx/BcuqkbFpyTCU2r/Po7A2azI= go.mongodb.org/mongo-driver v1.5.1/go.mod h1:gRXCHX4Jo7J0IJ1oDQyUxF7jfy19UfxniMS4xxMmUqw= +go.mongodb.org/mongo-driver v1.5.2 h1:AsxOLoJTgP6YNM0fXWw4OjdluYmWzQYp+lFJL7xu9fU= +go.mongodb.org/mongo-driver v1.5.2/go.mod h1:gRXCHX4Jo7J0IJ1oDQyUxF7jfy19UfxniMS4xxMmUqw= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -731,8 +707,6 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -773,15 +747,13 @@ golang.org/x/net v0.0.0-20200602114024-627f9648deb9/go.mod h1:qpuaurCH72eLCgpAm/ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210331060903-cb1fcc7394e5/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20210423184538-5f58ad60dda6 h1:0PC75Fz/kyMGhL0e1QnypqK2kQMqKt9csD1GnMJR+Zk= -golang.org/x/net v0.0.0-20210423184538-5f58ad60dda6/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= +golang.org/x/net v0.0.0-20210510120150-4163338589ed h1:p9UgmWI9wKpfYmgaV/IZKGdXc5qEK45tDwwwDyjS26I= +golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -798,7 +770,6 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -849,12 +820,9 @@ golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210426080607-c94f62235c83 h1:kHSDPqCtsHZOg0nVylfTo20DDhE9gG4Y0jn7hKQ0QAM= -golang.org/x/sys v0.0.0-20210426080607-c94f62235c83/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210514084401-e8d321eab015 h1:hZR0X1kPW+nwyJ9xRxqZk1vx5RUObAPBdKVvXPDUH/E= +golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -921,8 +889,6 @@ golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.1.0 h1:po9/4sTYwZU9lPhi1tOrb4hCv3qrhiQ77LZfGa2OjwY= -golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/outpost/pkg/ak/api.go b/outpost/pkg/ak/api.go index 1e18eb3bc1..f39d880f05 100644 --- a/outpost/pkg/ak/api.go +++ b/outpost/pkg/ak/api.go @@ -1,21 +1,21 @@ package ak import ( + "context" + "fmt" "math/rand" + "net/http" "net/url" "os" "time" - "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" "github.com/google/uuid" "github.com/pkg/errors" "github.com/recws-org/recws" + "goauthentik.io/outpost/api" "goauthentik.io/outpost/pkg" - "goauthentik.io/outpost/pkg/client" - "goauthentik.io/outpost/pkg/client/outposts" - httptransport "github.com/go-openapi/runtime/client" - "github.com/go-openapi/strfmt" log "github.com/sirupsen/logrus" ) @@ -25,8 +25,7 @@ const ConfigErrorReportingEnvironment = "error_reporting_environment" // APIController main controller which connects to the authentik api via http and ws type APIController struct { - Client *client.Authentik - Auth runtime.ClientAuthInfoWriter + Client *api.APIClient token string Server Outpost @@ -41,31 +40,32 @@ type APIController struct { // NewAPIController initialise new API Controller instance from URL and API token func NewAPIController(akURL url.URL, token string) *APIController { - transport := httptransport.New(akURL.Host, client.DefaultBasePath, []string{akURL.Scheme}) - transport.Transport = SetUserAgent(GetTLSTransport(), pkg.UserAgent()) - - // create the transport - auth := httptransport.BearerToken(token) + config := api.NewConfiguration() + config.Host = akURL.Host + config.Scheme = akURL.Scheme + config.HTTPClient = &http.Client{ + Transport: SetUserAgent(GetTLSTransport(), pkg.UserAgent()), + } + config.AddDefaultHeader("Authorization", fmt.Sprintf("Bearer %s", token)) // create the API client, with the transport - apiClient := client.New(transport, strfmt.Default) + apiClient := api.NewAPIClient(config) log := log.WithField("logger", "authentik.outpost.ak-api-controller") // Because we don't know the outpost UUID, we simply do a list and pick the first // The service account this token belongs to should only have access to a single outpost - outposts, err := apiClient.Outposts.OutpostsInstancesList(outposts.NewOutpostsInstancesListParams(), auth) + outposts, _, err := apiClient.OutpostsApi.OutpostsInstancesList(context.Background()).Execute() if err != nil { log.WithError(err).Error("Failed to fetch configuration") os.Exit(1) } - outpost := outposts.Payload.Results[0] - doGlobalSetup(outpost.Config.(map[string]interface{})) + outpost := outposts.Results[0] + doGlobalSetup(outpost.Config) ac := &APIController{ Client: apiClient, - Auth: auth, token: token, logger: log, @@ -74,7 +74,7 @@ func NewAPIController(akURL url.URL, token string) *APIController { instanceUUID: uuid.New(), } ac.logger.Debugf("HA Reload offset: %s", ac.reloadOffset) - ac.initWS(akURL, outpost.Pk) + ac.initWS(akURL, strfmt.UUID(outpost.Pk)) return ac } diff --git a/outpost/pkg/ak/api_update.go b/outpost/pkg/ak/api_update.go index 48dbbd1db0..d2fea76ab4 100644 --- a/outpost/pkg/ak/api_update.go +++ b/outpost/pkg/ak/api_update.go @@ -1,15 +1,16 @@ package ak import ( - "goauthentik.io/outpost/pkg/client/outposts" - "goauthentik.io/outpost/pkg/models" + "context" + + "goauthentik.io/outpost/api" ) -func (a *APIController) Update() ([]*models.ProxyOutpostConfig, error) { - providers, err := a.Client.Outposts.OutpostsProxyList(outposts.NewOutpostsProxyListParams(), a.Auth) +func (a *APIController) Update() ([]api.ProxyOutpostConfig, error) { + providers, _, err := a.Client.OutpostsApi.OutpostsProxyList(context.Background()).Execute() if err != nil { a.logger.WithError(err).Error("Failed to fetch providers") return nil, err } - return providers.Payload.Results, nil + return providers.Results, nil } diff --git a/outpost/pkg/ldap/api.go b/outpost/pkg/ldap/api.go index 69203cbdac..33ef3f3078 100644 --- a/outpost/pkg/ldap/api.go +++ b/outpost/pkg/ldap/api.go @@ -1,6 +1,7 @@ package ldap import ( + "context" "errors" "fmt" "net/http" @@ -9,28 +10,27 @@ import ( "github.com/go-openapi/strfmt" log "github.com/sirupsen/logrus" - "goauthentik.io/outpost/pkg/client/outposts" ) func (ls *LDAPServer) Refresh() error { - outposts, err := ls.ac.Client.Outposts.OutpostsLdapList(outposts.NewOutpostsLdapListParams(), ls.ac.Auth) + outposts, _, err := ls.ac.Client.OutpostsApi.OutpostsLdapList(context.Background()).Execute() if err != nil { return err } - if len(outposts.Payload.Results) < 1 { + if len(outposts.Results) < 1 { return errors.New("no ldap provider defined") } - providers := make([]*ProviderInstance, len(outposts.Payload.Results)) - for idx, provider := range outposts.Payload.Results { - userDN := strings.ToLower(fmt.Sprintf("ou=users,%s", provider.BaseDn)) - groupDN := strings.ToLower(fmt.Sprintf("ou=groups,%s", provider.BaseDn)) + providers := make([]*ProviderInstance, len(outposts.Results)) + for idx, provider := range outposts.Results { + userDN := strings.ToLower(fmt.Sprintf("ou=users,%s", *provider.BaseDn)) + groupDN := strings.ToLower(fmt.Sprintf("ou=groups,%s", *provider.BaseDn)) providers[idx] = &ProviderInstance{ - BaseDN: provider.BaseDn, + BaseDN: *provider.BaseDn, GroupDN: groupDN, UserDN: userDN, - appSlug: *provider.ApplicationSlug, - flowSlug: *provider.BindFlowSlug, - searchAllowedGroups: []*strfmt.UUID{provider.SearchGroup}, + appSlug: provider.ApplicationSlug, + flowSlug: provider.BindFlowSlug, + searchAllowedGroups: []*strfmt.UUID{(*strfmt.UUID)(provider.SearchGroup.Get())}, boundUsersMutex: sync.RWMutex{}, boundUsers: make(map[string]UserFlags), s: ls, diff --git a/outpost/pkg/ldap/instance_bind.go b/outpost/pkg/ldap/instance_bind.go index 915d2b34a6..2ffd9a9daa 100644 --- a/outpost/pkg/ldap/instance_bind.go +++ b/outpost/pkg/ldap/instance_bind.go @@ -12,25 +12,14 @@ import ( "time" goldap "github.com/go-ldap/ldap/v3" - httptransport "github.com/go-openapi/runtime/client" "github.com/nmcclain/ldap" + "goauthentik.io/outpost/api" "goauthentik.io/outpost/pkg" "goauthentik.io/outpost/pkg/ak" - "goauthentik.io/outpost/pkg/client/core" - "goauthentik.io/outpost/pkg/client/flows" - "goauthentik.io/outpost/pkg/models" ) const ContextUserKey = "ak_user" -type UIDResponse struct { - UIDFIeld string `json:"uid_field"` -} - -type PasswordResponse struct { - Password string `json:"password"` -} - func (pi *ProviderInstance) getUsername(dn string) (string, error) { if !strings.HasSuffix(strings.ToLower(dn), strings.ToLower(pi.BaseDN)) { return "", errors.New("invalid base DN") @@ -60,16 +49,25 @@ func (pi *ProviderInstance) Bind(username string, bindDN, bindPW string, conn ne pi.log.WithError(err).Warning("Failed to get remote IP") return ldap.LDAPResultOperationsError, nil } + // Create new http client that also sets the correct ip - client := &http.Client{ + config := api.NewConfiguration() + // Carry over the bearer authentication, so that failed login attempts are attributed to the outpost + config.DefaultHeader = pi.s.ac.Client.GetConfig().DefaultHeader + config.Host = pi.s.ac.Client.GetConfig().Host + config.Scheme = pi.s.ac.Client.GetConfig().Scheme + config.HTTPClient = &http.Client{ Jar: jar, Transport: newTransport(ak.SetUserAgent(ak.GetTLSTransport(), pkg.UserAgent()), map[string]string{ "X-authentik-remote-ip": host, }), } + // create the API client, with the transport + apiClient := api.NewAPIClient(config) + params := url.Values{} params.Add("goauthentik.io/outpost/ldap", "true") - passed, err := pi.solveFlowChallenge(username, bindPW, client, params.Encode(), 1) + passed, err := pi.solveFlowChallenge(username, bindPW, apiClient, params.Encode(), 1) if err != nil { pi.log.WithField("bindDN", bindDN).WithError(err).Warning("failed to solve challenge") return ldap.LDAPResultOperationsError, nil @@ -77,33 +75,26 @@ func (pi *ProviderInstance) Bind(username string, bindDN, bindPW string, conn ne if !passed { return ldap.LDAPResultInvalidCredentials, nil } - _, err = pi.s.ac.Client.Core.CoreApplicationsCheckAccess(&core.CoreApplicationsCheckAccessParams{ - Slug: pi.appSlug, - Context: context.Background(), - HTTPClient: client, - }, httptransport.PassThroughAuth) + r, err := pi.s.ac.Client.CoreApi.CoreApplicationsCheckAccessRetrieve(context.Background(), pi.appSlug).Execute() + if r.StatusCode == 403 { + pi.log.WithField("bindDN", bindDN).Info("Access denied for user") + return ldap.LDAPResultInsufficientAccessRights, nil + } if err != nil { - if _, denied := err.(*core.CoreApplicationsCheckAccessForbidden); denied { - pi.log.WithField("bindDN", bindDN).Info("Access denied for user") - return ldap.LDAPResultInsufficientAccessRights, nil - } pi.log.WithField("bindDN", bindDN).WithError(err).Warning("failed to check access") return ldap.LDAPResultOperationsError, nil } pi.log.WithField("bindDN", bindDN).Info("User has access") // Get user info to store in context - userInfo, err := pi.s.ac.Client.Core.CoreUsersMe(&core.CoreUsersMeParams{ - Context: context.Background(), - HTTPClient: client, - }, httptransport.PassThroughAuth) + userInfo, _, err := pi.s.ac.Client.CoreApi.CoreUsersMeRetrieve(context.Background()).Execute() if err != nil { pi.log.WithField("bindDN", bindDN).WithError(err).Warning("failed to get user info") return ldap.LDAPResultOperationsError, nil } pi.boundUsersMutex.Lock() pi.boundUsers[bindDN] = UserFlags{ - UserInfo: *userInfo.Payload.User, - CanSearch: pi.SearchAccessCheck(userInfo.Payload.User), + UserInfo: userInfo.User, + CanSearch: pi.SearchAccessCheck(userInfo.User), } defer pi.boundUsersMutex.Unlock() pi.delayDeleteUserInfo(username) @@ -111,11 +102,11 @@ func (pi *ProviderInstance) Bind(username string, bindDN, bindPW string, conn ne } // SearchAccessCheck Check if the current user is allowed to search -func (pi *ProviderInstance) SearchAccessCheck(user *models.User) bool { +func (pi *ProviderInstance) SearchAccessCheck(user api.User) bool { for _, group := range user.Groups { for _, allowedGroup := range pi.searchAllowedGroups { pi.log.WithField("userGroup", group.Pk).WithField("allowedGroup", allowedGroup).Trace("Checking search access") - if group.Pk.String() == allowedGroup.String() { + if group.Pk == allowedGroup.String() { pi.log.WithField("group", group.Name).Info("Allowed access to search") return true } @@ -142,51 +133,48 @@ func (pi *ProviderInstance) delayDeleteUserInfo(dn string) { }() } -func (pi *ProviderInstance) solveFlowChallenge(bindDN string, password string, client *http.Client, urlParams string, depth int) (bool, error) { - challenge, err := pi.s.ac.Client.Flows.FlowsExecutorGet(&flows.FlowsExecutorGetParams{ - FlowSlug: pi.flowSlug, - Query: urlParams, - Context: context.Background(), - HTTPClient: client, - }, pi.s.ac.Auth) +func (pi *ProviderInstance) solveFlowChallenge(bindDN string, password string, client *api.APIClient, urlParams string, depth int) (bool, error) { + req := client.FlowsApi.FlowsExecutorGet(context.Background(), pi.flowSlug) + req.Query(urlParams) + challenge, _, err := req.Execute() if err != nil { pi.log.WithError(err).Warning("Failed to get challenge") return false, err } - pi.log.WithField("component", challenge.Payload.Component).WithField("type", *challenge.Payload.Type).Debug("Got challenge") - responseParams := &flows.FlowsExecutorSolveParams{ - FlowSlug: pi.flowSlug, - Query: urlParams, - Context: context.Background(), - HTTPClient: client, - } - switch challenge.Payload.Component { + pi.log.WithField("component", challenge.Component).WithField("type", challenge.Type).Debug("Got challenge") + responseReq := client.FlowsApi.FlowsExecutorSolve(context.Background(), pi.flowSlug) + responseReq.Query(urlParams) + switch *challenge.Component { case "ak-stage-identification": - responseParams.Data = &UIDResponse{UIDFIeld: bindDN} + responseReq.RequestBody(map[string]interface{}{ + "uid_field": bindDN, + }) case "ak-stage-password": - responseParams.Data = &PasswordResponse{Password: password} + responseReq.RequestBody(map[string]interface{}{ + "password": password, + }) case "ak-stage-access-denied": return false, errors.New("got ak-stage-access-denied") default: - return false, fmt.Errorf("unsupported challenge type: %s", challenge.Payload.Component) + return false, fmt.Errorf("unsupported challenge type: %s", *challenge.Component) } - response, err := pi.s.ac.Client.Flows.FlowsExecutorSolve(responseParams, pi.s.ac.Auth) - pi.log.WithField("component", response.Payload.Component).WithField("type", *response.Payload.Type).Debug("Got response") - switch response.Payload.Component { + response, _, err := responseReq.Execute() + pi.log.WithField("component", response.Component).WithField("type", response.Type).Debug("Got response") + switch *response.Component { case "ak-stage-access-denied": return false, errors.New("got ak-stage-access-denied") } - if *response.Payload.Type == "redirect" { + if response.Type == "redirect" { return true, nil } if err != nil { pi.log.WithError(err).Warning("Failed to submit challenge") return false, err } - if len(response.Payload.ResponseErrors) > 0 { - for key, errs := range response.Payload.ResponseErrors { + if len(*response.ResponseErrors) > 0 { + for key, errs := range *response.ResponseErrors { for _, err := range errs { - pi.log.WithField("key", key).WithField("code", *err.Code).Debug(*err.String) + pi.log.WithField("key", key).WithField("code", err.Code).Debug(err.String) return false, nil } } diff --git a/outpost/pkg/ldap/instance_search.go b/outpost/pkg/ldap/instance_search.go index 959fe52a0a..f5a4462c78 100644 --- a/outpost/pkg/ldap/instance_search.go +++ b/outpost/pkg/ldap/instance_search.go @@ -1,13 +1,13 @@ package ldap import ( + "context" "errors" "fmt" "net" "strings" "github.com/nmcclain/ldap" - "goauthentik.io/outpost/pkg/client/core" ) func (pi *ProviderInstance) Search(bindDN string, searchReq ldap.SearchRequest, conn net.Conn) (ldap.ServerSearchResult, error) { @@ -43,16 +43,16 @@ func (pi *ProviderInstance) Search(bindDN string, searchReq ldap.SearchRequest, default: return ldap.ServerSearchResult{ResultCode: ldap.LDAPResultOperationsError}, fmt.Errorf("Search Error: unhandled filter type: %s [%s]", filterEntity, searchReq.Filter) case GroupObjectClass: - groups, err := pi.s.ac.Client.Core.CoreGroupsList(core.NewCoreGroupsListParams(), pi.s.ac.Auth) + groups, _, err := pi.s.ac.Client.CoreApi.CoreGroupsList(context.Background()).Execute() if err != nil { return ldap.ServerSearchResult{ResultCode: ldap.LDAPResultOperationsError}, fmt.Errorf("API Error: %s", err) } - pi.log.WithField("count", len(groups.Payload.Results)).Trace("Got results from API") - for _, g := range groups.Payload.Results { + pi.log.WithField("count", len(groups.Results)).Trace("Got results from API") + for _, g := range groups.Results { attrs := []*ldap.EntryAttribute{ { Name: "cn", - Values: []string{*g.Name}, + Values: []string{g.Name}, }, { Name: "uid", @@ -69,31 +69,31 @@ func (pi *ProviderInstance) Search(bindDN string, searchReq ldap.SearchRequest, entries = append(entries, &ldap.Entry{DN: dn, Attributes: attrs}) } case UserObjectClass, "": - users, err := pi.s.ac.Client.Core.CoreUsersList(core.NewCoreUsersListParams(), pi.s.ac.Auth) + users, _, err := pi.s.ac.Client.CoreApi.CoreUsersList(context.Background()).Execute() if err != nil { return ldap.ServerSearchResult{ResultCode: ldap.LDAPResultOperationsError}, fmt.Errorf("API Error: %s", err) } - for _, u := range users.Payload.Results { + for _, u := range users.Results { attrs := []*ldap.EntryAttribute{ { Name: "cn", - Values: []string{*u.Username}, + Values: []string{u.Username}, }, { Name: "uid", - Values: []string{u.UID}, + Values: []string{u.Uid}, }, { Name: "name", - Values: []string{*u.Name}, + Values: []string{u.Name}, }, { Name: "displayName", - Values: []string{*u.Name}, + Values: []string{u.Name}, }, { Name: "mail", - Values: []string{u.Email.String()}, + Values: []string{*u.Email}, }, { Name: "objectClass", @@ -101,13 +101,13 @@ func (pi *ProviderInstance) Search(bindDN string, searchReq ldap.SearchRequest, }, } - if u.IsActive { + if *u.IsActive { attrs = append(attrs, &ldap.EntryAttribute{Name: "accountStatus", Values: []string{"inactive"}}) } else { attrs = append(attrs, &ldap.EntryAttribute{Name: "accountStatus", Values: []string{"active"}}) } - if *u.IsSuperuser { + if u.IsSuperuser { attrs = append(attrs, &ldap.EntryAttribute{Name: "superuser", Values: []string{"inactive"}}) } else { attrs = append(attrs, &ldap.EntryAttribute{Name: "superuser", Values: []string{"active"}}) @@ -117,7 +117,7 @@ func (pi *ProviderInstance) Search(bindDN string, searchReq ldap.SearchRequest, attrs = append(attrs, AKAttrsToLDAP(u.Attributes)...) - dn := fmt.Sprintf("cn=%s,%s", *u.Username, pi.UserDN) + dn := fmt.Sprintf("cn=%s,%s", u.Username, pi.UserDN) entries = append(entries, &ldap.Entry{DN: dn, Attributes: attrs}) } } diff --git a/outpost/pkg/ldap/ldap.go b/outpost/pkg/ldap/ldap.go index f7253108eb..3ad2a1d408 100644 --- a/outpost/pkg/ldap/ldap.go +++ b/outpost/pkg/ldap/ldap.go @@ -5,8 +5,8 @@ import ( "github.com/go-openapi/strfmt" log "github.com/sirupsen/logrus" + "goauthentik.io/outpost/api" "goauthentik.io/outpost/pkg/ak" - "goauthentik.io/outpost/pkg/models" "github.com/nmcclain/ldap" ) @@ -31,7 +31,7 @@ type ProviderInstance struct { } type UserFlags struct { - UserInfo models.User + UserInfo api.User CanSearch bool } diff --git a/outpost/pkg/ldap/utils.go b/outpost/pkg/ldap/utils.go index 244c199f89..4c8dc57041 100644 --- a/outpost/pkg/ldap/utils.go +++ b/outpost/pkg/ldap/utils.go @@ -4,7 +4,7 @@ import ( "fmt" "github.com/nmcclain/ldap" - "goauthentik.io/outpost/pkg/models" + "goauthentik.io/outpost/api" ) func AKAttrsToLDAP(attrs interface{}) []*ldap.EntryAttribute { @@ -22,7 +22,7 @@ func AKAttrsToLDAP(attrs interface{}) []*ldap.EntryAttribute { return attrList } -func (pi *ProviderInstance) GroupsForUser(user *models.User) []string { +func (pi *ProviderInstance) GroupsForUser(user api.User) []string { groups := make([]string, len(user.Groups)) for i, group := range user.Groups { groups[i] = pi.GetGroupDN(group) @@ -30,6 +30,6 @@ func (pi *ProviderInstance) GroupsForUser(user *models.User) []string { return groups } -func (pi *ProviderInstance) GetGroupDN(group *models.Group) string { - return fmt.Sprintf("cn=%s,%s", *group.Name, pi.GroupDN) +func (pi *ProviderInstance) GetGroupDN(group api.Group) string { + return fmt.Sprintf("cn=%s,%s", group.Name, pi.GroupDN) } diff --git a/outpost/pkg/proxy/api.go b/outpost/pkg/proxy/api.go index 87d982a782..e9526e3db1 100644 --- a/outpost/pkg/proxy/api.go +++ b/outpost/pkg/proxy/api.go @@ -4,7 +4,7 @@ import ( "net/url" log "github.com/sirupsen/logrus" - "goauthentik.io/outpost/pkg/models" + "goauthentik.io/outpost/api" ) func (s *Server) Refresh() error { @@ -21,10 +21,10 @@ func (s *Server) Refresh() error { return nil } -func (s *Server) bundleProviders(providers []*models.ProxyOutpostConfig) []*providerBundle { +func (s *Server) bundleProviders(providers []api.ProxyOutpostConfig) []*providerBundle { bundles := make([]*providerBundle, len(providers)) for idx, provider := range providers { - externalHost, err := url.Parse(*provider.ExternalHost) + externalHost, err := url.Parse(provider.ExternalHost) if err != nil { log.WithError(err).Warning("Failed to parse URL, skipping provider") } diff --git a/outpost/pkg/proxy/api_bundle.go b/outpost/pkg/proxy/api_bundle.go index 9b7a98cfac..c23e9bfe0f 100644 --- a/outpost/pkg/proxy/api_bundle.go +++ b/outpost/pkg/proxy/api_bundle.go @@ -15,8 +15,7 @@ import ( "github.com/oauth2-proxy/oauth2-proxy/pkg/middleware" "github.com/oauth2-proxy/oauth2-proxy/pkg/validation" log "github.com/sirupsen/logrus" - "goauthentik.io/outpost/pkg/client/crypto" - "goauthentik.io/outpost/pkg/models" + "goauthentik.io/outpost/api" ) type providerBundle struct { @@ -35,8 +34,8 @@ func intToPointer(i int) *int { return &i } -func (pb *providerBundle) prepareOpts(provider *models.ProxyOutpostConfig) *options.Options { - externalHost, err := url.Parse(*provider.ExternalHost) +func (pb *providerBundle) prepareOpts(provider api.ProxyOutpostConfig) *options.Options { + externalHost, err := url.Parse(provider.ExternalHost) if err != nil { log.WithError(err).Warning("Failed to parse URL, skipping provider") return nil @@ -47,25 +46,25 @@ func (pb *providerBundle) prepareOpts(provider *models.ProxyOutpostConfig) *opti log.WithError(err).Warning("Failed to copy options, skipping provider") return nil } - providerOpts.ClientID = provider.ClientID - providerOpts.ClientSecret = provider.ClientSecret + providerOpts.ClientID = *provider.ClientId + providerOpts.ClientSecret = *provider.ClientSecret - providerOpts.Cookie.Secret = provider.CookieSecret + providerOpts.Cookie.Secret = *provider.CookieSecret providerOpts.Cookie.Secure = externalHost.Scheme == "https" providerOpts.SkipOIDCDiscovery = true - providerOpts.OIDCIssuerURL = *provider.OidcConfiguration.Issuer - providerOpts.LoginURL = *provider.OidcConfiguration.AuthorizationEndpoint - providerOpts.RedeemURL = *provider.OidcConfiguration.TokenEndpoint - providerOpts.OIDCJwksURL = *provider.OidcConfiguration.JwksURI - providerOpts.ProfileURL = *provider.OidcConfiguration.UserinfoEndpoint + providerOpts.OIDCIssuerURL = provider.OidcConfiguration.Issuer + providerOpts.LoginURL = provider.OidcConfiguration.AuthorizationEndpoint + providerOpts.RedeemURL = provider.OidcConfiguration.TokenEndpoint + providerOpts.OIDCJwksURL = provider.OidcConfiguration.JwksUri + providerOpts.ProfileURL = provider.OidcConfiguration.UserinfoEndpoint - if provider.SkipPathRegex != "" { - skipRegexes := strings.Split(provider.SkipPathRegex, "\n") + if *provider.SkipPathRegex != "" { + skipRegexes := strings.Split(*provider.SkipPathRegex, "\n") providerOpts.SkipAuthRegex = skipRegexes } - if provider.ForwardAuthMode { + if *provider.ForwardAuthMode { providerOpts.UpstreamServers = []options.Upstream{ { ID: "static", @@ -78,33 +77,27 @@ func (pb *providerBundle) prepareOpts(provider *models.ProxyOutpostConfig) *opti providerOpts.UpstreamServers = []options.Upstream{ { ID: "default", - URI: provider.InternalHost, + URI: *provider.InternalHost, Path: "/", - InsecureSkipTLSVerify: !provider.InternalHostSslValidation, + InsecureSkipTLSVerify: !(*provider.InternalHostSslValidation), }, } } - if provider.Certificate != nil { + if provider.Certificate.Get() != nil { pb.log.WithField("provider", provider.Name).Debug("Enabling TLS") - cert, err := pb.s.ak.Client.Crypto.CryptoCertificatekeypairsViewCertificate(&crypto.CryptoCertificatekeypairsViewCertificateParams{ - Context: context.Background(), - KpUUID: *provider.Certificate, - }, pb.s.ak.Auth) + cert, _, err := pb.s.ak.Client.CryptoApi.CryptoCertificatekeypairsViewCertificateRetrieve(context.Background(), *provider.Certificate.Get()).Execute() if err != nil { pb.log.WithField("provider", provider.Name).WithError(err).Warning("Failed to fetch certificate") return providerOpts } - key, err := pb.s.ak.Client.Crypto.CryptoCertificatekeypairsViewPrivateKey(&crypto.CryptoCertificatekeypairsViewPrivateKeyParams{ - Context: context.Background(), - KpUUID: *provider.Certificate, - }, pb.s.ak.Auth) + key, _, err := pb.s.ak.Client.CryptoApi.CryptoCertificatekeypairsViewPrivateKeyRetrieve(context.Background(), *provider.Certificate.Get()).Execute() if err != nil { pb.log.WithField("provider", provider.Name).WithError(err).Warning("Failed to fetch private key") return providerOpts } - x509cert, err := tls.X509KeyPair([]byte(cert.Payload.Data), []byte(key.Payload.Data)) + x509cert, err := tls.X509KeyPair([]byte(cert.Data), []byte(key.Data)) if err != nil { pb.log.WithField("provider", provider.Name).WithError(err).Warning("Failed to parse certificate") return providerOpts @@ -115,7 +108,7 @@ func (pb *providerBundle) prepareOpts(provider *models.ProxyOutpostConfig) *opti return providerOpts } -func (pb *providerBundle) Build(provider *models.ProxyOutpostConfig) { +func (pb *providerBundle) Build(provider api.ProxyOutpostConfig) { opts := pb.prepareOpts(provider) chain := alice.New() @@ -154,10 +147,10 @@ func (pb *providerBundle) Build(provider *models.ProxyOutpostConfig) { os.Exit(1) } - if provider.BasicAuthEnabled { + if *provider.BasicAuthEnabled { oauthproxy.SetBasicAuth = true - oauthproxy.BasicAuthUserAttribute = provider.BasicAuthUserAttribute - oauthproxy.BasicAuthPasswordAttribute = provider.BasicAuthPasswordAttribute + oauthproxy.BasicAuthUserAttribute = *provider.BasicAuthUserAttribute + oauthproxy.BasicAuthPasswordAttribute = *provider.BasicAuthPasswordAttribute } pb.proxy = oauthproxy diff --git a/outpost/pkg/proxy/proxy.go b/outpost/pkg/proxy/proxy.go index 897e97a30b..94e4f5425e 100644 --- a/outpost/pkg/proxy/proxy.go +++ b/outpost/pkg/proxy/proxy.go @@ -21,7 +21,7 @@ import ( "github.com/oauth2-proxy/oauth2-proxy/pkg/sessions" "github.com/oauth2-proxy/oauth2-proxy/pkg/upstream" "github.com/oauth2-proxy/oauth2-proxy/providers" - "goauthentik.io/outpost/pkg/models" + "goauthentik.io/outpost/api" log "github.com/sirupsen/logrus" ) @@ -94,7 +94,7 @@ type OAuthProxy struct { } // NewOAuthProxy creates a new instance of OAuthProxy from the options provided -func NewOAuthProxy(opts *options.Options, provider *models.ProxyOutpostConfig) (*OAuthProxy, error) { +func NewOAuthProxy(opts *options.Options, provider api.ProxyOutpostConfig) (*OAuthProxy, error) { logger := log.WithField("logger", "authentik.outpost.proxy").WithField("provider", provider.Name) sessionStore, err := sessions.NewSessionStore(&opts.Session, &opts.Cookie) if err != nil { @@ -133,7 +133,7 @@ func NewOAuthProxy(opts *options.Options, provider *models.ProxyOutpostConfig) ( CookieRefresh: opts.Cookie.Refresh, CookieSameSite: opts.Cookie.SameSite, - forwardAuthMode: provider.ForwardAuthMode, + forwardAuthMode: *provider.ForwardAuthMode, RobotsPath: "/robots.txt", SignInPath: fmt.Sprintf("%s/sign_in", opts.ProxyPrefix), SignOutPath: fmt.Sprintf("%s/sign_out", opts.ProxyPrefix), diff --git a/schema.yml b/schema.yml new file mode 100644 index 0000000000..88147f1a95 --- /dev/null +++ b/schema.yml @@ -0,0 +1,23973 @@ +openapi: 3.0.3 +info: + title: authentik + version: 2021.5.2 + description: Making authentication simple. + contact: + email: hello@beryju.org + license: + name: GNU GPLv3 + url: https://github.com/goauthentik/authentik/blob/master/LICENSE +paths: + /api/v2beta/admin/apps/: + get: + operationId: admin_apps_list + description: List current messages and pass into Serializer + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/App' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/admin/metrics/: + get: + operationId: admin_metrics_retrieve + description: Login Metrics per 1h + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LoginMetrics' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/admin/system_tasks/: + get: + operationId: admin_system_tasks_list + description: List system tasks + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Task' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/admin/system_tasks/{id}/: + get: + operationId: admin_system_tasks_retrieve + description: Get a single system task + parameters: + - in: path + name: id + schema: + type: string + required: true + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Task' + description: '' + '404': + description: Task not found + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/admin/system_tasks/{id}/retry/: + post: + operationId: admin_system_tasks_retry_create + description: Retry task + parameters: + - in: path + name: id + schema: + type: string + required: true + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: Task retried successfully + '404': + description: Task not found + '500': + description: Failed to retry task + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/admin/version/: + get: + operationId: admin_version_retrieve + description: Get running and latest version. + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Version' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/admin/workers/: + get: + operationId: admin_workers_retrieve + description: Get currently connected worker count. + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Workers' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/admin/static/: + get: + operationId: authenticators_admin_static_list + description: Viewset for static authenticator devices (for admins) + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedStaticDeviceList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/admin/static/{id}/: + get: + operationId: authenticators_admin_static_retrieve + description: Viewset for static authenticator devices (for admins) + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/admin/totp/: + get: + operationId: authenticators_admin_totp_list + description: Viewset for totp authenticator devices (for admins) + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedTOTPDeviceList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/admin/totp/{id}/: + get: + operationId: authenticators_admin_totp_retrieve + description: Viewset for totp authenticator devices (for admins) + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/admin/webauthn/: + get: + operationId: authenticators_admin_webauthn_list + description: Viewset for WebAuthn authenticator devices (for admins) + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedWebAuthnDeviceList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/admin/webauthn/{id}/: + get: + operationId: authenticators_admin_webauthn_retrieve + description: Viewset for WebAuthn authenticator devices (for admins) + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/static/: + get: + operationId: authenticators_static_list + description: Viewset for static authenticator devices + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedStaticDeviceList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: authenticators_static_create + description: Viewset for static authenticator devices + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/static/{id}/: + get: + operationId: authenticators_static_retrieve + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: authenticators_static_update + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: authenticators_static_partial_update + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedStaticDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedStaticDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedStaticDeviceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: authenticators_static_destroy + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/totp/: + get: + operationId: authenticators_totp_list + description: Viewset for totp authenticator devices + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedTOTPDeviceList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: authenticators_totp_create + description: Viewset for totp authenticator devices + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/totp/{id}/: + get: + operationId: authenticators_totp_retrieve + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: authenticators_totp_update + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: authenticators_totp_partial_update + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedTOTPDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedTOTPDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedTOTPDeviceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: authenticators_totp_destroy + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/webauthn/: + get: + operationId: authenticators_webauthn_list + description: Viewset for WebAuthn authenticator devices + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedWebAuthnDeviceList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: authenticators_webauthn_create + description: Viewset for WebAuthn authenticator devices + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/authenticators/webauthn/{id}/: + get: + operationId: authenticators_webauthn_retrieve + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: authenticators_webauthn_update + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: authenticators_webauthn_partial_update + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: authenticators_webauthn_destroy + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/applications/: + get: + operationId: core_applications_list + description: Custom list method that checks Policy based access instead of guardian + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: superuser_full_list + schema: + type: boolean + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedApplicationList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: core_applications_create + description: Application Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ApplicationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ApplicationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/applications/{slug}/: + get: + operationId: core_applications_retrieve + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: core_applications_update + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ApplicationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ApplicationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: core_applications_partial_update + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedApplicationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedApplicationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedApplicationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: core_applications_destroy + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/applications/{slug}/check_access/: + get: + operationId: core_applications_check_access_retrieve + description: Check access to a single application by slug + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: Access granted + '403': + description: Access denied + '400': + $ref: '#/components/schemas/ValidationError' + /api/v2beta/core/applications/{slug}/metrics/: + get: + operationId: core_applications_metrics_list + description: Metrics for application logins + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Coordinate' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/applications/{slug}/set_icon/: + post: + operationId: core_applications_set_icon_create + description: Set application icon + parameters: + - in: query + name: file + schema: + type: string + format: binary + required: true + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + description: Success + '400': + description: Bad request + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/groups/: + get: + operationId: core_groups_list + description: Group Viewset + parameters: + - in: query + name: is_superuser + schema: + type: boolean + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedGroupList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: core_groups_create + description: Group Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GroupRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/GroupRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/GroupRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/groups/{group_uuid}/: + get: + operationId: core_groups_retrieve + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: core_groups_update + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GroupRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/GroupRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/GroupRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: core_groups_partial_update + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedGroupRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedGroupRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedGroupRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: core_groups_destroy + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/tokens/: + get: + operationId: core_tokens_list + description: Token Viewset + parameters: + - in: query + name: description + schema: + type: string + - in: query + name: identifier + schema: + type: string + - in: query + name: intent + schema: + type: string + enum: + - api + - recovery + - verification + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user__username + schema: + type: string + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedTokenList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: core_tokens_create + description: Token Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TokenRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TokenRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TokenRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/tokens/{identifier}/: + get: + operationId: core_tokens_retrieve + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: core_tokens_update + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TokenRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TokenRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TokenRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: core_tokens_partial_update + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedTokenRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedTokenRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedTokenRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: core_tokens_destroy + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/tokens/{identifier}/view_key/: + get: + operationId: core_tokens_view_key_retrieve + description: Return token key and log access + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TokenView' + description: '' + '404': + description: Token not found or expired + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/user_consent/: + get: + operationId: core_user_consent_list + description: UserConsent Viewset + parameters: + - in: query + name: application + schema: + type: string + format: uuid + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user + schema: + type: integer + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserConsentList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/user_consent/{id}/: + get: + operationId: core_user_consent_retrieve + description: UserConsent Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User Consent. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserConsent' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: core_user_consent_destroy + description: UserConsent Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User Consent. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/users/: + get: + operationId: core_users_list + description: User Viewset + parameters: + - in: query + name: attributes + schema: + type: string + description: Attributes + - in: query + name: is_active + schema: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + - in: query + name: is_superuser + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: username + schema: + type: string + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: core_users_create + description: User Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/users/{id}/: + get: + operationId: core_users_retrieve + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: core_users_update + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: core_users_partial_update + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: core_users_destroy + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/users/{id}/metrics/: + get: + operationId: core_users_metrics_retrieve + description: User metrics per 1h + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserMetrics' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/users/{id}/recovery/: + get: + operationId: core_users_recovery_retrieve + description: Create a temporary link that a user can use to recover their accounts + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Link' + description: '' + '404': + description: No recovery flow found. + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/core/users/me/: + get: + operationId: core_users_me_retrieve + description: Get information about current user + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SessionUser' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/crypto/certificatekeypairs/: + get: + operationId: crypto_certificatekeypairs_list + description: CertificateKeyPair Viewset + parameters: + - in: query + name: has_key + schema: + type: string + description: Only return certificate-key pairs with keys + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedCertificateKeyPairList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: crypto_certificatekeypairs_create + description: CertificateKeyPair Viewset + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/crypto/certificatekeypairs/{kp_uuid}/: + get: + operationId: crypto_certificatekeypairs_retrieve + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: crypto_certificatekeypairs_update + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: crypto_certificatekeypairs_partial_update + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedCertificateKeyPairRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedCertificateKeyPairRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedCertificateKeyPairRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: crypto_certificatekeypairs_destroy + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/crypto/certificatekeypairs/{kp_uuid}/view_certificate/: + get: + operationId: crypto_certificatekeypairs_view_certificate_retrieve + description: Return certificate-key pairs certificate and log access + parameters: + - in: query + name: download + schema: + type: boolean + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateData' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/crypto/certificatekeypairs/{kp_uuid}/view_private_key/: + get: + operationId: crypto_certificatekeypairs_view_private_key_retrieve + description: Return certificate-key pairs private key and log access + parameters: + - in: query + name: download + schema: + type: boolean + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateData' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/crypto/certificatekeypairs/generate/: + post: + operationId: crypto_certificatekeypairs_generate_create + description: Generate a new, self-signed certificate-key pair + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateGenerationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CertificateGenerationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CertificateGenerationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + '400': + description: Bad request + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/events/events/: + get: + operationId: events_events_list + description: Event Read-Only Viewset + parameters: + - in: query + name: action + schema: + type: string + - in: query + name: client_ip + schema: + type: string + - in: query + name: context_authorized_app + schema: + type: string + description: Context Authorized application + - in: query + name: context_model_app + schema: + type: string + description: Context Model App + - in: query + name: context_model_name + schema: + type: string + description: Context Model Name + - in: query + name: context_model_pk + schema: + type: string + description: Context Model Primary Key + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: username + schema: + type: string + description: Username + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedEventList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/events/events/{event_uuid}/: + get: + operationId: events_events_retrieve + description: Event Read-Only Viewset + parameters: + - in: path + name: event_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Event' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/events/events/actions/: + get: + operationId: events_events_actions_list + description: Get all actions + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/events/events/top_per_user/: + get: + operationId: events_events_top_per_user_list + description: Get the top_n events grouped by user count + parameters: + - in: query + name: action + schema: + type: string + - in: query + name: client_ip + schema: + type: string + - in: query + name: context_authorized_app + schema: + type: string + description: Context Authorized application + - in: query + name: context_model_app + schema: + type: string + description: Context Model App + - in: query + name: context_model_name + schema: + type: string + description: Context Model Name + - in: query + name: context_model_pk + schema: + type: string + description: Context Model Primary Key + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: top_n + schema: + type: integer + - in: query + name: username + schema: + type: string + description: Username + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/EventTopPerUser' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/events/notifications/: + get: + operationId: events_notifications_list + description: Notification Viewset + parameters: + - in: query + name: body + schema: + type: string + - in: query + name: created + schema: + type: string + format: date-time + - in: query + name: event + schema: + type: string + format: uuid + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: seen + schema: + type: boolean + - in: query + name: severity + schema: + type: string + enum: + - alert + - notice + - warning + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedNotificationList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/events/notifications/{uuid}/: + get: + operationId: events_notifications_retrieve + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Notification' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: events_notifications_update + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Notification' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: events_notifications_partial_update + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedNotificationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedNotificationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedNotificationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Notification' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: events_notifications_destroy + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/events/rules/: + get: + operationId: events_rules_list + description: NotificationRule Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedNotificationRuleList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: events_rules_create + description: NotificationRule Viewset + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/events/rules/{pbm_uuid}/: + get: + operationId: events_rules_retrieve + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: events_rules_update + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: events_rules_partial_update + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedNotificationRuleRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedNotificationRuleRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedNotificationRuleRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: events_rules_destroy + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/events/transports/: + get: + operationId: events_transports_list + description: NotificationTransport Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedNotificationTransportList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: events_transports_create + description: NotificationTransport Viewset + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/events/transports/{uuid}/: + get: + operationId: events_transports_retrieve + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: events_transports_update + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: events_transports_partial_update + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedNotificationTransportRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedNotificationTransportRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedNotificationTransportRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: events_transports_destroy + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/events/transports/{uuid}/test/: + post: + operationId: events_transports_test_create + description: |- + Send example notification using selected transport. Requires + Modify permissions. + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransportTest' + description: '' + '500': + description: Failed to test transport + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/bindings/: + get: + operationId: flows_bindings_list + description: FlowStageBinding Viewset + parameters: + - in: query + name: evaluate_on_plan + schema: + type: boolean + - in: query + name: fsb_uuid + schema: + type: string + format: uuid + - in: query + name: order + schema: + type: integer + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: pbm_uuid + schema: + type: string + format: uuid + - in: query + name: policies + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form + - in: query + name: policy_engine_mode + schema: + type: string + enum: + - all + - any + - in: query + name: re_evaluate_policies + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: stage + schema: + type: string + format: uuid + - in: query + name: target + schema: + type: string + format: uuid + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedFlowStageBindingList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: flows_bindings_create + description: FlowStageBinding Viewset + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/bindings/{fsb_uuid}/: + get: + operationId: flows_bindings_retrieve + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: flows_bindings_update + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: flows_bindings_partial_update + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedFlowStageBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedFlowStageBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedFlowStageBindingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: flows_bindings_destroy + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/executor/{flow_slug}/: + get: + operationId: flows_executor_get + description: Get the next pending challenge from the currently active flow. + parameters: + - in: path + name: flow_slug + schema: + type: string + required: true + - in: query + name: query + schema: + type: string + description: Querystring as received + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Challenge' + description: '' + '404': + description: No Token found + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: flows_executor_solve + description: Solve the previously retrieved challenge and advanced to the next + stage. + parameters: + - in: path + name: flow_slug + schema: + type: string + required: true + - in: query + name: query + schema: + type: string + description: Querystring as received + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + type: object + additionalProperties: {} + application/x-www-form-urlencoded: + schema: + type: object + additionalProperties: {} + multipart/form-data: + schema: + type: object + additionalProperties: {} + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Challenge' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/instances/: + get: + operationId: flows_instances_list + description: Flow Viewset + parameters: + - in: query + name: designation + schema: + type: string + enum: + - authentication + - authorization + - enrollment + - invalidation + - recovery + - stage_configuration + - unenrollment + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + - in: query + name: flow_uuid + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: slug + schema: + type: string + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedFlowList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: flows_instances_create + description: Flow Viewset + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/instances/{slug}/: + get: + operationId: flows_instances_retrieve + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: flows_instances_update + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: flows_instances_partial_update + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedFlowRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedFlowRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedFlowRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: flows_instances_destroy + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/instances/{slug}/diagram/: + get: + operationId: flows_instances_diagram_retrieve + description: Return diagram for flow with slug `slug`, in the format used by + flowchart.js + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowDiagram' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/instances/{slug}/execute/: + get: + operationId: flows_instances_execute_retrieve + description: Execute flow for current user + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Link' + description: '' + '400': + description: Flow not applicable + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/instances/{slug}/export/: + get: + operationId: flows_instances_export_retrieve + description: Export flow to .akflow file + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: string + format: binary + description: null + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/instances/{slug}/set_background/: + post: + operationId: flows_instances_set_background_create + description: Set Flow background + parameters: + - in: query + name: file + schema: + type: string + format: binary + required: true + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + description: Success + '400': + description: Bad request + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/instances/cache_clear/: + post: + operationId: flows_instances_cache_clear_create + description: Clear flow cache + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: Successfully cleared cache + '400': + description: Bad request + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/instances/cache_info/: + get: + operationId: flows_instances_cache_info_retrieve + description: Info about cached flows + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Cache' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/flows/instances/import_flow/: + post: + operationId: flows_instances_import_flow_create + description: Import flow from .akflow file + parameters: + - in: query + name: file + schema: + type: string + format: binary + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: Successfully imported flow + '400': + description: Bad request + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/oauth2/authorization_codes/: + get: + operationId: oauth2_authorization_codes_list + description: AuthorizationCode Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: provider + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user + schema: + type: integer + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/oauth2/authorization_codes/{id}/: + get: + operationId: oauth2_authorization_codes_retrieve + description: AuthorizationCode Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Authorization Code. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpiringBaseGrantModel' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: oauth2_authorization_codes_destroy + description: AuthorizationCode Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Authorization Code. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/oauth2/refresh_tokens/: + get: + operationId: oauth2_refresh_tokens_list + description: RefreshToken Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: provider + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user + schema: + type: integer + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/oauth2/refresh_tokens/{id}/: + get: + operationId: oauth2_refresh_tokens_retrieve + description: RefreshToken Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2 Token. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpiringBaseGrantModel' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: oauth2_refresh_tokens_destroy + description: RefreshToken Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2 Token. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/instances/: + get: + operationId: outposts_instances_list + description: Outpost Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: providers__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOutpostList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: outposts_instances_create + description: Outpost Viewset + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OutpostRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/instances/{uuid}/: + get: + operationId: outposts_instances_retrieve + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: outposts_instances_update + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OutpostRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: outposts_instances_partial_update + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: outposts_instances_destroy + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/instances/{uuid}/health/: + get: + operationId: outposts_instances_health_list + description: Get outposts current health + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - in: query + name: providers__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/OutpostHealth' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/instances/default_settings/: + get: + operationId: outposts_instances_default_settings_retrieve + description: Global default outpost config + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostDefaultConfig' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/ldap/: + get: + operationId: outposts_ldap_list + description: LDAPProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPOutpostConfigList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/ldap/{id}/: + get: + operationId: outposts_ldap_retrieve + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPOutpostConfig' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/proxy/: + get: + operationId: outposts_proxy_list + description: ProxyProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedProxyOutpostConfigList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/proxy/{id}/: + get: + operationId: outposts_proxy_retrieve + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyOutpostConfig' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/service_connections/all/: + get: + operationId: outposts_service_connections_all_list + description: ServiceConnection Viewset + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedServiceConnectionList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/service_connections/all/{uuid}/: + get: + operationId: outposts_service_connections_all_retrieve + description: ServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Outpost Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: outposts_service_connections_all_destroy + description: ServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Outpost Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/service_connections/all/{uuid}/state/: + get: + operationId: outposts_service_connections_all_state_retrieve + description: Get the service connection's state + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Outpost Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceConnectionState' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/service_connections/all/types/: + get: + operationId: outposts_service_connections_all_types_list + description: Get all creatable service connection types + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/service_connections/docker/: + get: + operationId: outposts_service_connections_docker_list + description: DockerServiceConnection Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDockerServiceConnectionList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: outposts_service_connections_docker_create + description: DockerServiceConnection Viewset + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/service_connections/docker/{uuid}/: + get: + operationId: outposts_service_connections_docker_retrieve + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: outposts_service_connections_docker_update + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: outposts_service_connections_docker_partial_update + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: outposts_service_connections_docker_destroy + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/service_connections/kubernetes/: + get: + operationId: outposts_service_connections_kubernetes_list + description: KubernetesServiceConnection Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedKubernetesServiceConnectionList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: outposts_service_connections_kubernetes_create + description: KubernetesServiceConnection Viewset + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/outposts/service_connections/kubernetes/{uuid}/: + get: + operationId: outposts_service_connections_kubernetes_retrieve + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: outposts_service_connections_kubernetes_update + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: outposts_service_connections_kubernetes_partial_update + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: outposts_service_connections_kubernetes_destroy + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/all/: + get: + operationId: policies_all_list + description: Policy Viewset + parameters: + - in: query + name: bindings__isnull + schema: + type: boolean + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: promptstage__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPolicyList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/all/{policy_uuid}/: + get: + operationId: policies_all_retrieve + description: Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: policies_all_destroy + description: Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/all/{policy_uuid}/test/: + post: + operationId: policies_all_test_create + description: Test policy + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyTestResult' + description: '' + '400': + description: Invalid parameters + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/all/cache_clear/: + post: + operationId: policies_all_cache_clear_create + description: Clear policy cache + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: Successfully cleared cache + '400': + description: Bad request + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/all/cache_info/: + get: + operationId: policies_all_cache_info_retrieve + description: Info about cached policies + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Cache' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/all/types/: + get: + operationId: policies_all_types_list + description: Get all creatable policy types + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/bindings/: + get: + operationId: policies_bindings_list + description: PolicyBinding Viewset + parameters: + - in: query + name: enabled + schema: + type: boolean + - in: query + name: order + schema: + type: integer + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: policy + schema: + type: string + format: uuid + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: target + schema: + type: string + format: uuid + - in: query + name: timeout + schema: + type: integer + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPolicyBindingList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: policies_bindings_create + description: PolicyBinding Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/bindings/{policy_binding_uuid}/: + get: + operationId: policies_bindings_retrieve + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: policies_bindings_update + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: policies_bindings_partial_update + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPolicyBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPolicyBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPolicyBindingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: policies_bindings_destroy + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/dummy/: + get: + operationId: policies_dummy_list + description: Dummy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDummyPolicyList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: policies_dummy_create + description: Dummy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/dummy/{policy_uuid}/: + get: + operationId: policies_dummy_retrieve + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: policies_dummy_update + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: policies_dummy_partial_update + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDummyPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDummyPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDummyPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: policies_dummy_destroy + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/event_matcher/: + get: + operationId: policies_event_matcher_list + description: Event Matcher Policy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedEventMatcherPolicyList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: policies_event_matcher_create + description: Event Matcher Policy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/event_matcher/{policy_uuid}/: + get: + operationId: policies_event_matcher_retrieve + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: policies_event_matcher_update + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: policies_event_matcher_partial_update + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: policies_event_matcher_destroy + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/expression/: + get: + operationId: policies_expression_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedExpressionPolicyList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: policies_expression_create + description: Source Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/expression/{policy_uuid}/: + get: + operationId: policies_expression_retrieve + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: policies_expression_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: policies_expression_partial_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedExpressionPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedExpressionPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedExpressionPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: policies_expression_destroy + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/haveibeenpwned/: + get: + operationId: policies_haveibeenpwned_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedHaveIBeenPwendPolicyList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: policies_haveibeenpwned_create + description: Source Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/haveibeenpwned/{policy_uuid}/: + get: + operationId: policies_haveibeenpwned_retrieve + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: policies_haveibeenpwned_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: policies_haveibeenpwned_partial_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedHaveIBeenPwendPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedHaveIBeenPwendPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedHaveIBeenPwendPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: policies_haveibeenpwned_destroy + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/password/: + get: + operationId: policies_password_list + description: Password Policy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPasswordPolicyList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: policies_password_create + description: Password Policy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/password/{policy_uuid}/: + get: + operationId: policies_password_retrieve + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: policies_password_update + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: policies_password_partial_update + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPasswordPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPasswordPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPasswordPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: policies_password_destroy + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/password_expiry/: + get: + operationId: policies_password_expiry_list + description: Password Expiry Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPasswordExpiryPolicyList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: policies_password_expiry_create + description: Password Expiry Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/password_expiry/{policy_uuid}/: + get: + operationId: policies_password_expiry_retrieve + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: policies_password_expiry_update + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: policies_password_expiry_partial_update + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: policies_password_expiry_destroy + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/reputation/: + get: + operationId: policies_reputation_list + description: Reputation Policy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedReputationPolicyList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: policies_reputation_create + description: Reputation Policy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/reputation/{policy_uuid}/: + get: + operationId: policies_reputation_retrieve + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: policies_reputation_update + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: policies_reputation_partial_update + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedReputationPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedReputationPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedReputationPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: policies_reputation_destroy + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/reputation/ips/: + get: + operationId: policies_reputation_ips_list + description: IPReputation Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedIPReputationList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: policies_reputation_ips_create + description: IPReputation Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IPReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IPReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/reputation/ips/{id}/: + get: + operationId: policies_reputation_ips_retrieve + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: policies_reputation_ips_update + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IPReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IPReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: policies_reputation_ips_partial_update + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedIPReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedIPReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedIPReputationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: policies_reputation_ips_destroy + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/reputation/users/: + get: + operationId: policies_reputation_users_list + description: UserReputation Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserReputationList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: policies_reputation_users_create + description: UserReputation Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/policies/reputation/users/{id}/: + get: + operationId: policies_reputation_users_retrieve + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: policies_reputation_users_update + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: policies_reputation_users_partial_update + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserReputationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: policies_reputation_users_destroy + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/propertymappings/all/: + get: + operationId: propertymappings_all_list + description: PropertyMapping Viewset + parameters: + - in: query + name: managed__isnull + schema: + type: boolean + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPropertyMappingList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/propertymappings/all/{pm_uuid}/: + get: + operationId: propertymappings_all_retrieve + description: PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PropertyMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: propertymappings_all_destroy + description: PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/propertymappings/all/{pm_uuid}/test/: + post: + operationId: propertymappings_all_test_create + description: Test Property Mapping + parameters: + - in: query + name: format_result + schema: + type: boolean + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PropertyMappingTestResult' + description: '' + '400': + description: Invalid parameters + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/propertymappings/all/types/: + get: + operationId: propertymappings_all_types_list + description: Get all creatable property-mapping types + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/propertymappings/ldap/: + get: + operationId: propertymappings_ldap_list + description: LDAP PropertyMapping Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPPropertyMappingList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: propertymappings_ldap_create + description: LDAP PropertyMapping Viewset + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/propertymappings/ldap/{pm_uuid}/: + get: + operationId: propertymappings_ldap_retrieve + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: propertymappings_ldap_update + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: propertymappings_ldap_partial_update + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: propertymappings_ldap_destroy + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/propertymappings/saml/: + get: + operationId: propertymappings_saml_list + description: SAMLPropertyMapping Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSAMLPropertyMappingList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: propertymappings_saml_create + description: SAMLPropertyMapping Viewset + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/propertymappings/saml/{pm_uuid}/: + get: + operationId: propertymappings_saml_retrieve + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: propertymappings_saml_update + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: propertymappings_saml_partial_update + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: propertymappings_saml_destroy + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/propertymappings/scope/: + get: + operationId: propertymappings_scope_list + description: ScopeMapping Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedScopeMappingList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: propertymappings_scope_create + description: ScopeMapping Viewset + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/propertymappings/scope/{pm_uuid}/: + get: + operationId: propertymappings_scope_retrieve + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: propertymappings_scope_update + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: propertymappings_scope_partial_update + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedScopeMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedScopeMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedScopeMappingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: propertymappings_scope_destroy + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/all/: + get: + operationId: providers_all_list + description: Provider Viewset + parameters: + - in: query + name: application__isnull + schema: + type: boolean + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedProviderList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/all/{id}/: + get: + operationId: providers_all_retrieve + description: Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Provider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: providers_all_destroy + description: Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/all/types/: + get: + operationId: providers_all_types_list + description: Get all creatable provider types + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/ldap/: + get: + operationId: providers_ldap_list + description: LDAPProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPProviderList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: providers_ldap_create + description: LDAPProvider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/ldap/{id}/: + get: + operationId: providers_ldap_retrieve + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: providers_ldap_update + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: providers_ldap_partial_update + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedLDAPProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedLDAPProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedLDAPProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: providers_ldap_destroy + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/oauth2/: + get: + operationId: providers_oauth2_list + description: OAuth2Provider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOAuth2ProviderList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: providers_oauth2_create + description: OAuth2Provider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/oauth2/{id}/: + get: + operationId: providers_oauth2_retrieve + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: providers_oauth2_update + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: providers_oauth2_partial_update + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedOAuth2ProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedOAuth2ProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedOAuth2ProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: providers_oauth2_destroy + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/oauth2/{id}/setup_urls/: + get: + operationId: providers_oauth2_setup_urls_retrieve + description: Get Providers setup URLs + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2ProviderSetupURLs' + description: '' + '404': + description: Provider has no application assigned + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/proxy/: + get: + operationId: providers_proxy_list + description: ProxyProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedProxyProviderList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: providers_proxy_create + description: ProxyProvider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/proxy/{id}/: + get: + operationId: providers_proxy_retrieve + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: providers_proxy_update + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: providers_proxy_partial_update + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedProxyProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedProxyProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedProxyProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: providers_proxy_destroy + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/saml/: + get: + operationId: providers_saml_list + description: SAMLProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSAMLProviderList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: providers_saml_create + description: SAMLProvider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/saml/{id}/: + get: + operationId: providers_saml_retrieve + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: providers_saml_update + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: providers_saml_partial_update + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedSAMLProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedSAMLProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedSAMLProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: providers_saml_destroy + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/saml/{id}/metadata/: + get: + operationId: providers_saml_metadata_retrieve + description: Return metadata as XML string + parameters: + - in: query + name: download + schema: + type: boolean + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLMetadata' + description: '' + '404': + description: Provider has no application assigned + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/providers/saml/import_metadata/: + post: + operationId: providers_saml_import_metadata_create + description: Create provider from SAML Metadata + tags: + - providers + requestBody: + content: + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLProviderImportRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: Successfully imported provider + '400': + description: Bad request + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/root/config/: + get: + operationId: root_config_retrieve + description: Retrive public configuration options + tags: + - root + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Config' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/schema/: + get: + operationId: schema_retrieve + description: |- + OpenApi3 schema for this API. Format can be selected via content negotiation. + + - YAML: application/vnd.oai.openapi + - JSON: application/vnd.oai.openapi+json + parameters: + - in: query + name: format + schema: + type: string + enum: + - json + - yaml + - in: query + name: lang + schema: + type: string + enum: + - af + - ar + - ar-dz + - ast + - az + - be + - bg + - bn + - br + - bs + - ca + - cs + - cy + - da + - de + - dsb + - el + - en + - en-au + - en-gb + - eo + - es + - es-ar + - es-co + - es-mx + - es-ni + - es-ve + - et + - eu + - fa + - fi + - fr + - fy + - ga + - gd + - gl + - he + - hi + - hr + - hsb + - hu + - hy + - ia + - id + - ig + - io + - is + - it + - ja + - ka + - kab + - kk + - km + - kn + - ko + - ky + - lb + - lt + - lv + - mk + - ml + - mn + - mr + - my + - nb + - ne + - nl + - nn + - os + - pa + - pl + - pt + - pt-br + - ro + - ru + - sk + - sl + - sq + - sr + - sr-latn + - sv + - sw + - ta + - te + - tg + - th + - tk + - tr + - tt + - udm + - uk + - ur + - uz + - vi + - zh-hans + - zh-hant + tags: + - schema + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/vnd.oai.openapi: + schema: + type: object + additionalProperties: {} + application/yaml: + schema: + type: object + additionalProperties: {} + application/vnd.oai.openapi+json: + schema: + type: object + additionalProperties: {} + application/json: + schema: + type: object + additionalProperties: {} + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/all/: + get: + operationId: sources_all_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSourceList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/all/{slug}/: + get: + operationId: sources_all_retrieve + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Source' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: sources_all_destroy + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/all/types/: + get: + operationId: sources_all_types_list + description: Get all creatable source types + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/all/user_settings/: + get: + operationId: sources_all_user_settings_list + description: Get all sources the user can configure + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/UserSetting' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/ldap/: + get: + operationId: sources_ldap_list + description: LDAP Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPSourceList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: sources_ldap_create + description: LDAP Source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/ldap/{slug}/: + get: + operationId: sources_ldap_retrieve + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: sources_ldap_update + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: sources_ldap_partial_update + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedLDAPSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedLDAPSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedLDAPSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: sources_ldap_destroy + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/ldap/{slug}/sync_status/: + get: + operationId: sources_ldap_sync_status_retrieve + description: Get source's sync status + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Task' + description: '' + '404': + description: Task not found + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/oauth/: + get: + operationId: sources_oauth_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOAuthSourceList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: sources_oauth_create + description: Source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/oauth/{slug}/: + get: + operationId: sources_oauth_retrieve + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: sources_oauth_update + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: sources_oauth_partial_update + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedOAuthSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedOAuthSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedOAuthSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: sources_oauth_destroy + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/oauth/source_types/: + get: + operationId: sources_oauth_source_types_list + description: Get all creatable source types + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/SourceType' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/oauth_user_connections/: + get: + operationId: sources_oauth_user_connections_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: source__slug + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserOAuthSourceConnectionList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: sources_oauth_user_connections_create + description: Source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/oauth_user_connections/{id}/: + get: + operationId: sources_oauth_user_connections_retrieve + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: sources_oauth_user_connections_update + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: sources_oauth_user_connections_partial_update + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: sources_oauth_user_connections_destroy + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/plex/: + get: + operationId: sources_plex_list + description: Plex source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPlexSourceList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: sources_plex_create + description: Plex source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/plex/{slug}/: + get: + operationId: sources_plex_retrieve + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: sources_plex_update + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: sources_plex_partial_update + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPlexSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPlexSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPlexSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: sources_plex_destroy + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/plex/redeem_token/: + post: + operationId: sources_plex_redeem_token_create + description: |- + Redeem a plex token, check it's access to resources against what's allowed + for the source, and redirect to an authentication/enrollment flow. + parameters: + - in: query + name: slug + schema: + type: string + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PlexTokenRedeemRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PlexTokenRedeemRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PlexTokenRedeemRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RedirectChallenge' + description: '' + '400': + description: Token not found + '403': + description: Access denied + /api/v2beta/sources/saml/: + get: + operationId: sources_saml_list + description: SAMLSource Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSAMLSourceList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: sources_saml_create + description: SAMLSource Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/saml/{slug}/: + get: + operationId: sources_saml_retrieve + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: sources_saml_update + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: sources_saml_partial_update + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedSAMLSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedSAMLSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedSAMLSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: sources_saml_destroy + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/sources/saml/{slug}/metadata/: + get: + operationId: sources_saml_metadata_retrieve + description: Return metadata as XML string + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLMetadata' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/all/: + get: + operationId: stages_all_list + description: Stage Viewset + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/all/{stage_uuid}/: + get: + operationId: stages_all_retrieve + description: Stage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Stage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_all_destroy + description: Stage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/all/types/: + get: + operationId: stages_all_types_list + description: Get all creatable stage types + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/all/user_settings/: + get: + operationId: stages_all_user_settings_list + description: Get all stages the user can configure + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/StageUserSetting' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/authenticator/static/: + get: + operationId: stages_authenticator_static_list + description: AuthenticatorStaticStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticatorStaticStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_authenticator_static_create + description: AuthenticatorStaticStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/authenticator/static/{stage_uuid}/: + get: + operationId: stages_authenticator_static_retrieve + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_authenticator_static_update + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_authenticator_static_partial_update + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_authenticator_static_destroy + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/authenticator/totp/: + get: + operationId: stages_authenticator_totp_list + description: AuthenticatorTOTPStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_authenticator_totp_create + description: AuthenticatorTOTPStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/authenticator/totp/{stage_uuid}/: + get: + operationId: stages_authenticator_totp_retrieve + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_authenticator_totp_update + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_authenticator_totp_partial_update + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_authenticator_totp_destroy + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/authenticator/validate/: + get: + operationId: stages_authenticator_validate_list + description: AuthenticatorValidateStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_authenticator_validate_create + description: AuthenticatorValidateStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/authenticator/validate/{stage_uuid}/: + get: + operationId: stages_authenticator_validate_retrieve + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_authenticator_validate_update + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_authenticator_validate_partial_update + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_authenticator_validate_destroy + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/authenticator/webauthn/: + get: + operationId: stages_authenticator_webauthn_list + description: AuthenticateWebAuthnStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticateWebAuthnStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_authenticator_webauthn_create + description: AuthenticateWebAuthnStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/authenticator/webauthn/{stage_uuid}/: + get: + operationId: stages_authenticator_webauthn_retrieve + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_authenticator_webauthn_update + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_authenticator_webauthn_partial_update + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_authenticator_webauthn_destroy + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/captcha/: + get: + operationId: stages_captcha_list + description: CaptchaStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedCaptchaStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_captcha_create + description: CaptchaStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/captcha/{stage_uuid}/: + get: + operationId: stages_captcha_retrieve + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_captcha_update + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_captcha_partial_update + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedCaptchaStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedCaptchaStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedCaptchaStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_captcha_destroy + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/consent/: + get: + operationId: stages_consent_list + description: ConsentStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedConsentStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_consent_create + description: ConsentStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/consent/{stage_uuid}/: + get: + operationId: stages_consent_retrieve + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_consent_update + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_consent_partial_update + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedConsentStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedConsentStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedConsentStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_consent_destroy + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/deny/: + get: + operationId: stages_deny_list + description: DenyStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDenyStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_deny_create + description: DenyStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DenyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DenyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/deny/{stage_uuid}/: + get: + operationId: stages_deny_retrieve + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_deny_update + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DenyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DenyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_deny_partial_update + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDenyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDenyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDenyStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_deny_destroy + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/dummy/: + get: + operationId: stages_dummy_list + description: DummyStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDummyStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_dummy_create + description: DummyStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/dummy/{stage_uuid}/: + get: + operationId: stages_dummy_retrieve + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_dummy_update + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_dummy_partial_update + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDummyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDummyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDummyStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_dummy_destroy + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/email/: + get: + operationId: stages_email_list + description: EmailStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedEmailStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_email_create + description: EmailStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EmailStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EmailStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/email/{stage_uuid}/: + get: + operationId: stages_email_retrieve + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_email_update + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EmailStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EmailStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_email_partial_update + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedEmailStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedEmailStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedEmailStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_email_destroy + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/email/templates/: + get: + operationId: stages_email_templates_list + description: Get all available templates, including custom templates + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/identification/: + get: + operationId: stages_identification_list + description: IdentificationStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedIdentificationStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_identification_create + description: IdentificationStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/identification/{stage_uuid}/: + get: + operationId: stages_identification_retrieve + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_identification_update + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_identification_partial_update + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedIdentificationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedIdentificationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedIdentificationStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_identification_destroy + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/invitation/invitations/: + get: + operationId: stages_invitation_invitations_list + description: Invitation Viewset + parameters: + - in: query + name: created_by__username + schema: + type: string + - in: query + name: expires + schema: + type: string + format: date-time + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedInvitationList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_invitation_invitations_create + description: Invitation Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/invitation/invitations/{invite_uuid}/: + get: + operationId: stages_invitation_invitations_retrieve + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_invitation_invitations_update + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_invitation_invitations_partial_update + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedInvitationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedInvitationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedInvitationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_invitation_invitations_destroy + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/invitation/stages/: + get: + operationId: stages_invitation_stages_list + description: InvitationStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedInvitationStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_invitation_stages_create + description: InvitationStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/invitation/stages/{stage_uuid}/: + get: + operationId: stages_invitation_stages_retrieve + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_invitation_stages_update + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_invitation_stages_partial_update + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedInvitationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedInvitationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedInvitationStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_invitation_stages_destroy + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/password/: + get: + operationId: stages_password_list + description: PasswordStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPasswordStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_password_create + description: PasswordStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/password/{stage_uuid}/: + get: + operationId: stages_password_retrieve + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_password_update + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_password_partial_update + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPasswordStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPasswordStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPasswordStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_password_destroy + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/prompt/prompts/: + get: + operationId: stages_prompt_prompts_list + description: Prompt Viewset + parameters: + - in: query + name: field_key + schema: + type: string + - in: query + name: label + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: placeholder + schema: + type: string + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: type + schema: + type: string + enum: + - checkbox + - date + - date-time + - email + - hidden + - number + - password + - separator + - static + - text + - username + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPromptList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_prompt_prompts_create + description: Prompt Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/prompt/prompts/{prompt_uuid}/: + get: + operationId: stages_prompt_prompts_retrieve + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_prompt_prompts_update + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_prompt_prompts_partial_update + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPromptRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPromptRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPromptRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_prompt_prompts_destroy + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/prompt/stages/: + get: + operationId: stages_prompt_stages_list + description: PromptStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPromptStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_prompt_stages_create + description: PromptStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/prompt/stages/{stage_uuid}/: + get: + operationId: stages_prompt_stages_retrieve + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_prompt_stages_update + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_prompt_stages_partial_update + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPromptStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPromptStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPromptStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_prompt_stages_destroy + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/user_delete/: + get: + operationId: stages_user_delete_list + description: UserDeleteStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserDeleteStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_user_delete_create + description: UserDeleteStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/user_delete/{stage_uuid}/: + get: + operationId: stages_user_delete_retrieve + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_user_delete_update + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_user_delete_partial_update + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserDeleteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserDeleteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserDeleteStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_user_delete_destroy + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/user_login/: + get: + operationId: stages_user_login_list + description: UserLoginStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserLoginStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_user_login_create + description: UserLoginStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/user_login/{stage_uuid}/: + get: + operationId: stages_user_login_retrieve + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_user_login_update + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_user_login_partial_update + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserLoginStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserLoginStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserLoginStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_user_login_destroy + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/user_logout/: + get: + operationId: stages_user_logout_list + description: UserLogoutStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserLogoutStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_user_logout_create + description: UserLogoutStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/user_logout/{stage_uuid}/: + get: + operationId: stages_user_logout_retrieve + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_user_logout_update + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_user_logout_partial_update + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserLogoutStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserLogoutStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserLogoutStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_user_logout_destroy + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/user_write/: + get: + operationId: stages_user_write_list + description: UserWriteStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserWriteStageList' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + post: + operationId: stages_user_write_create + description: UserWriteStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + /api/v2beta/stages/user_write/{stage_uuid}/: + get: + operationId: stages_user_write_retrieve + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + put: + operationId: stages_user_write_update + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + patch: + operationId: stages_user_write_partial_update + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserWriteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserWriteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserWriteStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' + delete: + operationId: stages_user_write_destroy + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + '400': + $ref: '#/components/schemas/ValidationError' + '403': + $ref: '#/components/schemas/GenericError' +components: + schemas: + ActionEnum: + enum: + - login + - login_failed + - logout + - user_write + - suspicious_request + - password_set + - secret_view + - invitation_used + - authorize_application + - source_linked + - impersonation_started + - impersonation_ended + - policy_execution + - policy_exception + - property_mapping_exception + - system_task_execution + - system_task_exception + - configuration_error + - model_created + - model_updated + - model_deleted + - update_available + - custom_ + type: string + App: + type: object + description: Serialize Application info + properties: + name: + type: string + label: + type: string + required: + - label + - name + AppEnum: + enum: + - authentik.admin + - authentik.api + - authentik.events + - authentik.crypto + - authentik.flows + - authentik.outposts + - authentik.lib + - authentik.policies + - authentik.policies.dummy + - authentik.policies.event_matcher + - authentik.policies.expiry + - authentik.policies.expression + - authentik.policies.hibp + - authentik.policies.password + - authentik.policies.reputation + - authentik.providers.proxy + - authentik.providers.ldap + - authentik.providers.oauth2 + - authentik.providers.saml + - authentik.recovery + - authentik.sources.ldap + - authentik.sources.oauth + - authentik.sources.plex + - authentik.sources.saml + - authentik.stages.authenticator_static + - authentik.stages.authenticator_totp + - authentik.stages.authenticator_validate + - authentik.stages.authenticator_webauthn + - authentik.stages.captcha + - authentik.stages.consent + - authentik.stages.deny + - authentik.stages.dummy + - authentik.stages.email + - authentik.stages.identification + - authentik.stages.invitation + - authentik.stages.password + - authentik.stages.prompt + - authentik.stages.user_delete + - authentik.stages.user_login + - authentik.stages.user_logout + - authentik.stages.user_write + - authentik.core + - authentik.managed + type: string + Application: + type: object + description: Application Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Application's display Name. + slug: + type: string + description: Internal application name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + provider: + type: integer + nullable: true + provider_obj: + $ref: '#/components/schemas/Provider' + launch_url: + type: string + nullable: true + readOnly: true + meta_launch_url: + type: string + format: uri + maxLength: 200 + meta_icon: + type: string + format: uri + readOnly: true + meta_description: + type: string + meta_publisher: + type: string + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + required: + - launch_url + - meta_icon + - name + - pk + - slug + ApplicationRequest: + type: object + description: Application Serializer + properties: + name: + type: string + description: Application's display Name. + slug: + type: string + description: Internal application name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + provider: + type: integer + nullable: true + provider_obj: + $ref: '#/components/schemas/ProviderRequest' + meta_launch_url: + type: string + format: uri + maxLength: 200 + meta_description: + type: string + meta_publisher: + type: string + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + required: + - name + - slug + AuthenticateWebAuthnStage: + type: object + description: AuthenticateWebAuthnStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticateWebAuthnStageRequest: + type: object + description: AuthenticateWebAuthnStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + required: + - name + AuthenticatorStaticStage: + type: object + description: AuthenticatorStaticStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + token_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticatorStaticStageRequest: + type: object + description: AuthenticatorStaticStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + token_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - name + AuthenticatorTOTPStage: + type: object + description: AuthenticatorTOTPStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + digits: + allOf: + - $ref: '#/components/schemas/DigitsEnum' + minimum: -2147483648 + maximum: 2147483647 + required: + - component + - digits + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticatorTOTPStageRequest: + type: object + description: AuthenticatorTOTPStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + digits: + allOf: + - $ref: '#/components/schemas/DigitsEnum' + minimum: -2147483648 + maximum: 2147483647 + required: + - digits + - name + AuthenticatorValidateStage: + type: object + description: AuthenticatorValidateStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + not_configured_action: + $ref: '#/components/schemas/NotConfiguredActionEnum' + device_classes: + type: array + items: + $ref: '#/components/schemas/DeviceClassesEnum' + description: Device classes which can be used to authenticate + configuration_stage: + type: string + format: uuid + nullable: true + description: Stage used to configure Authenticator when user doesn't have + any compatible devices. After this configuration Stage passes, the user + is not prompted again. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticatorValidateStageRequest: + type: object + description: AuthenticatorValidateStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + not_configured_action: + $ref: '#/components/schemas/NotConfiguredActionEnum' + device_classes: + type: array + items: + $ref: '#/components/schemas/DeviceClassesEnum' + description: Device classes which can be used to authenticate + configuration_stage: + type: string + format: uuid + nullable: true + description: Stage used to configure Authenticator when user doesn't have + any compatible devices. After this configuration Stage passes, the user + is not prompted again. + required: + - name + BackendsEnum: + enum: + - django.contrib.auth.backends.ModelBackend + - authentik.sources.ldap.auth.LDAPBackend + type: string + BindingTypeEnum: + enum: + - REDIRECT + - POST + - POST_AUTO + type: string + Cache: + type: object + description: Generic cache stats for an object + properties: + count: + type: integer + readOnly: true + required: + - count + CaptchaStage: + type: object + description: CaptchaStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + public_key: + type: string + description: Public key, acquired from https://www.google.com/recaptcha/intro/v3.html + required: + - component + - name + - pk + - public_key + - verbose_name + - verbose_name_plural + CaptchaStageRequest: + type: object + description: CaptchaStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + public_key: + type: string + description: Public key, acquired from https://www.google.com/recaptcha/intro/v3.html + private_key: + type: string + writeOnly: true + description: Private key, acquired from https://www.google.com/recaptcha/intro/v3.html + required: + - name + - private_key + - public_key + CertificateData: + type: object + description: Get CertificateKeyPair's data + properties: + data: + type: string + readOnly: true + required: + - data + CertificateGenerationRequest: + type: object + description: Certificate generation parameters + properties: + common_name: + type: string + subject_alt_name: + type: string + validity_days: + type: integer + required: + - common_name + - validity_days + CertificateKeyPair: + type: object + description: CertificateKeyPair Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Kp uuid + name: + type: string + fingerprint: + type: string + readOnly: true + cert_expiry: + type: string + format: date-time + readOnly: true + cert_subject: + type: string + readOnly: true + private_key_available: + type: boolean + readOnly: true + required: + - cert_expiry + - cert_subject + - fingerprint + - name + - pk + - private_key_available + CertificateKeyPairRequest: + type: object + description: CertificateKeyPair Serializer + properties: + name: + type: string + certificate_data: + type: string + writeOnly: true + description: PEM-encoded Certificate data + key_data: + type: string + writeOnly: true + description: Optional Private Key. If this is set, you can use this keypair + for encryption. + required: + - certificate_data + - name + Challenge: + type: object + description: |- + Challenge that gets sent to the client based on which stage + is currently active + properties: + type: + $ref: '#/components/schemas/ChallengeChoices' + component: + type: string + title: + type: string + background: + type: string + response_errors: + type: object + additionalProperties: + type: array + items: + $ref: '#/components/schemas/ErrorDetail' + required: + - type + ChallengeChoices: + enum: + - native + - shell + - redirect + type: string + ClientTypeEnum: + enum: + - confidential + - public + type: string + Config: + type: object + description: Serialize authentik Config into DRF Object + properties: + branding_logo: + type: string + readOnly: true + branding_title: + type: string + readOnly: true + ui_footer_links: + type: array + items: + $ref: '#/components/schemas/FooterLink' + readOnly: true + error_reporting_enabled: + type: boolean + readOnly: true + error_reporting_environment: + type: string + readOnly: true + error_reporting_send_pii: + type: boolean + readOnly: true + required: + - branding_logo + - branding_title + - error_reporting_enabled + - error_reporting_environment + - error_reporting_send_pii + - ui_footer_links + ConsentStage: + type: object + description: ConsentStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + mode: + $ref: '#/components/schemas/ConsentStageModeEnum' + consent_expire_in: + type: string + title: Consent expires in + description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + ConsentStageModeEnum: + enum: + - always_require + - permanent + - expiring + type: string + ConsentStageRequest: + type: object + description: ConsentStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + mode: + $ref: '#/components/schemas/ConsentStageModeEnum' + consent_expire_in: + type: string + title: Consent expires in + description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' + required: + - name + Coordinate: + type: object + description: Coordinates for diagrams + properties: + x_cord: + type: integer + readOnly: true + y_cord: + type: integer + readOnly: true + required: + - x_cord + - y_cord + DenyStage: + type: object + description: DenyStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + DenyStageRequest: + type: object + description: DenyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + DeviceClassesEnum: + enum: + - static + - totp + - webauthn + type: string + DigestAlgorithmEnum: + enum: + - http://www.w3.org/2000/09/xmldsig#sha1 + - http://www.w3.org/2001/04/xmlenc#sha256 + - http://www.w3.org/2001/04/xmldsig-more#sha384 + - http://www.w3.org/2001/04/xmlenc#sha512 + type: string + DigitsEnum: + enum: + - 6 + - 8 + type: integer + DockerServiceConnection: + type: object + description: DockerServiceConnection Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + url: + type: string + description: Can be in the format of 'unix://' when connecting to + a local docker daemon, or 'https://:2376' when connecting to + a remote system. + tls_verification: + type: string + format: uuid + nullable: true + description: CA which the endpoint's Certificate is verified against. Can + be left empty for no validation. + tls_authentication: + type: string + format: uuid + nullable: true + description: Certificate/Key used for authentication. Can be left empty + for no authentication. + required: + - component + - name + - pk + - url + - verbose_name + - verbose_name_plural + DockerServiceConnectionRequest: + type: object + description: DockerServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + url: + type: string + description: Can be in the format of 'unix://' when connecting to + a local docker daemon, or 'https://:2376' when connecting to + a remote system. + tls_verification: + type: string + format: uuid + nullable: true + description: CA which the endpoint's Certificate is verified against. Can + be left empty for no validation. + tls_authentication: + type: string + format: uuid + nullable: true + description: Certificate/Key used for authentication. Can be left empty + for no authentication. + required: + - name + - url + DummyPolicy: + type: object + description: Dummy Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + result: + type: boolean + wait_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + wait_max: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + DummyPolicyRequest: + type: object + description: Dummy Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + result: + type: boolean + wait_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + wait_max: + type: integer + maximum: 2147483647 + minimum: -2147483648 + DummyStage: + type: object + description: DummyStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + DummyStageRequest: + type: object + description: DummyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + EmailStage: + type: object + description: EmailStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + use_global_settings: + type: boolean + description: When enabled, global Email connection settings will be used + and connection settings below will be ignored. + host: + type: string + port: + type: integer + maximum: 2147483647 + minimum: -2147483648 + username: + type: string + use_tls: + type: boolean + use_ssl: + type: boolean + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + from_address: + type: string + format: email + maxLength: 254 + token_expiry: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Time in minutes the token sent is valid. + subject: + type: string + template: + type: string + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + EmailStageRequest: + type: object + description: EmailStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + use_global_settings: + type: boolean + description: When enabled, global Email connection settings will be used + and connection settings below will be ignored. + host: + type: string + port: + type: integer + maximum: 2147483647 + minimum: -2147483648 + username: + type: string + password: + type: string + writeOnly: true + use_tls: + type: boolean + use_ssl: + type: boolean + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + from_address: + type: string + format: email + maxLength: 254 + token_expiry: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Time in minutes the token sent is valid. + subject: + type: string + template: + type: string + required: + - name + ErrorDetail: + type: object + description: Serializer for rest_framework's error messages + properties: + string: + type: string + code: + type: string + required: + - code + - string + Event: + type: object + description: Event Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Event uuid + user: + type: object + additionalProperties: {} + action: + type: string + app: + type: string + context: + type: object + additionalProperties: {} + client_ip: + type: string + nullable: true + created: + type: string + format: date-time + readOnly: true + expires: + type: string + format: date-time + required: + - action + - app + - created + - pk + EventMatcherPolicy: + type: object + description: Event Matcher Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + action: + allOf: + - $ref: '#/components/schemas/ActionEnum' + description: Match created events with this action type. When left empty, + all action types will be matched. + client_ip: + type: string + description: Matches Event's Client IP (strict matching, for network matching + use an Expression Policy) + app: + allOf: + - $ref: '#/components/schemas/AppEnum' + description: Match events created by selected application. When left empty, + all applications are matched. + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + EventMatcherPolicyRequest: + type: object + description: Event Matcher Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + action: + allOf: + - $ref: '#/components/schemas/ActionEnum' + description: Match created events with this action type. When left empty, + all action types will be matched. + client_ip: + type: string + description: Matches Event's Client IP (strict matching, for network matching + use an Expression Policy) + app: + allOf: + - $ref: '#/components/schemas/AppEnum' + description: Match events created by selected application. When left empty, + all applications are matched. + EventRequest: + type: object + description: Event Serializer + properties: + user: + type: object + additionalProperties: {} + action: + type: string + app: + type: string + context: + type: object + additionalProperties: {} + client_ip: + type: string + nullable: true + expires: + type: string + format: date-time + required: + - action + - app + EventTopPerUser: + type: object + description: Response object of Event's top_per_user + properties: + application: + type: object + additionalProperties: {} + counted_events: + type: integer + unique_users: + type: integer + required: + - application + - counted_events + - unique_users + ExpiringBaseGrantModel: + type: object + description: Serializer for BaseGrantModel and ExpiringBaseGrant + properties: + pk: + type: integer + readOnly: true + title: ID + provider: + $ref: '#/components/schemas/OAuth2Provider' + user: + $ref: '#/components/schemas/User' + is_expired: + type: boolean + readOnly: true + expires: + type: string + format: date-time + scope: + type: array + items: + type: string + required: + - is_expired + - pk + - provider + - scope + - user + ExpressionPolicy: + type: object + description: Group Membership Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + expression: + type: string + required: + - bound_to + - component + - expression + - pk + - verbose_name + - verbose_name_plural + ExpressionPolicyRequest: + type: object + description: Group Membership Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + expression: + type: string + required: + - expression + Flow: + type: object + description: Flow Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Flow uuid + policybindingmodel_ptr_id: + type: string + format: uuid + readOnly: true + name: + type: string + slug: + type: string + description: Visible in the URL. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + title: + type: string + description: Shown as the Title in Flow pages. + designation: + allOf: + - $ref: '#/components/schemas/FlowDesignationEnum' + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + background: + type: string + format: uri + readOnly: true + description: Background shown during execution + stages: + type: array + items: + type: string + format: uuid + readOnly: true + policies: + type: array + items: + type: string + format: uuid + readOnly: true + cache_count: + type: integer + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + required: + - background + - cache_count + - designation + - name + - pk + - policies + - policybindingmodel_ptr_id + - slug + - stages + - title + FlowDesignationEnum: + enum: + - authentication + - authorization + - invalidation + - enrollment + - unenrollment + - recovery + - stage_configuration + type: string + FlowDiagram: + type: object + description: response of the flow's diagram action + properties: + diagram: + type: string + readOnly: true + required: + - diagram + FlowRequest: + type: object + description: Flow Serializer + properties: + name: + type: string + slug: + type: string + description: Visible in the URL. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + title: + type: string + description: Shown as the Title in Flow pages. + designation: + allOf: + - $ref: '#/components/schemas/FlowDesignationEnum' + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + required: + - designation + - name + - slug + - title + FlowStageBinding: + type: object + description: FlowStageBinding Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Fsb uuid + policybindingmodel_ptr_id: + type: string + format: uuid + readOnly: true + target: + type: string + format: uuid + stage: + type: string + format: uuid + stage_obj: + allOf: + - $ref: '#/components/schemas/Stage' + readOnly: true + evaluate_on_plan: + type: boolean + description: Evaluate policies during the Flow planning process. Disable + this for input-based policies. + re_evaluate_policies: + type: boolean + description: Evaluate policies when the Stage is present to the user. + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + required: + - order + - pk + - policybindingmodel_ptr_id + - stage + - stage_obj + - target + FlowStageBindingRequest: + type: object + description: FlowStageBinding Serializer + properties: + target: + type: string + format: uuid + stage: + type: string + format: uuid + evaluate_on_plan: + type: boolean + description: Evaluate policies during the Flow planning process. Disable + this for input-based policies. + re_evaluate_policies: + type: boolean + description: Evaluate policies when the Stage is present to the user. + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + required: + - order + - stage + - target + FooterLink: + type: object + description: Links returned in Config API + properties: + href: + type: string + readOnly: true + name: + type: string + readOnly: true + required: + - href + - name + GenericError: + type: object + description: Generic API Error + properties: + detail: + type: string + code: + type: string + required: + - detail + Group: + type: object + description: Group Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Group uuid + name: + type: string + maxLength: 80 + is_superuser: + type: boolean + description: Users added to this group will be superusers. + parent: + type: string + format: uuid + nullable: true + users: + type: array + items: + type: integer + attributes: + type: object + additionalProperties: {} + required: + - name + - parent + - pk + - users + GroupRequest: + type: object + description: Group Serializer + properties: + name: + type: string + maxLength: 80 + is_superuser: + type: boolean + description: Users added to this group will be superusers. + parent: + type: string + format: uuid + nullable: true + users: + type: array + items: + type: integer + attributes: + type: object + additionalProperties: {} + required: + - name + - parent + - users + HaveIBeenPwendPolicy: + type: object + description: Have I Been Pwned Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + allowed_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + HaveIBeenPwendPolicyRequest: + type: object + description: Have I Been Pwned Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + allowed_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + IPReputation: + type: object + description: IPReputation Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + ip: + type: string + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + updated: + type: string + format: date-time + readOnly: true + required: + - ip + - pk + - updated + IPReputationRequest: + type: object + description: IPReputation Serializer + properties: + ip: + type: string + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - ip + IdentificationStage: + type: object + description: IdentificationStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + user_fields: + type: array + items: + $ref: '#/components/schemas/UserFieldsEnum' + description: Fields of the user object to match against. (Hold shift to + select multiple options) + case_insensitive_matching: + type: boolean + description: When enabled, user fields are matched regardless of their casing. + show_matched_user: + type: boolean + description: When a valid username/email has been entered, and this option + is enabled, the user's username and avatar will be shown. Otherwise, the + text that the user entered will be shown + enrollment_flow: + type: string + format: uuid + nullable: true + description: Optional enrollment flow, which is linked at the bottom of + the page. + recovery_flow: + type: string + format: uuid + nullable: true + description: Optional recovery flow, which is linked at the bottom of the + page. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + IdentificationStageRequest: + type: object + description: IdentificationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + user_fields: + type: array + items: + $ref: '#/components/schemas/UserFieldsEnum' + description: Fields of the user object to match against. (Hold shift to + select multiple options) + case_insensitive_matching: + type: boolean + description: When enabled, user fields are matched regardless of their casing. + show_matched_user: + type: boolean + description: When a valid username/email has been entered, and this option + is enabled, the user's username and avatar will be shown. Otherwise, the + text that the user entered will be shown + enrollment_flow: + type: string + format: uuid + nullable: true + description: Optional enrollment flow, which is linked at the bottom of + the page. + recovery_flow: + type: string + format: uuid + nullable: true + description: Optional recovery flow, which is linked at the bottom of the + page. + required: + - name + IntentEnum: + enum: + - verification + - api + - recovery + type: string + Invitation: + type: object + description: Invitation Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Invite uuid + expires: + type: string + format: date-time + nullable: true + fixed_data: + type: object + additionalProperties: {} + created_by: + allOf: + - $ref: '#/components/schemas/User' + readOnly: true + single_use: + type: boolean + description: When enabled, the invitation will be deleted after usage. + required: + - created_by + - pk + InvitationRequest: + type: object + description: Invitation Serializer + properties: + expires: + type: string + format: date-time + nullable: true + fixed_data: + type: object + additionalProperties: {} + single_use: + type: boolean + description: When enabled, the invitation will be deleted after usage. + InvitationStage: + type: object + description: InvitationStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + continue_flow_without_invitation: + type: boolean + description: If this flag is set, this Stage will jump to the next Stage + when no Invitation is given. By default this Stage will cancel the Flow + when no invitation is given. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + InvitationStageRequest: + type: object + description: InvitationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + continue_flow_without_invitation: + type: boolean + description: If this flag is set, this Stage will jump to the next Stage + when no Invitation is given. By default this Stage will cancel the Flow + when no invitation is given. + required: + - name + IssuerModeEnum: + enum: + - global + - per_provider + type: string + JwtAlgEnum: + enum: + - HS256 + - RS256 + type: string + KubernetesServiceConnection: + type: object + description: KubernetesServiceConnection Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + kubeconfig: + type: object + additionalProperties: {} + description: Paste your kubeconfig here. authentik will automatically use + the currently selected context. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + KubernetesServiceConnectionRequest: + type: object + description: KubernetesServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + kubeconfig: + type: object + additionalProperties: {} + description: Paste your kubeconfig here. authentik will automatically use + the currently selected context. + required: + - name + LDAPOutpostConfig: + type: object + description: LDAPProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + base_dn: + type: string + description: DN under which objects are accessible. + bind_flow_slug: + type: string + application_slug: + type: string + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + required: + - application_slug + - bind_flow_slug + - name + - pk + LDAPPropertyMapping: + type: object + description: LDAP PropertyMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + object_field: + type: string + required: + - component + - expression + - name + - object_field + - pk + - verbose_name + - verbose_name_plural + LDAPPropertyMappingRequest: + type: object + description: LDAP PropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + object_field: + type: string + required: + - expression + - name + - object_field + LDAPProvider: + type: object + description: LDAPProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + base_dn: + type: string + description: DN under which objects are accessible. + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + LDAPProviderRequest: + type: object + description: LDAPProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + base_dn: + type: string + description: DN under which objects are accessible. + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + required: + - authorization_flow + - name + LDAPSource: + type: object + description: LDAP Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + server_uri: + type: string + format: uri + bind_cn: + type: string + start_tls: + type: boolean + title: Enable Start TLS + base_dn: + type: string + additional_user_dn: + type: string + title: Addition User DN + description: Prepended to Base DN for User-queries. + additional_group_dn: + type: string + title: Addition Group DN + description: Prepended to Base DN for Group-queries. + user_object_filter: + type: string + description: Consider Objects matching this filter to be Users. + group_object_filter: + type: string + description: Consider Objects matching this filter to be Groups. + group_membership_field: + type: string + description: Field which contains members of a group. + object_uniqueness_field: + type: string + description: Field which contains a unique Identifier. + sync_users: + type: boolean + sync_users_password: + type: boolean + description: When a user changes their password, sync it back to LDAP. This + can only be enabled on a single LDAP source. + sync_groups: + type: boolean + sync_parent_group: + type: string + format: uuid + nullable: true + property_mappings: + type: array + items: + type: string + format: uuid + property_mappings_group: + type: array + items: + type: string + format: uuid + description: Property mappings used for group creation/updating. + required: + - base_dn + - bind_cn + - component + - name + - pk + - server_uri + - slug + - verbose_name + - verbose_name_plural + LDAPSourceRequest: + type: object + description: LDAP Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + server_uri: + type: string + format: uri + bind_cn: + type: string + bind_password: + type: string + writeOnly: true + start_tls: + type: boolean + title: Enable Start TLS + base_dn: + type: string + additional_user_dn: + type: string + title: Addition User DN + description: Prepended to Base DN for User-queries. + additional_group_dn: + type: string + title: Addition Group DN + description: Prepended to Base DN for Group-queries. + user_object_filter: + type: string + description: Consider Objects matching this filter to be Users. + group_object_filter: + type: string + description: Consider Objects matching this filter to be Groups. + group_membership_field: + type: string + description: Field which contains members of a group. + object_uniqueness_field: + type: string + description: Field which contains a unique Identifier. + sync_users: + type: boolean + sync_users_password: + type: boolean + description: When a user changes their password, sync it back to LDAP. This + can only be enabled on a single LDAP source. + sync_groups: + type: boolean + sync_parent_group: + type: string + format: uuid + nullable: true + property_mappings: + type: array + items: + type: string + format: uuid + property_mappings_group: + type: array + items: + type: string + format: uuid + description: Property mappings used for group creation/updating. + required: + - base_dn + - bind_cn + - bind_password + - name + - server_uri + - slug + Link: + type: object + description: Returns a single link + properties: + link: + type: string + required: + - link + LoginMetrics: + type: object + description: Login Metrics per 1h + properties: + logins_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + logins_failed_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + required: + - logins_failed_per_1h + - logins_per_1h + NameIdPolicyEnum: + enum: + - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + - urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName + - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName + - urn:oasis:names:tc:SAML:2.0:nameid-format:transient + type: string + NotConfiguredActionEnum: + enum: + - skip + - deny + - configure + type: string + Notification: + type: object + description: Notification Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + readOnly: true + body: + type: string + readOnly: true + created: + type: string + format: date-time + readOnly: true + event: + $ref: '#/components/schemas/Event' + seen: + type: boolean + required: + - body + - created + - pk + - severity + NotificationRequest: + type: object + description: Notification Serializer + properties: + event: + $ref: '#/components/schemas/EventRequest' + seen: + type: boolean + NotificationRule: + type: object + description: NotificationRule Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + transports: + type: array + items: + type: string + format: uuid + description: Select which transports should be used to notify the user. + If none are selected, the notification will only be shown in the authentik + UI. + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + description: Controls which severity level the created notifications will + have. + group: + type: string + format: uuid + nullable: true + description: Define which group of users this notification should be sent + and shown to. If left empty, Notification won't ben sent. + group_obj: + allOf: + - $ref: '#/components/schemas/Group' + readOnly: true + required: + - group_obj + - name + - pk + - transports + NotificationRuleRequest: + type: object + description: NotificationRule Serializer + properties: + name: + type: string + transports: + type: array + items: + type: string + format: uuid + description: Select which transports should be used to notify the user. + If none are selected, the notification will only be shown in the authentik + UI. + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + description: Controls which severity level the created notifications will + have. + group: + type: string + format: uuid + nullable: true + description: Define which group of users this notification should be sent + and shown to. If left empty, Notification won't ben sent. + required: + - name + - transports + NotificationTransport: + type: object + description: NotificationTransport Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + mode: + $ref: '#/components/schemas/NotificationTransportModeEnum' + mode_verbose: + type: string + readOnly: true + webhook_url: + type: string + send_once: + type: boolean + description: Only send notification once, for example when sending a webhook + into a chat channel. + required: + - mode + - mode_verbose + - name + - pk + NotificationTransportModeEnum: + enum: + - webhook + - webhook_slack + - email + type: string + NotificationTransportRequest: + type: object + description: NotificationTransport Serializer + properties: + name: + type: string + mode: + $ref: '#/components/schemas/NotificationTransportModeEnum' + webhook_url: + type: string + send_once: + type: boolean + description: Only send notification once, for example when sending a webhook + into a chat channel. + required: + - mode + - name + NotificationTransportTest: + type: object + description: Notification test serializer + properties: + messages: + type: array + items: + type: string + required: + - messages + OAuth2Provider: + type: object + description: OAuth2Provider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + client_type: + allOf: + - $ref: '#/components/schemas/ClientTypeEnum' + description: |- + Confidential clients are capable of maintaining the confidentiality + of their credentials. Public clients are incapable. + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + access_code_validity: + type: string + description: 'Access codes not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + token_validity: + type: string + description: 'Tokens not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + include_claims_in_id_token: + type: boolean + description: Include User claims from scopes in the id_token, for applications + that don't access the userinfo endpoint. + jwt_alg: + allOf: + - $ref: '#/components/schemas/JwtAlgEnum' + title: JWT Algorithm + description: Algorithm used to sign the JWT Token + rsa_key: + type: string + format: uuid + nullable: true + description: Key used to sign the tokens. Only required when JWT Algorithm + is set to RS256. + redirect_uris: + type: string + description: Enter each URI on a new line. + sub_mode: + allOf: + - $ref: '#/components/schemas/SubModeEnum' + description: Configure what data should be used as unique User Identifier. + For most cases, the default should be fine. + issuer_mode: + allOf: + - $ref: '#/components/schemas/IssuerModeEnum' + description: Configure how the issuer field of the ID Token should be filled. + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + OAuth2ProviderRequest: + type: object + description: OAuth2Provider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + client_type: + allOf: + - $ref: '#/components/schemas/ClientTypeEnum' + description: |- + Confidential clients are capable of maintaining the confidentiality + of their credentials. Public clients are incapable. + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + access_code_validity: + type: string + description: 'Access codes not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + token_validity: + type: string + description: 'Tokens not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + include_claims_in_id_token: + type: boolean + description: Include User claims from scopes in the id_token, for applications + that don't access the userinfo endpoint. + jwt_alg: + allOf: + - $ref: '#/components/schemas/JwtAlgEnum' + title: JWT Algorithm + description: Algorithm used to sign the JWT Token + rsa_key: + type: string + format: uuid + nullable: true + description: Key used to sign the tokens. Only required when JWT Algorithm + is set to RS256. + redirect_uris: + type: string + description: Enter each URI on a new line. + sub_mode: + allOf: + - $ref: '#/components/schemas/SubModeEnum' + description: Configure what data should be used as unique User Identifier. + For most cases, the default should be fine. + issuer_mode: + allOf: + - $ref: '#/components/schemas/IssuerModeEnum' + description: Configure how the issuer field of the ID Token should be filled. + required: + - authorization_flow + - name + OAuth2ProviderSetupURLs: + type: object + description: OAuth2 Provider Metadata serializer + properties: + issuer: + type: string + readOnly: true + authorize: + type: string + readOnly: true + token: + type: string + readOnly: true + user_info: + type: string + readOnly: true + provider_info: + type: string + readOnly: true + logout: + type: string + readOnly: true + required: + - authorize + - issuer + - logout + - provider_info + - token + - user_info + OAuthSource: + type: object + description: OAuth Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + provider_type: + type: string + maxLength: 255 + request_token_url: + type: string + nullable: true + description: URL used to request the initial token. This URL is only required + for OAuth 1. + maxLength: 255 + authorization_url: + type: string + nullable: true + description: URL the user is redirect to to conest the flow. + maxLength: 255 + access_token_url: + type: string + nullable: true + description: URL used by authentik to retrive tokens. + maxLength: 255 + profile_url: + type: string + nullable: true + description: URL used by authentik to get user information. + maxLength: 255 + consumer_key: + type: string + callback_url: + type: string + readOnly: true + type: + allOf: + - $ref: '#/components/schemas/SourceType' + readOnly: true + required: + - callback_url + - component + - consumer_key + - name + - pk + - provider_type + - slug + - type + - verbose_name + - verbose_name_plural + OAuthSourceRequest: + type: object + description: OAuth Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + provider_type: + type: string + maxLength: 255 + request_token_url: + type: string + nullable: true + description: URL used to request the initial token. This URL is only required + for OAuth 1. + maxLength: 255 + authorization_url: + type: string + nullable: true + description: URL the user is redirect to to conest the flow. + maxLength: 255 + access_token_url: + type: string + nullable: true + description: URL used by authentik to retrive tokens. + maxLength: 255 + profile_url: + type: string + nullable: true + description: URL used by authentik to get user information. + maxLength: 255 + consumer_key: + type: string + consumer_secret: + type: string + writeOnly: true + required: + - consumer_key + - consumer_secret + - name + - provider_type + - slug + OpenIDConnectConfiguration: + type: object + description: rest_framework Serializer for OIDC Configuration + properties: + issuer: + type: string + authorization_endpoint: + type: string + token_endpoint: + type: string + userinfo_endpoint: + type: string + end_session_endpoint: + type: string + introspection_endpoint: + type: string + jwks_uri: + type: string + response_types_supported: + type: array + items: + type: string + id_token_signing_alg_values_supported: + type: array + items: + type: string + subject_types_supported: + type: array + items: + type: string + token_endpoint_auth_methods_supported: + type: array + items: + type: string + required: + - authorization_endpoint + - end_session_endpoint + - id_token_signing_alg_values_supported + - introspection_endpoint + - issuer + - jwks_uri + - response_types_supported + - subject_types_supported + - token_endpoint + - token_endpoint_auth_methods_supported + - userinfo_endpoint + Outpost: + type: object + description: Outpost Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + type: + $ref: '#/components/schemas/OutpostTypeEnum' + providers: + type: array + items: + type: integer + providers_obj: + type: array + items: + $ref: '#/components/schemas/Provider' + readOnly: true + service_connection: + type: string + format: uuid + nullable: true + description: Select Service-Connection authentik should use to manage this + outpost. Leave empty if authentik should not handle the deployment. + token_identifier: + type: string + readOnly: true + config: + type: object + additionalProperties: {} + required: + - config + - name + - pk + - providers + - providers_obj + - token_identifier + OutpostDefaultConfig: + type: object + description: Global default outpost config + properties: + config: + type: object + additionalProperties: {} + readOnly: true + required: + - config + OutpostHealth: + type: object + description: Outpost health status + properties: + last_seen: + type: string + format: date-time + readOnly: true + version: + type: string + readOnly: true + version_should: + type: string + readOnly: true + version_outdated: + type: boolean + readOnly: true + required: + - last_seen + - version + - version_outdated + - version_should + OutpostRequest: + type: object + description: Outpost Serializer + properties: + name: + type: string + type: + $ref: '#/components/schemas/OutpostTypeEnum' + providers: + type: array + items: + type: integer + service_connection: + type: string + format: uuid + nullable: true + description: Select Service-Connection authentik should use to manage this + outpost. Leave empty if authentik should not handle the deployment. + config: + type: object + additionalProperties: {} + required: + - config + - name + - providers + OutpostTypeEnum: + enum: + - proxy + - ldap + type: string + PaginatedApplicationList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Application' + required: + - pagination + - results + PaginatedAuthenticateWebAuthnStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + required: + - pagination + - results + PaginatedAuthenticatorStaticStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/AuthenticatorStaticStage' + required: + - pagination + - results + PaginatedAuthenticatorTOTPStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + required: + - pagination + - results + PaginatedAuthenticatorValidateStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/AuthenticatorValidateStage' + required: + - pagination + - results + PaginatedCaptchaStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/CaptchaStage' + required: + - pagination + - results + PaginatedCertificateKeyPairList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/CertificateKeyPair' + required: + - pagination + - results + PaginatedConsentStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/ConsentStage' + required: + - pagination + - results + PaginatedDenyStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/DenyStage' + required: + - pagination + - results + PaginatedDockerServiceConnectionList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/DockerServiceConnection' + required: + - pagination + - results + PaginatedDummyPolicyList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/DummyPolicy' + required: + - pagination + - results + PaginatedDummyStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/DummyStage' + required: + - pagination + - results + PaginatedEmailStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/EmailStage' + required: + - pagination + - results + PaginatedEventList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Event' + required: + - pagination + - results + PaginatedEventMatcherPolicyList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/EventMatcherPolicy' + required: + - pagination + - results + PaginatedExpiringBaseGrantModelList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/ExpiringBaseGrantModel' + required: + - pagination + - results + PaginatedExpressionPolicyList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/ExpressionPolicy' + required: + - pagination + - results + PaginatedFlowList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - pagination + - results + PaginatedFlowStageBindingList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/FlowStageBinding' + required: + - pagination + - results + PaginatedGroupList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Group' + required: + - pagination + - results + PaginatedHaveIBeenPwendPolicyList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + required: + - pagination + - results + PaginatedIPReputationList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/IPReputation' + required: + - pagination + - results + PaginatedIdentificationStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/IdentificationStage' + required: + - pagination + - results + PaginatedInvitationList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Invitation' + required: + - pagination + - results + PaginatedInvitationStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/InvitationStage' + required: + - pagination + - results + PaginatedKubernetesServiceConnectionList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/KubernetesServiceConnection' + required: + - pagination + - results + PaginatedLDAPOutpostConfigList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/LDAPOutpostConfig' + required: + - pagination + - results + PaginatedLDAPPropertyMappingList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/LDAPPropertyMapping' + required: + - pagination + - results + PaginatedLDAPProviderList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/LDAPProvider' + required: + - pagination + - results + PaginatedLDAPSourceList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/LDAPSource' + required: + - pagination + - results + PaginatedNotificationList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Notification' + required: + - pagination + - results + PaginatedNotificationRuleList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/NotificationRule' + required: + - pagination + - results + PaginatedNotificationTransportList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/NotificationTransport' + required: + - pagination + - results + PaginatedOAuth2ProviderList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/OAuth2Provider' + required: + - pagination + - results + PaginatedOAuthSourceList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/OAuthSource' + required: + - pagination + - results + PaginatedOutpostList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Outpost' + required: + - pagination + - results + PaginatedPasswordExpiryPolicyList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/PasswordExpiryPolicy' + required: + - pagination + - results + PaginatedPasswordPolicyList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/PasswordPolicy' + required: + - pagination + - results + PaginatedPasswordStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/PasswordStage' + required: + - pagination + - results + PaginatedPlexSourceList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/PlexSource' + required: + - pagination + - results + PaginatedPolicyBindingList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/PolicyBinding' + required: + - pagination + - results + PaginatedPolicyList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Policy' + required: + - pagination + - results + PaginatedPromptList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Prompt' + required: + - pagination + - results + PaginatedPromptStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/PromptStage' + required: + - pagination + - results + PaginatedPropertyMappingList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/PropertyMapping' + required: + - pagination + - results + PaginatedProviderList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Provider' + required: + - pagination + - results + PaginatedProxyOutpostConfigList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/ProxyOutpostConfig' + required: + - pagination + - results + PaginatedProxyProviderList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/ProxyProvider' + required: + - pagination + - results + PaginatedReputationPolicyList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/ReputationPolicy' + required: + - pagination + - results + PaginatedSAMLPropertyMappingList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/SAMLPropertyMapping' + required: + - pagination + - results + PaginatedSAMLProviderList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/SAMLProvider' + required: + - pagination + - results + PaginatedSAMLSourceList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/SAMLSource' + required: + - pagination + - results + PaginatedScopeMappingList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/ScopeMapping' + required: + - pagination + - results + PaginatedServiceConnectionList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/ServiceConnection' + required: + - pagination + - results + PaginatedSourceList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Source' + required: + - pagination + - results + PaginatedStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Stage' + required: + - pagination + - results + PaginatedStaticDeviceList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/StaticDevice' + required: + - pagination + - results + PaginatedTOTPDeviceList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/TOTPDevice' + required: + - pagination + - results + PaginatedTokenList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/Token' + required: + - pagination + - results + PaginatedUserConsentList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/UserConsent' + required: + - pagination + - results + PaginatedUserDeleteStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/UserDeleteStage' + required: + - pagination + - results + PaginatedUserList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/User' + required: + - pagination + - results + PaginatedUserLoginStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/UserLoginStage' + required: + - pagination + - results + PaginatedUserLogoutStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/UserLogoutStage' + required: + - pagination + - results + PaginatedUserOAuthSourceConnectionList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/UserOAuthSourceConnection' + required: + - pagination + - results + PaginatedUserReputationList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/UserReputation' + required: + - pagination + - results + PaginatedUserWriteStageList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/UserWriteStage' + required: + - pagination + - results + PaginatedWebAuthnDeviceList: + type: object + properties: + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number + required: + - next + - previous + - count + - current + - total_pages + - start_index + - end_index + results: + type: array + items: + $ref: '#/components/schemas/WebAuthnDevice' + required: + - pagination + - results + PasswordExpiryPolicy: + type: object + description: Password Expiry Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + days: + type: integer + maximum: 2147483647 + minimum: -2147483648 + deny_only: + type: boolean + required: + - bound_to + - component + - days + - pk + - verbose_name + - verbose_name_plural + PasswordExpiryPolicyRequest: + type: object + description: Password Expiry Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + days: + type: integer + maximum: 2147483647 + minimum: -2147483648 + deny_only: + type: boolean + required: + - days + PasswordPolicy: + type: object + description: Password Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + amount_uppercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_lowercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_symbols: + type: integer + maximum: 2147483647 + minimum: -2147483648 + length_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + symbol_charset: + type: string + error_message: + type: string + required: + - bound_to + - component + - error_message + - pk + - verbose_name + - verbose_name_plural + PasswordPolicyRequest: + type: object + description: Password Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + amount_uppercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_lowercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_symbols: + type: integer + maximum: 2147483647 + minimum: -2147483648 + length_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + symbol_charset: + type: string + error_message: + type: string + required: + - error_message + PasswordStage: + type: object + description: PasswordStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + backends: + type: array + items: + $ref: '#/components/schemas/BackendsEnum' + description: Selection of backends to test the password against. + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + failed_attempts_before_cancel: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: How many attempts a user has before the flow is canceled. To + lock the user out, use a reputation policy and a user_write stage. + required: + - backends + - component + - name + - pk + - verbose_name + - verbose_name_plural + PasswordStageRequest: + type: object + description: PasswordStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + backends: + type: array + items: + $ref: '#/components/schemas/BackendsEnum' + description: Selection of backends to test the password against. + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + failed_attempts_before_cancel: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: How many attempts a user has before the flow is canceled. To + lock the user out, use a reputation policy and a user_write stage. + required: + - backends + - name + PatchedApplicationRequest: + type: object + description: Application Serializer + properties: + name: + type: string + description: Application's display Name. + slug: + type: string + description: Internal application name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + provider: + type: integer + nullable: true + provider_obj: + $ref: '#/components/schemas/ProviderRequest' + meta_launch_url: + type: string + format: uri + maxLength: 200 + meta_description: + type: string + meta_publisher: + type: string + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + PatchedAuthenticateWebAuthnStageRequest: + type: object + description: AuthenticateWebAuthnStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + PatchedAuthenticatorStaticStageRequest: + type: object + description: AuthenticatorStaticStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + token_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedAuthenticatorTOTPStageRequest: + type: object + description: AuthenticatorTOTPStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + digits: + allOf: + - $ref: '#/components/schemas/DigitsEnum' + minimum: -2147483648 + maximum: 2147483647 + PatchedAuthenticatorValidateStageRequest: + type: object + description: AuthenticatorValidateStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + not_configured_action: + $ref: '#/components/schemas/NotConfiguredActionEnum' + device_classes: + type: array + items: + $ref: '#/components/schemas/DeviceClassesEnum' + description: Device classes which can be used to authenticate + configuration_stage: + type: string + format: uuid + nullable: true + description: Stage used to configure Authenticator when user doesn't have + any compatible devices. After this configuration Stage passes, the user + is not prompted again. + PatchedCaptchaStageRequest: + type: object + description: CaptchaStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + public_key: + type: string + description: Public key, acquired from https://www.google.com/recaptcha/intro/v3.html + private_key: + type: string + writeOnly: true + description: Private key, acquired from https://www.google.com/recaptcha/intro/v3.html + PatchedCertificateKeyPairRequest: + type: object + description: CertificateKeyPair Serializer + properties: + name: + type: string + certificate_data: + type: string + writeOnly: true + description: PEM-encoded Certificate data + key_data: + type: string + writeOnly: true + description: Optional Private Key. If this is set, you can use this keypair + for encryption. + PatchedConsentStageRequest: + type: object + description: ConsentStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + mode: + $ref: '#/components/schemas/ConsentStageModeEnum' + consent_expire_in: + type: string + title: Consent expires in + description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' + PatchedDenyStageRequest: + type: object + description: DenyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedDockerServiceConnectionRequest: + type: object + description: DockerServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + url: + type: string + description: Can be in the format of 'unix://' when connecting to + a local docker daemon, or 'https://:2376' when connecting to + a remote system. + tls_verification: + type: string + format: uuid + nullable: true + description: CA which the endpoint's Certificate is verified against. Can + be left empty for no validation. + tls_authentication: + type: string + format: uuid + nullable: true + description: Certificate/Key used for authentication. Can be left empty + for no authentication. + PatchedDummyPolicyRequest: + type: object + description: Dummy Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + result: + type: boolean + wait_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + wait_max: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedDummyStageRequest: + type: object + description: DummyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedEmailStageRequest: + type: object + description: EmailStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + use_global_settings: + type: boolean + description: When enabled, global Email connection settings will be used + and connection settings below will be ignored. + host: + type: string + port: + type: integer + maximum: 2147483647 + minimum: -2147483648 + username: + type: string + password: + type: string + writeOnly: true + use_tls: + type: boolean + use_ssl: + type: boolean + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + from_address: + type: string + format: email + maxLength: 254 + token_expiry: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Time in minutes the token sent is valid. + subject: + type: string + template: + type: string + PatchedEventMatcherPolicyRequest: + type: object + description: Event Matcher Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + action: + allOf: + - $ref: '#/components/schemas/ActionEnum' + description: Match created events with this action type. When left empty, + all action types will be matched. + client_ip: + type: string + description: Matches Event's Client IP (strict matching, for network matching + use an Expression Policy) + app: + allOf: + - $ref: '#/components/schemas/AppEnum' + description: Match events created by selected application. When left empty, + all applications are matched. + PatchedExpressionPolicyRequest: + type: object + description: Group Membership Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + expression: + type: string + PatchedFlowRequest: + type: object + description: Flow Serializer + properties: + name: + type: string + slug: + type: string + description: Visible in the URL. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + title: + type: string + description: Shown as the Title in Flow pages. + designation: + allOf: + - $ref: '#/components/schemas/FlowDesignationEnum' + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + PatchedFlowStageBindingRequest: + type: object + description: FlowStageBinding Serializer + properties: + target: + type: string + format: uuid + stage: + type: string + format: uuid + evaluate_on_plan: + type: boolean + description: Evaluate policies during the Flow planning process. Disable + this for input-based policies. + re_evaluate_policies: + type: boolean + description: Evaluate policies when the Stage is present to the user. + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + PatchedGroupRequest: + type: object + description: Group Serializer + properties: + name: + type: string + maxLength: 80 + is_superuser: + type: boolean + description: Users added to this group will be superusers. + parent: + type: string + format: uuid + nullable: true + users: + type: array + items: + type: integer + attributes: + type: object + additionalProperties: {} + PatchedHaveIBeenPwendPolicyRequest: + type: object + description: Have I Been Pwned Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + allowed_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedIPReputationRequest: + type: object + description: IPReputation Serializer + properties: + ip: + type: string + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedIdentificationStageRequest: + type: object + description: IdentificationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + user_fields: + type: array + items: + $ref: '#/components/schemas/UserFieldsEnum' + description: Fields of the user object to match against. (Hold shift to + select multiple options) + case_insensitive_matching: + type: boolean + description: When enabled, user fields are matched regardless of their casing. + show_matched_user: + type: boolean + description: When a valid username/email has been entered, and this option + is enabled, the user's username and avatar will be shown. Otherwise, the + text that the user entered will be shown + enrollment_flow: + type: string + format: uuid + nullable: true + description: Optional enrollment flow, which is linked at the bottom of + the page. + recovery_flow: + type: string + format: uuid + nullable: true + description: Optional recovery flow, which is linked at the bottom of the + page. + PatchedInvitationRequest: + type: object + description: Invitation Serializer + properties: + expires: + type: string + format: date-time + nullable: true + fixed_data: + type: object + additionalProperties: {} + single_use: + type: boolean + description: When enabled, the invitation will be deleted after usage. + PatchedInvitationStageRequest: + type: object + description: InvitationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + continue_flow_without_invitation: + type: boolean + description: If this flag is set, this Stage will jump to the next Stage + when no Invitation is given. By default this Stage will cancel the Flow + when no invitation is given. + PatchedKubernetesServiceConnectionRequest: + type: object + description: KubernetesServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + kubeconfig: + type: object + additionalProperties: {} + description: Paste your kubeconfig here. authentik will automatically use + the currently selected context. + PatchedLDAPPropertyMappingRequest: + type: object + description: LDAP PropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + object_field: + type: string + PatchedLDAPProviderRequest: + type: object + description: LDAPProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + base_dn: + type: string + description: DN under which objects are accessible. + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + PatchedLDAPSourceRequest: + type: object + description: LDAP Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + server_uri: + type: string + format: uri + bind_cn: + type: string + bind_password: + type: string + writeOnly: true + start_tls: + type: boolean + title: Enable Start TLS + base_dn: + type: string + additional_user_dn: + type: string + title: Addition User DN + description: Prepended to Base DN for User-queries. + additional_group_dn: + type: string + title: Addition Group DN + description: Prepended to Base DN for Group-queries. + user_object_filter: + type: string + description: Consider Objects matching this filter to be Users. + group_object_filter: + type: string + description: Consider Objects matching this filter to be Groups. + group_membership_field: + type: string + description: Field which contains members of a group. + object_uniqueness_field: + type: string + description: Field which contains a unique Identifier. + sync_users: + type: boolean + sync_users_password: + type: boolean + description: When a user changes their password, sync it back to LDAP. This + can only be enabled on a single LDAP source. + sync_groups: + type: boolean + sync_parent_group: + type: string + format: uuid + nullable: true + property_mappings: + type: array + items: + type: string + format: uuid + property_mappings_group: + type: array + items: + type: string + format: uuid + description: Property mappings used for group creation/updating. + PatchedNotificationRequest: + type: object + description: Notification Serializer + properties: + event: + $ref: '#/components/schemas/EventRequest' + seen: + type: boolean + PatchedNotificationRuleRequest: + type: object + description: NotificationRule Serializer + properties: + name: + type: string + transports: + type: array + items: + type: string + format: uuid + description: Select which transports should be used to notify the user. + If none are selected, the notification will only be shown in the authentik + UI. + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + description: Controls which severity level the created notifications will + have. + group: + type: string + format: uuid + nullable: true + description: Define which group of users this notification should be sent + and shown to. If left empty, Notification won't ben sent. + PatchedNotificationTransportRequest: + type: object + description: NotificationTransport Serializer + properties: + name: + type: string + mode: + $ref: '#/components/schemas/NotificationTransportModeEnum' + webhook_url: + type: string + send_once: + type: boolean + description: Only send notification once, for example when sending a webhook + into a chat channel. + PatchedOAuth2ProviderRequest: + type: object + description: OAuth2Provider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + client_type: + allOf: + - $ref: '#/components/schemas/ClientTypeEnum' + description: |- + Confidential clients are capable of maintaining the confidentiality + of their credentials. Public clients are incapable. + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + access_code_validity: + type: string + description: 'Access codes not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + token_validity: + type: string + description: 'Tokens not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + include_claims_in_id_token: + type: boolean + description: Include User claims from scopes in the id_token, for applications + that don't access the userinfo endpoint. + jwt_alg: + allOf: + - $ref: '#/components/schemas/JwtAlgEnum' + title: JWT Algorithm + description: Algorithm used to sign the JWT Token + rsa_key: + type: string + format: uuid + nullable: true + description: Key used to sign the tokens. Only required when JWT Algorithm + is set to RS256. + redirect_uris: + type: string + description: Enter each URI on a new line. + sub_mode: + allOf: + - $ref: '#/components/schemas/SubModeEnum' + description: Configure what data should be used as unique User Identifier. + For most cases, the default should be fine. + issuer_mode: + allOf: + - $ref: '#/components/schemas/IssuerModeEnum' + description: Configure how the issuer field of the ID Token should be filled. + PatchedOAuthSourceRequest: + type: object + description: OAuth Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + provider_type: + type: string + maxLength: 255 + request_token_url: + type: string + nullable: true + description: URL used to request the initial token. This URL is only required + for OAuth 1. + maxLength: 255 + authorization_url: + type: string + nullable: true + description: URL the user is redirect to to conest the flow. + maxLength: 255 + access_token_url: + type: string + nullable: true + description: URL used by authentik to retrive tokens. + maxLength: 255 + profile_url: + type: string + nullable: true + description: URL used by authentik to get user information. + maxLength: 255 + consumer_key: + type: string + consumer_secret: + type: string + writeOnly: true + PatchedOutpostRequest: + type: object + description: Outpost Serializer + properties: + name: + type: string + type: + $ref: '#/components/schemas/OutpostTypeEnum' + providers: + type: array + items: + type: integer + service_connection: + type: string + format: uuid + nullable: true + description: Select Service-Connection authentik should use to manage this + outpost. Leave empty if authentik should not handle the deployment. + config: + type: object + additionalProperties: {} + PatchedPasswordExpiryPolicyRequest: + type: object + description: Password Expiry Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + days: + type: integer + maximum: 2147483647 + minimum: -2147483648 + deny_only: + type: boolean + PatchedPasswordPolicyRequest: + type: object + description: Password Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + amount_uppercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_lowercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_symbols: + type: integer + maximum: 2147483647 + minimum: -2147483648 + length_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + symbol_charset: + type: string + error_message: + type: string + PatchedPasswordStageRequest: + type: object + description: PasswordStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + backends: + type: array + items: + $ref: '#/components/schemas/BackendsEnum' + description: Selection of backends to test the password against. + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + failed_attempts_before_cancel: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: How many attempts a user has before the flow is canceled. To + lock the user out, use a reputation policy and a user_write stage. + PatchedPlexSourceRequest: + type: object + description: Plex Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + client_id: + type: string + description: Client identifier used to talk to Plex. + allowed_servers: + type: array + items: + type: string + description: Which servers a user has to be a member of to be granted access. + Empty list allows every server. + allow_friends: + type: boolean + description: Allow friends to authenticate, even if you don't share a server. + plex_token: + type: string + description: Plex token used to check firends + PatchedPolicyBindingRequest: + type: object + description: PolicyBinding Serializer + properties: + policy: + type: string + format: uuid + nullable: true + group: + type: string + format: uuid + nullable: true + user: + type: integer + nullable: true + target: + type: string + format: uuid + enabled: + type: boolean + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Timeout after which Policy execution is terminated. + PatchedPromptRequest: + type: object + description: Prompt Serializer + properties: + field_key: + type: string + description: Name of the form field, also used to store the value + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + label: + type: string + type: + $ref: '#/components/schemas/PromptTypeEnum' + required: + type: boolean + placeholder: + type: string + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + promptstage_set: + type: array + items: + $ref: '#/components/schemas/StageRequest' + PatchedPromptStageRequest: + type: object + description: PromptStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + fields: + type: array + items: + type: string + format: uuid + validation_policies: + type: array + items: + type: string + format: uuid + PatchedProxyProviderRequest: + type: object + description: ProxyProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + PatchedReputationPolicyRequest: + type: object + description: Reputation Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + check_ip: + type: boolean + check_username: + type: boolean + threshold: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedSAMLPropertyMappingRequest: + type: object + description: SAMLPropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + saml_name: + type: string + friendly_name: + type: string + nullable: true + PatchedSAMLProviderRequest: + type: object + description: SAMLProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + acs_url: + type: string + format: uri + maxLength: 200 + audience: + type: string + description: Value of the audience restriction field of the asseration. + When left empty, no audience restriction will be added. + issuer: + type: string + description: Also known as EntityID + assertion_valid_not_before: + type: string + description: 'Assertion valid not before current time + this value (Format: + hours=-1;minutes=-2;seconds=-3).' + assertion_valid_not_on_or_after: + type: string + description: 'Assertion not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + session_valid_not_on_or_after: + type: string + description: 'Session not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + name_id_mapping: + type: string + format: uuid + nullable: true + title: NameID Property Mapping + description: Configure how the NameID value will be created. When left empty, + the NameIDPolicy of the incoming request will be considered + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Signing Keypair + description: Keypair used to sign outgoing Responses going to the Service + Provider. + verification_kp: + type: string + format: uuid + nullable: true + title: Verification Certificate + description: When selected, incoming assertion's Signatures will be validated + against this certificate. To allow unsigned Requests, leave on default. + sp_binding: + allOf: + - $ref: '#/components/schemas/SpBindingEnum' + title: Service Provider Binding + description: This determines how authentik sends the response back to the + Service Provider. + PatchedSAMLSourceRequest: + type: object + description: SAMLSource Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + pre_authentication_flow: + type: string + format: uuid + description: Flow used before authentication. + issuer: + type: string + description: Also known as Entity ID. Defaults the Metadata URL. + sso_url: + type: string + format: uri + description: URL that the initial Login request is sent to. + maxLength: 200 + slo_url: + type: string + format: uri + nullable: true + description: Optional URL if your IDP supports Single-Logout. + maxLength: 200 + allow_idp_initiated: + type: boolean + description: Allows authentication flows initiated by the IdP. This can + be a security risk, as no validation of the request ID is done. + name_id_policy: + allOf: + - $ref: '#/components/schemas/NameIdPolicyEnum' + description: NameID Policy sent to the IdP. Can be unset, in which case + no Policy is sent. + binding_type: + $ref: '#/components/schemas/BindingTypeEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Singing Keypair + description: Keypair which is used to sign outgoing requests. Leave empty + to disable signing. + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + temporary_user_delete_after: + type: string + title: Delete temporary users after + description: 'Time offset when temporary users should be deleted. This only + applies if your IDP uses the NameID Format ''transient'', and the user + doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' + PatchedScopeMappingRequest: + type: object + description: ScopeMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + scope_name: + type: string + description: Scope used by the client + description: + type: string + description: Description shown to the user when consenting. If left empty, + the user won't be informed. + PatchedStaticDeviceRequest: + type: object + description: Serializer for static authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + PatchedTOTPDeviceRequest: + type: object + description: Serializer for totp authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + PatchedTokenRequest: + type: object + description: Token Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + identifier: + type: string + maxLength: 255 + pattern: ^[-a-zA-Z0-9_]+$ + intent: + $ref: '#/components/schemas/IntentEnum' + user: + $ref: '#/components/schemas/UserRequest' + description: + type: string + expires: + type: string + format: date-time + expiring: + type: boolean + PatchedUserDeleteStageRequest: + type: object + description: UserDeleteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedUserLoginStageRequest: + type: object + description: UserLoginStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + session_duration: + type: string + description: 'Determines how long a session lasts. Default of 0 means that + the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' + PatchedUserLogoutStageRequest: + type: object + description: UserLogoutStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedUserOAuthSourceConnectionRequest: + type: object + description: OAuth Source Serializer + properties: + user: + type: integer + source: + type: string + format: uuid + identifier: + type: string + maxLength: 255 + PatchedUserReputationRequest: + type: object + description: UserReputation Serializer + properties: + user: + type: integer + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedUserRequest: + type: object + description: User Serializer + properties: + username: + type: string + description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ + only. + pattern: ^[\w.@+-]+$ + maxLength: 150 + name: + type: string + description: User's display name. + is_active: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + last_login: + type: string + format: date-time + nullable: true + email: + type: string + format: email + title: Email address + maxLength: 254 + attributes: + type: object + additionalProperties: {} + PatchedUserWriteStageRequest: + type: object + description: UserWriteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedWebAuthnDeviceRequest: + type: object + description: Serializer for WebAuthn authenticator devices + properties: + name: + type: string + maxLength: 200 + PlexSource: + type: object + description: Plex Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + client_id: + type: string + description: Client identifier used to talk to Plex. + allowed_servers: + type: array + items: + type: string + description: Which servers a user has to be a member of to be granted access. + Empty list allows every server. + allow_friends: + type: boolean + description: Allow friends to authenticate, even if you don't share a server. + plex_token: + type: string + description: Plex token used to check firends + required: + - component + - name + - pk + - slug + - verbose_name + - verbose_name_plural + PlexSourceRequest: + type: object + description: Plex Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + client_id: + type: string + description: Client identifier used to talk to Plex. + allowed_servers: + type: array + items: + type: string + description: Which servers a user has to be a member of to be granted access. + Empty list allows every server. + allow_friends: + type: boolean + description: Allow friends to authenticate, even if you don't share a server. + plex_token: + type: string + description: Plex token used to check firends + required: + - name + - slug + PlexTokenRedeemRequest: + type: object + description: Serializer to redeem a plex token + properties: + plex_token: + type: string + required: + - plex_token + Policy: + type: object + description: Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + PolicyBinding: + type: object + description: PolicyBinding Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy binding uuid + policy: + type: string + format: uuid + nullable: true + group: + type: string + format: uuid + nullable: true + user: + type: integer + nullable: true + policy_obj: + allOf: + - $ref: '#/components/schemas/Policy' + readOnly: true + group_obj: + allOf: + - $ref: '#/components/schemas/Group' + readOnly: true + user_obj: + allOf: + - $ref: '#/components/schemas/User' + readOnly: true + target: + type: string + format: uuid + enabled: + type: boolean + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Timeout after which Policy execution is terminated. + required: + - group_obj + - order + - pk + - policy_obj + - target + - user_obj + PolicyBindingRequest: + type: object + description: PolicyBinding Serializer + properties: + policy: + type: string + format: uuid + nullable: true + group: + type: string + format: uuid + nullable: true + user: + type: integer + nullable: true + target: + type: string + format: uuid + enabled: + type: boolean + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Timeout after which Policy execution is terminated. + required: + - order + - target + PolicyEngineMode: + enum: + - all + - any + type: string + PolicyRequest: + type: object + description: Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + PolicyTestRequest: + type: object + description: Test policy execution for a user with context + properties: + user: + type: integer + context: + type: object + additionalProperties: {} + required: + - user + PolicyTestResult: + type: object + description: result of a policy test + properties: + passing: + type: boolean + messages: + type: array + items: + type: string + readOnly: true + required: + - messages + - passing + Prompt: + type: object + description: Prompt Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Prompt uuid + field_key: + type: string + description: Name of the form field, also used to store the value + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + label: + type: string + type: + $ref: '#/components/schemas/PromptTypeEnum' + required: + type: boolean + placeholder: + type: string + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + promptstage_set: + type: array + items: + $ref: '#/components/schemas/Stage' + required: + - field_key + - label + - pk + - type + PromptRequest: + type: object + description: Prompt Serializer + properties: + field_key: + type: string + description: Name of the form field, also used to store the value + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + label: + type: string + type: + $ref: '#/components/schemas/PromptTypeEnum' + required: + type: boolean + placeholder: + type: string + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + promptstage_set: + type: array + items: + $ref: '#/components/schemas/StageRequest' + required: + - field_key + - label + - type + PromptStage: + type: object + description: PromptStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + fields: + type: array + items: + type: string + format: uuid + validation_policies: + type: array + items: + type: string + format: uuid + required: + - component + - fields + - name + - pk + - verbose_name + - verbose_name_plural + PromptStageRequest: + type: object + description: PromptStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + fields: + type: array + items: + type: string + format: uuid + validation_policies: + type: array + items: + type: string + format: uuid + required: + - fields + - name + PromptTypeEnum: + enum: + - text + - username + - email + - password + - number + - checkbox + - date + - date-time + - separator + - hidden + - static + type: string + PropertyMapping: + type: object + description: PropertyMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + required: + - component + - expression + - name + - pk + - verbose_name + - verbose_name_plural + PropertyMappingTestResult: + type: object + description: Result of a Property-mapping test + properties: + result: + type: string + readOnly: true + successful: + type: boolean + readOnly: true + required: + - result + - successful + Provider: + type: object + description: Provider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + ProviderRequest: + type: object + description: Provider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + required: + - authorization_flow + - name + ProxyOutpostConfig: + type: object + description: ProxyProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + oidc_configuration: + allOf: + - $ref: '#/components/schemas/OpenIDConnectConfiguration' + readOnly: true + cookie_secret: + type: string + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + required: + - external_host + - name + - oidc_configuration + - pk + ProxyProvider: + type: object + description: ProxyProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + redirect_uris: + type: string + readOnly: true + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - external_host + - name + - pk + - redirect_uris + - verbose_name + - verbose_name_plural + ProxyProviderRequest: + type: object + description: ProxyProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + required: + - authorization_flow + - external_host + - name + RedirectChallenge: + type: object + description: Challenge type to redirect the client + properties: + type: + $ref: '#/components/schemas/ChallengeChoices' + component: + type: string + title: + type: string + background: + type: string + response_errors: + type: object + additionalProperties: + type: array + items: + $ref: '#/components/schemas/ErrorDetail' + to: + type: string + required: + - to + - type + ReputationPolicy: + type: object + description: Reputation Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + check_ip: + type: boolean + check_username: + type: boolean + threshold: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + ReputationPolicyRequest: + type: object + description: Reputation Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + check_ip: + type: boolean + check_username: + type: boolean + threshold: + type: integer + maximum: 2147483647 + minimum: -2147483648 + SAMLMetadata: + type: object + description: SAML Provider Metadata serializer + properties: + metadata: + type: string + readOnly: true + required: + - metadata + SAMLPropertyMapping: + type: object + description: SAMLPropertyMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + saml_name: + type: string + friendly_name: + type: string + nullable: true + required: + - component + - expression + - name + - pk + - saml_name + - verbose_name + - verbose_name_plural + SAMLPropertyMappingRequest: + type: object + description: SAMLPropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + saml_name: + type: string + friendly_name: + type: string + nullable: true + required: + - expression + - name + - saml_name + SAMLProvider: + type: object + description: SAMLProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + acs_url: + type: string + format: uri + maxLength: 200 + audience: + type: string + description: Value of the audience restriction field of the asseration. + When left empty, no audience restriction will be added. + issuer: + type: string + description: Also known as EntityID + assertion_valid_not_before: + type: string + description: 'Assertion valid not before current time + this value (Format: + hours=-1;minutes=-2;seconds=-3).' + assertion_valid_not_on_or_after: + type: string + description: 'Assertion not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + session_valid_not_on_or_after: + type: string + description: 'Session not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + name_id_mapping: + type: string + format: uuid + nullable: true + title: NameID Property Mapping + description: Configure how the NameID value will be created. When left empty, + the NameIDPolicy of the incoming request will be considered + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Signing Keypair + description: Keypair used to sign outgoing Responses going to the Service + Provider. + verification_kp: + type: string + format: uuid + nullable: true + title: Verification Certificate + description: When selected, incoming assertion's Signatures will be validated + against this certificate. To allow unsigned Requests, leave on default. + sp_binding: + allOf: + - $ref: '#/components/schemas/SpBindingEnum' + title: Service Provider Binding + description: This determines how authentik sends the response back to the + Service Provider. + required: + - acs_url + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + SAMLProviderImportRequest: + type: object + description: Import saml provider from XML Metadata + properties: + name: + type: string + authorization_flow: + type: string + file: + type: string + format: binary + required: + - authorization_flow + - file + - name + SAMLProviderRequest: + type: object + description: SAMLProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + acs_url: + type: string + format: uri + maxLength: 200 + audience: + type: string + description: Value of the audience restriction field of the asseration. + When left empty, no audience restriction will be added. + issuer: + type: string + description: Also known as EntityID + assertion_valid_not_before: + type: string + description: 'Assertion valid not before current time + this value (Format: + hours=-1;minutes=-2;seconds=-3).' + assertion_valid_not_on_or_after: + type: string + description: 'Assertion not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + session_valid_not_on_or_after: + type: string + description: 'Session not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + name_id_mapping: + type: string + format: uuid + nullable: true + title: NameID Property Mapping + description: Configure how the NameID value will be created. When left empty, + the NameIDPolicy of the incoming request will be considered + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Signing Keypair + description: Keypair used to sign outgoing Responses going to the Service + Provider. + verification_kp: + type: string + format: uuid + nullable: true + title: Verification Certificate + description: When selected, incoming assertion's Signatures will be validated + against this certificate. To allow unsigned Requests, leave on default. + sp_binding: + allOf: + - $ref: '#/components/schemas/SpBindingEnum' + title: Service Provider Binding + description: This determines how authentik sends the response back to the + Service Provider. + required: + - acs_url + - authorization_flow + - name + SAMLSource: + type: object + description: SAMLSource Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + pre_authentication_flow: + type: string + format: uuid + description: Flow used before authentication. + issuer: + type: string + description: Also known as Entity ID. Defaults the Metadata URL. + sso_url: + type: string + format: uri + description: URL that the initial Login request is sent to. + maxLength: 200 + slo_url: + type: string + format: uri + nullable: true + description: Optional URL if your IDP supports Single-Logout. + maxLength: 200 + allow_idp_initiated: + type: boolean + description: Allows authentication flows initiated by the IdP. This can + be a security risk, as no validation of the request ID is done. + name_id_policy: + allOf: + - $ref: '#/components/schemas/NameIdPolicyEnum' + description: NameID Policy sent to the IdP. Can be unset, in which case + no Policy is sent. + binding_type: + $ref: '#/components/schemas/BindingTypeEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Singing Keypair + description: Keypair which is used to sign outgoing requests. Leave empty + to disable signing. + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + temporary_user_delete_after: + type: string + title: Delete temporary users after + description: 'Time offset when temporary users should be deleted. This only + applies if your IDP uses the NameID Format ''transient'', and the user + doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' + required: + - component + - name + - pk + - pre_authentication_flow + - slug + - sso_url + - verbose_name + - verbose_name_plural + SAMLSourceRequest: + type: object + description: SAMLSource Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + pre_authentication_flow: + type: string + format: uuid + description: Flow used before authentication. + issuer: + type: string + description: Also known as Entity ID. Defaults the Metadata URL. + sso_url: + type: string + format: uri + description: URL that the initial Login request is sent to. + maxLength: 200 + slo_url: + type: string + format: uri + nullable: true + description: Optional URL if your IDP supports Single-Logout. + maxLength: 200 + allow_idp_initiated: + type: boolean + description: Allows authentication flows initiated by the IdP. This can + be a security risk, as no validation of the request ID is done. + name_id_policy: + allOf: + - $ref: '#/components/schemas/NameIdPolicyEnum' + description: NameID Policy sent to the IdP. Can be unset, in which case + no Policy is sent. + binding_type: + $ref: '#/components/schemas/BindingTypeEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Singing Keypair + description: Keypair which is used to sign outgoing requests. Leave empty + to disable signing. + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + temporary_user_delete_after: + type: string + title: Delete temporary users after + description: 'Time offset when temporary users should be deleted. This only + applies if your IDP uses the NameID Format ''transient'', and the user + doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' + required: + - name + - pre_authentication_flow + - slug + - sso_url + ScopeMapping: + type: object + description: ScopeMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + scope_name: + type: string + description: Scope used by the client + description: + type: string + description: Description shown to the user when consenting. If left empty, + the user won't be informed. + required: + - component + - expression + - name + - pk + - scope_name + - verbose_name + - verbose_name_plural + ScopeMappingRequest: + type: object + description: ScopeMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + scope_name: + type: string + description: Scope used by the client + description: + type: string + description: Description shown to the user when consenting. If left empty, + the user won't be informed. + required: + - expression + - name + - scope_name + ServiceConnection: + type: object + description: ServiceConnection Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + ServiceConnectionState: + type: object + description: Serializer for Service connection state + properties: + healthy: + type: boolean + readOnly: true + version: + type: string + readOnly: true + required: + - healthy + - version + SessionUser: + type: object + description: |- + Response for the /user/me endpoint, returns the currently active user (as `user` property) + and, if this user is being impersonated, the original user in the `original` property. + properties: + user: + $ref: '#/components/schemas/User' + original: + $ref: '#/components/schemas/User' + required: + - user + SeverityEnum: + enum: + - notice + - warning + - alert + type: string + SignatureAlgorithmEnum: + enum: + - http://www.w3.org/2000/09/xmldsig#rsa-sha1 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 + - http://www.w3.org/2000/09/xmldsig#dsa-sha1 + type: string + Source: + type: object + description: Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineMode' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + required: + - component + - name + - pk + - slug + - verbose_name + - verbose_name_plural + SourceType: + type: object + description: Serializer for SourceType + properties: + name: + type: string + slug: + type: string + urls_customizable: + type: boolean + request_token_url: + type: string + readOnly: true + nullable: true + authorization_url: + type: string + readOnly: true + nullable: true + access_token_url: + type: string + readOnly: true + nullable: true + profile_url: + type: string + readOnly: true + nullable: true + required: + - access_token_url + - authorization_url + - name + - profile_url + - request_token_url + - slug + - urls_customizable + SpBindingEnum: + enum: + - redirect + - post + type: string + Stage: + type: object + description: Stage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + StageRequest: + type: object + description: Stage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + StageUserSetting: + type: object + description: User settings but can include a configure flow + properties: + object_uid: + type: string + component: + type: string + title: + type: string + configure_flow: + type: boolean + required: + - component + - object_uid + - title + StaticDevice: + type: object + description: Serializer for static authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + token_set: + type: array + items: + $ref: '#/components/schemas/StaticDeviceToken' + readOnly: true + pk: + type: integer + readOnly: true + title: ID + required: + - name + - pk + - token_set + StaticDeviceRequest: + type: object + description: Serializer for static authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + required: + - name + StaticDeviceToken: + type: object + description: Serializer for static device's tokens + properties: + token: + type: string + maxLength: 16 + required: + - token + StaticDeviceTokenRequest: + type: object + description: Serializer for static device's tokens + properties: + token: + type: string + maxLength: 16 + required: + - token + StatusEnum: + enum: + - SUCCESSFUL + - WARNING + - ERROR + type: string + SubModeEnum: + enum: + - hashed_user_id + - user_username + - user_email + - user_upn + type: string + TOTPDevice: + type: object + description: Serializer for totp authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + pk: + type: integer + readOnly: true + title: ID + required: + - name + - pk + TOTPDeviceRequest: + type: object + description: Serializer for totp authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + required: + - name + Task: + type: object + description: Serialize TaskInfo and TaskResult + properties: + task_name: + type: string + task_description: + type: string + task_finish_timestamp: + type: string + format: date-time + status: + $ref: '#/components/schemas/StatusEnum' + messages: + type: array + items: {} + required: + - messages + - status + - task_description + - task_finish_timestamp + - task_name + Token: + type: object + description: Token Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Token uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + identifier: + type: string + maxLength: 255 + pattern: ^[-a-zA-Z0-9_]+$ + intent: + $ref: '#/components/schemas/IntentEnum' + user: + $ref: '#/components/schemas/User' + description: + type: string + expires: + type: string + format: date-time + expiring: + type: boolean + required: + - identifier + - pk + TokenRequest: + type: object + description: Token Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + identifier: + type: string + maxLength: 255 + pattern: ^[-a-zA-Z0-9_]+$ + intent: + $ref: '#/components/schemas/IntentEnum' + user: + $ref: '#/components/schemas/UserRequest' + description: + type: string + expires: + type: string + format: date-time + expiring: + type: boolean + required: + - identifier + TokenView: + type: object + description: Show token's current key + properties: + key: + type: string + readOnly: true + required: + - key + TypeCreate: + type: object + description: Types of an object that can be created + properties: + name: + type: string + description: + type: string + component: + type: string + model_name: + type: string + required: + - component + - description + - model_name + - name + User: + type: object + description: User Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + username: + type: string + description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ + only. + pattern: ^[\w.@+-]+$ + maxLength: 150 + name: + type: string + description: User's display name. + is_active: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + last_login: + type: string + format: date-time + nullable: true + is_superuser: + type: boolean + readOnly: true + groups: + type: array + items: + $ref: '#/components/schemas/Group' + readOnly: true + email: + type: string + format: email + title: Email address + maxLength: 254 + avatar: + type: string + readOnly: true + attributes: + type: object + additionalProperties: {} + uid: + type: string + readOnly: true + required: + - avatar + - groups + - is_superuser + - name + - pk + - uid + - username + UserConsent: + type: object + description: UserConsent Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + expires: + type: string + format: date-time + user: + $ref: '#/components/schemas/User' + application: + $ref: '#/components/schemas/Application' + required: + - application + - pk + - user + UserDeleteStage: + type: object + description: UserDeleteStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserDeleteStageRequest: + type: object + description: UserDeleteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + UserFieldsEnum: + enum: + - email + - username + type: string + UserLoginStage: + type: object + description: UserLoginStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + session_duration: + type: string + description: 'Determines how long a session lasts. Default of 0 means that + the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserLoginStageRequest: + type: object + description: UserLoginStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + session_duration: + type: string + description: 'Determines how long a session lasts. Default of 0 means that + the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' + required: + - name + UserLogoutStage: + type: object + description: UserLogoutStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserLogoutStageRequest: + type: object + description: UserLogoutStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + UserMatchingModeEnum: + enum: + - identifier + - email_link + - email_deny + - username_link + - username_deny + type: string + UserMetrics: + type: object + description: User Metrics + properties: + logins_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + logins_failed_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + authorizations_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + required: + - authorizations_per_1h + - logins_failed_per_1h + - logins_per_1h + UserOAuthSourceConnection: + type: object + description: OAuth Source Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + user: + type: integer + source: + type: string + format: uuid + identifier: + type: string + maxLength: 255 + required: + - identifier + - pk + - source + - user + UserOAuthSourceConnectionRequest: + type: object + description: OAuth Source Serializer + properties: + user: + type: integer + source: + type: string + format: uuid + identifier: + type: string + maxLength: 255 + required: + - identifier + - source + - user + UserReputation: + type: object + description: UserReputation Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + user: + type: integer + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + updated: + type: string + format: date-time + readOnly: true + required: + - pk + - updated + - user + UserReputationRequest: + type: object + description: UserReputation Serializer + properties: + user: + type: integer + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - user + UserRequest: + type: object + description: User Serializer + properties: + username: + type: string + description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ + only. + pattern: ^[\w.@+-]+$ + maxLength: 150 + name: + type: string + description: User's display name. + is_active: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + last_login: + type: string + format: date-time + nullable: true + email: + type: string + format: email + title: Email address + maxLength: 254 + attributes: + type: object + additionalProperties: {} + required: + - name + - username + UserSetting: + type: object + description: Serializer for User settings for stages and sources + properties: + object_uid: + type: string + component: + type: string + title: + type: string + required: + - component + - object_uid + - title + UserWriteStage: + type: object + description: UserWriteStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserWriteStageRequest: + type: object + description: UserWriteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + ValidationError: + type: object + description: Validation Error + properties: + non_field_errors: + type: array + items: + type: string + code: + type: string + additionalProperties: {} + required: + - detail + Version: + type: object + description: Get running and latest version. + properties: + version_current: + type: string + readOnly: true + version_latest: + type: string + readOnly: true + build_hash: + type: string + readOnly: true + outdated: + type: boolean + readOnly: true + required: + - build_hash + - outdated + - version_current + - version_latest + WebAuthnDevice: + type: object + description: Serializer for WebAuthn authenticator devices + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + maxLength: 200 + created_on: + type: string + format: date-time + readOnly: true + required: + - created_on + - name + - pk + WebAuthnDeviceRequest: + type: object + description: Serializer for WebAuthn authenticator devices + properties: + name: + type: string + maxLength: 200 + required: + - name + Workers: + type: object + properties: + count: + type: integer + required: + - count + securitySchemes: + authentik: + type: apiKey + in: header + name: Authorization + cookieAuth: + type: apiKey + in: cookie + name: Session diff --git a/swagger.yaml b/swagger.yaml deleted file mode 100755 index b15aa7b985..0000000000 --- a/swagger.yaml +++ /dev/null @@ -1,19149 +0,0 @@ -swagger: '2.0' -info: - title: authentik API - contact: - email: hello@beryju.org - license: - name: GNU GPLv3 - url: https://github.com/goauthentik/authentik/blob/master/LICENSE - version: v2beta -basePath: /api/v2beta -consumes: - - application/json -produces: - - application/json -securityDefinitions: - Bearer: - type: apiKey - name: Authorization - in: header -security: - - Bearer: [] -paths: - /admin/apps/: - get: - operationId: admin_apps_list - description: List current messages and pass into Serializer - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/App' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - admin - parameters: [] - /admin/metrics/: - get: - operationId: admin_metrics_list - description: Login Metrics per 1h - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/LoginMetrics' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - admin - parameters: [] - /admin/system_tasks/: - get: - operationId: admin_system_tasks_list - description: List system tasks - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/Task' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - admin - parameters: [] - /admin/system_tasks/{id}/: - get: - operationId: admin_system_tasks_read - description: Get a single system task - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Task' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - admin - parameters: - - name: id - in: path - required: true - type: string - /admin/system_tasks/{id}/retry/: - post: - operationId: admin_system_tasks_retry - description: Retry task - parameters: [] - responses: - '204': - description: Task retried successfully - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - '500': - description: Failed to retry task - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - admin - parameters: - - name: id - in: path - required: true - type: string - /admin/version/: - get: - operationId: admin_version_list - description: Get running and latest version. - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Version' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - admin - parameters: [] - /admin/workers/: - get: - operationId: admin_workers_list - description: Get currently connected worker count. - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - type: object - properties: {} - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - admin - parameters: [] - /authenticators/admin/static/: - get: - operationId: authenticators_admin_static_list - description: Viewset for static authenticator devices (for admins) - parameters: - - name: name - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/StaticDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - authenticators - parameters: [] - /authenticators/admin/static/{id}/: - get: - operationId: authenticators_admin_static_read - description: Viewset for static authenticator devices (for admins) - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/StaticDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - parameters: - - name: id - in: path - description: A unique integer value identifying this static device. - required: true - type: integer - /authenticators/admin/totp/: - get: - operationId: authenticators_admin_totp_list - description: Viewset for totp authenticator devices (for admins) - parameters: - - name: name - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/TOTPDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - authenticators - parameters: [] - /authenticators/admin/totp/{id}/: - get: - operationId: authenticators_admin_totp_read - description: Viewset for totp authenticator devices (for admins) - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/TOTPDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - parameters: - - name: id - in: path - description: A unique integer value identifying this TOTP device. - required: true - type: integer - /authenticators/admin/webauthn/: - get: - operationId: authenticators_admin_webauthn_list - description: Viewset for WebAuthn authenticator devices (for admins) - parameters: - - name: name - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/WebAuthnDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - authenticators - parameters: [] - /authenticators/admin/webauthn/{id}/: - get: - operationId: authenticators_admin_webauthn_read - description: Viewset for WebAuthn authenticator devices (for admins) - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/WebAuthnDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - parameters: - - name: id - in: path - description: A unique integer value identifying this WebAuthn Device. - required: true - type: integer - /authenticators/static/: - get: - operationId: authenticators_static_list - description: Viewset for static authenticator devices - parameters: - - name: name - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/StaticDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - authenticators - post: - operationId: authenticators_static_create - description: Viewset for static authenticator devices - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/StaticDevice' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/StaticDevice' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - authenticators - parameters: [] - /authenticators/static/{id}/: - get: - operationId: authenticators_static_read - description: Viewset for static authenticator devices - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/StaticDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - put: - operationId: authenticators_static_update - description: Viewset for static authenticator devices - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/StaticDevice' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/StaticDevice' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - patch: - operationId: authenticators_static_partial_update - description: Viewset for static authenticator devices - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/StaticDevice' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/StaticDevice' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - delete: - operationId: authenticators_static_delete - description: Viewset for static authenticator devices - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - parameters: - - name: id - in: path - description: A unique integer value identifying this static device. - required: true - type: integer - /authenticators/totp/: - get: - operationId: authenticators_totp_list - description: Viewset for totp authenticator devices - parameters: - - name: name - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/TOTPDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - authenticators - post: - operationId: authenticators_totp_create - description: Viewset for totp authenticator devices - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/TOTPDevice' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/TOTPDevice' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - authenticators - parameters: [] - /authenticators/totp/{id}/: - get: - operationId: authenticators_totp_read - description: Viewset for totp authenticator devices - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/TOTPDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - put: - operationId: authenticators_totp_update - description: Viewset for totp authenticator devices - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/TOTPDevice' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/TOTPDevice' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - patch: - operationId: authenticators_totp_partial_update - description: Viewset for totp authenticator devices - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/TOTPDevice' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/TOTPDevice' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - delete: - operationId: authenticators_totp_delete - description: Viewset for totp authenticator devices - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - parameters: - - name: id - in: path - description: A unique integer value identifying this TOTP device. - required: true - type: integer - /authenticators/webauthn/: - get: - operationId: authenticators_webauthn_list - description: Viewset for WebAuthn authenticator devices - parameters: - - name: name - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/WebAuthnDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - authenticators - post: - operationId: authenticators_webauthn_create - description: Viewset for WebAuthn authenticator devices - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/WebAuthnDevice' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/WebAuthnDevice' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - authenticators - parameters: [] - /authenticators/webauthn/{id}/: - get: - operationId: authenticators_webauthn_read - description: Viewset for WebAuthn authenticator devices - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/WebAuthnDevice' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - put: - operationId: authenticators_webauthn_update - description: Viewset for WebAuthn authenticator devices - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/WebAuthnDevice' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/WebAuthnDevice' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - patch: - operationId: authenticators_webauthn_partial_update - description: Viewset for WebAuthn authenticator devices - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/WebAuthnDevice' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/WebAuthnDevice' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - delete: - operationId: authenticators_webauthn_delete - description: Viewset for WebAuthn authenticator devices - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - authenticators - parameters: - - name: id - in: path - description: A unique integer value identifying this WebAuthn Device. - required: true - type: integer - /core/applications/: - get: - operationId: core_applications_list - description: Custom list method that checks Policy based access instead of guardian - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - - name: superuser_full_list - in: query - type: boolean - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Application' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - post: - operationId: core_applications_create - description: Application Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Application' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/Application' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - parameters: [] - /core/applications/{slug}/: - get: - operationId: core_applications_read - description: Application Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Application' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - put: - operationId: core_applications_update - description: Application Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Application' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Application' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - patch: - operationId: core_applications_partial_update - description: Application Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Application' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Application' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - delete: - operationId: core_applications_delete - description: Application Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - parameters: - - name: slug - in: path - description: Internal application name, used in URLs. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /core/applications/{slug}/check_access/: - get: - operationId: core_applications_check_access - description: Check access to a single application by slug - parameters: [] - responses: - '204': - description: Access granted - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - parameters: - - name: slug - in: path - description: Internal application name, used in URLs. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /core/applications/{slug}/metrics/: - get: - operationId: core_applications_metrics - description: Metrics for application logins - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/Coordinate' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - parameters: - - name: slug - in: path - description: Internal application name, used in URLs. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /core/applications/{slug}/set_icon/: - post: - operationId: core_applications_set_icon - description: Set application icon - parameters: - - name: file - in: formData - required: true - type: file - responses: - '200': - description: Success - '400': - description: Bad request - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - consumes: - - multipart/form-data - tags: - - core - parameters: - - name: slug - in: path - description: Internal application name, used in URLs. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /core/groups/: - get: - operationId: core_groups_list - description: Group Viewset - parameters: - - name: name - in: query - description: '' - required: false - type: string - - name: is_superuser - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Group' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - post: - operationId: core_groups_create - description: Group Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Group' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/Group' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - parameters: [] - /core/groups/{group_uuid}/: - get: - operationId: core_groups_read - description: Group Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Group' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - put: - operationId: core_groups_update - description: Group Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Group' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Group' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - patch: - operationId: core_groups_partial_update - description: Group Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Group' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Group' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - delete: - operationId: core_groups_delete - description: Group Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - parameters: - - name: group_uuid - in: path - description: A UUID string identifying this group. - required: true - type: string - format: uuid - /core/tokens/: - get: - operationId: core_tokens_list - description: Token Viewset - parameters: - - name: identifier - in: query - description: '' - required: false - type: string - - name: intent - in: query - description: '' - required: false - type: string - - name: user__username - in: query - description: '' - required: false - type: string - - name: description - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Token' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - post: - operationId: core_tokens_create - description: Token Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Token' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/Token' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - parameters: [] - /core/tokens/{identifier}/: - get: - operationId: core_tokens_read - description: Token Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Token' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - put: - operationId: core_tokens_update - description: Token Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Token' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Token' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - patch: - operationId: core_tokens_partial_update - description: Token Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Token' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Token' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - delete: - operationId: core_tokens_delete - description: Token Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - parameters: - - name: identifier - in: path - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /core/tokens/{identifier}/view_key/: - get: - operationId: core_tokens_view_key - description: Return token key and log access - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/TokenView' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - parameters: - - name: identifier - in: path - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /core/user_consent/: - get: - operationId: core_user_consent_list - description: UserConsent Viewset - parameters: - - name: user - in: query - description: '' - required: false - type: string - - name: application - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/UserConsent' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - parameters: [] - /core/user_consent/{id}/: - get: - operationId: core_user_consent_read - description: UserConsent Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserConsent' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - delete: - operationId: core_user_consent_delete - description: UserConsent Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - parameters: - - name: id - in: path - description: A unique integer value identifying this User Consent. - required: true - type: integer - /core/users/: - get: - operationId: core_users_list - description: User Viewset - parameters: - - name: username - in: query - description: '' - required: false - type: string - - name: name - in: query - description: '' - required: false - type: string - - name: is_active - in: query - description: '' - required: false - type: string - - name: is_superuser - in: query - description: '' - required: false - type: string - - name: attributes - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/User' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - post: - operationId: core_users_create - description: User Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/User' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/User' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - parameters: [] - /core/users/me/: - get: - operationId: core_users_me - description: Get information about current user - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SessionUser' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - parameters: [] - /core/users/{id}/: - get: - operationId: core_users_read - description: User Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/User' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - put: - operationId: core_users_update - description: User Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/User' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/User' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - patch: - operationId: core_users_partial_update - description: User Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/User' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/User' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - delete: - operationId: core_users_delete - description: User Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - parameters: - - name: id - in: path - description: A unique integer value identifying this User. - required: true - type: integer - /core/users/{id}/metrics/: - get: - operationId: core_users_metrics - description: User metrics per 1h - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserMetrics' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - core - parameters: - - name: id - in: path - description: A unique integer value identifying this User. - required: true - type: integer - /core/users/{id}/recovery/: - get: - operationId: core_users_recovery - description: Create a temporary link that a user can use to recover their accounts - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Link' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - core - parameters: - - name: id - in: path - description: A unique integer value identifying this User. - required: true - type: integer - /crypto/certificatekeypairs/: - get: - operationId: crypto_certificatekeypairs_list - description: CertificateKeyPair Viewset - parameters: - - name: name - in: query - description: '' - required: false - type: string - - name: has_key - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/CertificateKeyPair' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - crypto - post: - operationId: crypto_certificatekeypairs_create - description: CertificateKeyPair Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/CertificateKeyPair' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/CertificateKeyPair' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - crypto - parameters: [] - /crypto/certificatekeypairs/generate/: - post: - operationId: crypto_certificatekeypairs_generate - description: Generate a new, self-signed certificate-key pair - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/CertificateGeneration' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/CertificateKeyPair' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - crypto - parameters: [] - /crypto/certificatekeypairs/{kp_uuid}/: - get: - operationId: crypto_certificatekeypairs_read - description: CertificateKeyPair Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/CertificateKeyPair' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - crypto - put: - operationId: crypto_certificatekeypairs_update - description: CertificateKeyPair Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/CertificateKeyPair' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/CertificateKeyPair' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - crypto - patch: - operationId: crypto_certificatekeypairs_partial_update - description: CertificateKeyPair Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/CertificateKeyPair' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/CertificateKeyPair' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - crypto - delete: - operationId: crypto_certificatekeypairs_delete - description: CertificateKeyPair Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - crypto - parameters: - - name: kp_uuid - in: path - description: A UUID string identifying this Certificate-Key Pair. - required: true - type: string - format: uuid - /crypto/certificatekeypairs/{kp_uuid}/view_certificate/: - get: - operationId: crypto_certificatekeypairs_view_certificate - description: Return certificate-key pairs certificate and log access - parameters: - - name: download - in: query - type: boolean - responses: - '200': - description: '' - schema: - $ref: '#/definitions/CertificateData' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - crypto - parameters: - - name: kp_uuid - in: path - description: A UUID string identifying this Certificate-Key Pair. - required: true - type: string - format: uuid - /crypto/certificatekeypairs/{kp_uuid}/view_private_key/: - get: - operationId: crypto_certificatekeypairs_view_private_key - description: Return certificate-key pairs private key and log access - parameters: - - name: download - in: query - type: boolean - responses: - '200': - description: '' - schema: - $ref: '#/definitions/CertificateData' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - crypto - parameters: - - name: kp_uuid - in: path - description: A UUID string identifying this Certificate-Key Pair. - required: true - type: string - format: uuid - /events/events/: - get: - operationId: events_events_list - description: Event Read-Only Viewset - parameters: - - name: action - in: query - description: '' - required: false - type: string - - name: client_ip - in: query - description: '' - required: false - type: string - - name: username - in: query - description: '' - required: false - type: string - - name: context_model_pk - in: query - description: '' - required: false - type: string - - name: context_model_name - in: query - description: '' - required: false - type: string - - name: context_model_app - in: query - description: '' - required: false - type: string - - name: context_authorized_app - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Event' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - events - parameters: [] - /events/events/actions/: - get: - operationId: events_events_actions - description: Get all actions - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/TypeCreate' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - events - parameters: [] - /events/events/top_per_user/: - get: - operationId: events_events_top_per_user - description: Get the top_n events grouped by user count - parameters: - - name: action - in: query - description: '' - required: false - type: string - - name: client_ip - in: query - description: '' - required: false - type: string - - name: username - in: query - description: '' - required: false - type: string - - name: context_model_pk - in: query - description: '' - required: false - type: string - - name: context_model_name - in: query - description: '' - required: false - type: string - - name: context_model_app - in: query - description: '' - required: false - type: string - - name: context_authorized_app - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - - name: top_n - in: query - required: false - type: integer - default: 15 - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/EventTopPerUser' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - events - parameters: [] - /events/events/{event_uuid}/: - get: - operationId: events_events_read - description: Event Read-Only Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Event' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - parameters: - - name: event_uuid - in: path - description: A UUID string identifying this Event. - required: true - type: string - format: uuid - /events/notifications/: - get: - operationId: events_notifications_list - description: Notification Viewset - parameters: - - name: severity - in: query - description: '' - required: false - type: string - - name: body - in: query - description: '' - required: false - type: string - - name: created - in: query - description: '' - required: false - type: string - - name: event - in: query - description: '' - required: false - type: string - - name: seen - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Notification' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - events - parameters: [] - /events/notifications/{uuid}/: - get: - operationId: events_notifications_read - description: Notification Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Notification' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - put: - operationId: events_notifications_update - description: Notification Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Notification' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Notification' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - patch: - operationId: events_notifications_partial_update - description: Notification Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Notification' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Notification' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - delete: - operationId: events_notifications_delete - description: Notification Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - parameters: - - name: uuid - in: path - description: A UUID string identifying this Notification. - required: true - type: string - format: uuid - /events/rules/: - get: - operationId: events_rules_list - description: NotificationRule Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/NotificationRule' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - events - post: - operationId: events_rules_create - description: NotificationRule Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/NotificationRule' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/NotificationRule' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - events - parameters: [] - /events/rules/{pbm_uuid}/: - get: - operationId: events_rules_read - description: NotificationRule Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/NotificationRule' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - put: - operationId: events_rules_update - description: NotificationRule Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/NotificationRule' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/NotificationRule' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - patch: - operationId: events_rules_partial_update - description: NotificationRule Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/NotificationRule' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/NotificationRule' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - delete: - operationId: events_rules_delete - description: NotificationRule Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - parameters: - - name: pbm_uuid - in: path - description: A UUID string identifying this Notification Rule. - required: true - type: string - format: uuid - /events/transports/: - get: - operationId: events_transports_list - description: NotificationTransport Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/NotificationTransport' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - events - post: - operationId: events_transports_create - description: NotificationTransport Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/NotificationTransport' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/NotificationTransport' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - events - parameters: [] - /events/transports/{uuid}/: - get: - operationId: events_transports_read - description: NotificationTransport Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/NotificationTransport' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - put: - operationId: events_transports_update - description: NotificationTransport Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/NotificationTransport' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/NotificationTransport' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - patch: - operationId: events_transports_partial_update - description: NotificationTransport Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/NotificationTransport' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/NotificationTransport' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - delete: - operationId: events_transports_delete - description: NotificationTransport Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - parameters: - - name: uuid - in: path - description: A UUID string identifying this Notification Transport. - required: true - type: string - format: uuid - /events/transports/{uuid}/test/: - post: - operationId: events_transports_test - description: |- - Send example notification using selected transport. Requires - Modify permissions. - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/NotificationTransportTest' - '503': - description: Failed to test transport - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - events - parameters: - - name: uuid - in: path - description: A UUID string identifying this Notification Transport. - required: true - type: string - format: uuid - /flows/bindings/: - get: - operationId: flows_bindings_list - description: FlowStageBinding Viewset - parameters: - - name: pbm_uuid - in: query - description: '' - required: false - type: string - - name: policies - in: query - description: '' - required: false - type: string - - name: policy_engine_mode - in: query - description: '' - required: false - type: string - - name: fsb_uuid - in: query - description: '' - required: false - type: string - - name: target - in: query - description: '' - required: false - type: string - - name: stage - in: query - description: '' - required: false - type: string - - name: evaluate_on_plan - in: query - description: '' - required: false - type: string - - name: re_evaluate_policies - in: query - description: '' - required: false - type: string - - name: order - in: query - description: '' - required: false - type: number - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/FlowStageBinding' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - flows - post: - operationId: flows_bindings_create - description: FlowStageBinding Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/FlowStageBinding' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/FlowStageBinding' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - flows - parameters: [] - /flows/bindings/{fsb_uuid}/: - get: - operationId: flows_bindings_read - description: FlowStageBinding Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/FlowStageBinding' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - put: - operationId: flows_bindings_update - description: FlowStageBinding Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/FlowStageBinding' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/FlowStageBinding' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - patch: - operationId: flows_bindings_partial_update - description: FlowStageBinding Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/FlowStageBinding' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/FlowStageBinding' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - delete: - operationId: flows_bindings_delete - description: FlowStageBinding Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - parameters: - - name: fsb_uuid - in: path - description: A UUID string identifying this Flow Stage Binding. - required: true - type: string - format: uuid - /flows/executor/{flow_slug}/: - get: - operationId: flows_executor_get - description: Get the next pending challenge from the currently active flow. - parameters: - - name: query - in: query - description: Querystring as received - required: true - type: string - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Challenge' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - flows - post: - operationId: flows_executor_solve - description: Solve the previously retrieved challenge and advanced to the next - stage. - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ChallengeResponse' - - name: query - in: query - description: Querystring as received - required: true - type: string - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Challenge' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - parameters: - - name: flow_slug - in: path - required: true - type: string - /flows/instances/: - get: - operationId: flows_instances_list - description: Flow Viewset - parameters: - - name: flow_uuid - in: query - description: '' - required: false - type: string - - name: name - in: query - description: '' - required: false - type: string - - name: slug - in: query - description: '' - required: false - type: string - - name: designation - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Flow' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - flows - post: - operationId: flows_instances_create - description: Flow Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Flow' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/Flow' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - flows - parameters: [] - /flows/instances/cache_clear/: - post: - operationId: flows_instances_cache_clear - description: Clear flow cache - parameters: [] - responses: - '204': - description: Successfully cleared cache - '400': - description: Bad request - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - flows - parameters: [] - /flows/instances/cache_info/: - get: - operationId: flows_instances_cache_info - description: Info about cached flows - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Cache' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - flows - parameters: [] - /flows/instances/import_flow/: - post: - operationId: flows_instances_import_flow - description: Import flow from .akflow file - parameters: - - name: file - in: formData - required: true - type: file - responses: - '204': - description: Successfully imported flow - '400': - description: Bad request - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - consumes: - - multipart/form-data - tags: - - flows - parameters: [] - /flows/instances/{slug}/: - get: - operationId: flows_instances_read - description: Flow Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Flow' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - put: - operationId: flows_instances_update - description: Flow Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Flow' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Flow' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - patch: - operationId: flows_instances_partial_update - description: Flow Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Flow' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Flow' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - delete: - operationId: flows_instances_delete - description: Flow Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - parameters: - - name: slug - in: path - description: Visible in the URL. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /flows/instances/{slug}/diagram/: - get: - operationId: flows_instances_diagram - description: Return diagram for flow with slug `slug`, in the format used by - flowchart.js - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/FlowDiagram' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - parameters: - - name: slug - in: path - description: Visible in the URL. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /flows/instances/{slug}/execute/: - get: - operationId: flows_instances_execute - description: Execute flow for current user - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Link' - '400': - description: Flow not applicable - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - parameters: - - name: slug - in: path - description: Visible in the URL. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /flows/instances/{slug}/export/: - get: - operationId: flows_instances_export - description: Export flow to .akflow file - parameters: [] - responses: - '200': - description: File Attachment - schema: - type: file - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - flows - parameters: - - name: slug - in: path - description: Visible in the URL. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /flows/instances/{slug}/set_background/: - post: - operationId: flows_instances_set_background - description: Set Flow background - parameters: - - name: file - in: formData - required: true - type: file - responses: - '200': - description: Success - '400': - description: Bad request - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - consumes: - - multipart/form-data - tags: - - flows - parameters: - - name: slug - in: path - description: Visible in the URL. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /oauth2/authorization_codes/: - get: - operationId: oauth2_authorization_codes_list - description: AuthorizationCode Viewset - parameters: - - name: user - in: query - description: '' - required: false - type: string - - name: provider - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/ExpiringBaseGrantModel' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - oauth2 - parameters: [] - /oauth2/authorization_codes/{id}/: - get: - operationId: oauth2_authorization_codes_read - description: AuthorizationCode Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ExpiringBaseGrantModel' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - oauth2 - delete: - operationId: oauth2_authorization_codes_delete - description: AuthorizationCode Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - oauth2 - parameters: - - name: id - in: path - description: A unique integer value identifying this Authorization Code. - required: true - type: integer - /oauth2/refresh_tokens/: - get: - operationId: oauth2_refresh_tokens_list - description: RefreshToken Viewset - parameters: - - name: user - in: query - description: '' - required: false - type: string - - name: provider - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/ExpiringBaseGrantModel' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - oauth2 - parameters: [] - /oauth2/refresh_tokens/{id}/: - get: - operationId: oauth2_refresh_tokens_read - description: RefreshToken Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ExpiringBaseGrantModel' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - oauth2 - delete: - operationId: oauth2_refresh_tokens_delete - description: RefreshToken Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - oauth2 - parameters: - - name: id - in: path - description: A unique integer value identifying this OAuth2 Token. - required: true - type: integer - /outposts/instances/: - get: - operationId: outposts_instances_list - description: Outpost Viewset - parameters: - - name: providers__isnull - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Outpost' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - post: - operationId: outposts_instances_create - description: Outpost Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Outpost' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/Outpost' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - parameters: [] - /outposts/instances/default_settings/: - get: - operationId: outposts_instances_default_settings - description: Global default outpost config - parameters: - - name: providers__isnull - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - $ref: '#/definitions/OutpostDefaultConfig' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - parameters: [] - /outposts/instances/{uuid}/: - get: - operationId: outposts_instances_read - description: Outpost Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Outpost' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - put: - operationId: outposts_instances_update - description: Outpost Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Outpost' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Outpost' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - patch: - operationId: outposts_instances_partial_update - description: Outpost Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Outpost' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Outpost' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - delete: - operationId: outposts_instances_delete - description: Outpost Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - parameters: - - name: uuid - in: path - description: A UUID string identifying this outpost. - required: true - type: string - format: uuid - /outposts/instances/{uuid}/health/: - get: - operationId: outposts_instances_health - description: Get outposts current health - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/OutpostHealth' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - parameters: - - name: uuid - in: path - description: A UUID string identifying this outpost. - required: true - type: string - format: uuid - /outposts/ldap/: - get: - operationId: outposts_ldap_list - description: LDAPProvider Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/LDAPOutpostConfig' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - parameters: [] - /outposts/ldap/{id}/: - get: - operationId: outposts_ldap_read - description: LDAPProvider Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/LDAPOutpostConfig' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - parameters: - - name: id - in: path - description: A unique integer value identifying this LDAP Provider. - required: true - type: integer - /outposts/outposts/: - get: - operationId: outposts_outposts_list - description: Outpost Viewset - parameters: - - name: providers__isnull - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Outpost' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - post: - operationId: outposts_outposts_create - description: Outpost Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Outpost' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/Outpost' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - parameters: [] - /outposts/outposts/default_settings/: - get: - operationId: outposts_outposts_default_settings - description: Global default outpost config - parameters: - - name: providers__isnull - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - $ref: '#/definitions/OutpostDefaultConfig' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - parameters: [] - /outposts/outposts/{uuid}/: - get: - operationId: outposts_outposts_read - description: Outpost Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Outpost' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - put: - operationId: outposts_outposts_update - description: Outpost Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Outpost' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Outpost' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - patch: - operationId: outposts_outposts_partial_update - description: Outpost Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Outpost' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Outpost' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - delete: - operationId: outposts_outposts_delete - description: Outpost Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - parameters: - - name: uuid - in: path - description: A UUID string identifying this outpost. - required: true - type: string - format: uuid - /outposts/outposts/{uuid}/health/: - get: - operationId: outposts_outposts_health - description: Get outposts current health - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/OutpostHealth' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - parameters: - - name: uuid - in: path - description: A UUID string identifying this outpost. - required: true - type: string - format: uuid - /outposts/proxy/: - get: - operationId: outposts_proxy_list - description: ProxyProvider Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/ProxyOutpostConfig' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - parameters: [] - /outposts/proxy/{id}/: - get: - operationId: outposts_proxy_read - description: ProxyProvider Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ProxyOutpostConfig' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - parameters: - - name: id - in: path - description: A unique integer value identifying this Proxy Provider. - required: true - type: integer - /outposts/service_connections/all/: - get: - operationId: outposts_service_connections_all_list - description: ServiceConnection Viewset - parameters: - - name: name - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/ServiceConnection' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - parameters: [] - /outposts/service_connections/all/types/: - get: - operationId: outposts_service_connections_all_types - description: Get all creatable service connection types - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/TypeCreate' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - parameters: [] - /outposts/service_connections/all/{uuid}/: - get: - operationId: outposts_service_connections_all_read - description: ServiceConnection Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ServiceConnection' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - delete: - operationId: outposts_service_connections_all_delete - description: ServiceConnection Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - parameters: - - name: uuid - in: path - description: A UUID string identifying this Outpost Service-Connection. - required: true - type: string - format: uuid - /outposts/service_connections/all/{uuid}/state/: - get: - operationId: outposts_service_connections_all_state - description: Get the service connection's state - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ServiceConnectionState' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - parameters: - - name: uuid - in: path - description: A UUID string identifying this Outpost Service-Connection. - required: true - type: string - format: uuid - /outposts/service_connections/docker/: - get: - operationId: outposts_service_connections_docker_list - description: DockerServiceConnection Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/DockerServiceConnection' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - post: - operationId: outposts_service_connections_docker_create - description: DockerServiceConnection Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DockerServiceConnection' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/DockerServiceConnection' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - parameters: [] - /outposts/service_connections/docker/{uuid}/: - get: - operationId: outposts_service_connections_docker_read - description: DockerServiceConnection Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DockerServiceConnection' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - put: - operationId: outposts_service_connections_docker_update - description: DockerServiceConnection Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DockerServiceConnection' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DockerServiceConnection' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - patch: - operationId: outposts_service_connections_docker_partial_update - description: DockerServiceConnection Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DockerServiceConnection' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DockerServiceConnection' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - delete: - operationId: outposts_service_connections_docker_delete - description: DockerServiceConnection Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - parameters: - - name: uuid - in: path - description: A UUID string identifying this Docker Service-Connection. - required: true - type: string - format: uuid - /outposts/service_connections/kubernetes/: - get: - operationId: outposts_service_connections_kubernetes_list - description: KubernetesServiceConnection Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/KubernetesServiceConnection' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - post: - operationId: outposts_service_connections_kubernetes_create - description: KubernetesServiceConnection Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/KubernetesServiceConnection' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/KubernetesServiceConnection' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - outposts - parameters: [] - /outposts/service_connections/kubernetes/{uuid}/: - get: - operationId: outposts_service_connections_kubernetes_read - description: KubernetesServiceConnection Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/KubernetesServiceConnection' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - put: - operationId: outposts_service_connections_kubernetes_update - description: KubernetesServiceConnection Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/KubernetesServiceConnection' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/KubernetesServiceConnection' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - patch: - operationId: outposts_service_connections_kubernetes_partial_update - description: KubernetesServiceConnection Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/KubernetesServiceConnection' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/KubernetesServiceConnection' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - delete: - operationId: outposts_service_connections_kubernetes_delete - description: KubernetesServiceConnection Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - outposts - parameters: - - name: uuid - in: path - description: A UUID string identifying this Kubernetes Service-Connection. - required: true - type: string - format: uuid - /policies/all/: - get: - operationId: policies_all_list - description: Policy Viewset - parameters: - - name: bindings__isnull - in: query - description: '' - required: false - type: string - - name: promptstage__isnull - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Policy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/all/cache_clear/: - post: - operationId: policies_all_cache_clear - description: Clear policy cache - parameters: [] - responses: - '204': - description: Successfully cleared cache - '400': - description: Bad request - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/all/cache_info/: - get: - operationId: policies_all_cache_info - description: Info about cached policies - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Cache' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/all/types/: - get: - operationId: policies_all_types - description: Get all creatable policy types - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/TypeCreate' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/all/{policy_uuid}/: - get: - operationId: policies_all_read - description: Policy Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Policy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - delete: - operationId: policies_all_delete - description: Policy Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: policy_uuid - in: path - description: A UUID string identifying this Policy. - required: true - type: string - format: uuid - /policies/all/{policy_uuid}/test/: - post: - operationId: policies_all_test - description: Test policy - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PolicyTest' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PolicyTestResult' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: policy_uuid - in: path - description: A UUID string identifying this Policy. - required: true - type: string - format: uuid - /policies/bindings/: - get: - operationId: policies_bindings_list - description: PolicyBinding Viewset - parameters: - - name: policy - in: query - description: '' - required: false - type: string - - name: target - in: query - description: '' - required: false - type: string - - name: enabled - in: query - description: '' - required: false - type: string - - name: order - in: query - description: '' - required: false - type: number - - name: timeout - in: query - description: '' - required: false - type: number - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/PolicyBinding' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - post: - operationId: policies_bindings_create - description: PolicyBinding Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PolicyBinding' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/PolicyBinding' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/bindings/{policy_binding_uuid}/: - get: - operationId: policies_bindings_read - description: PolicyBinding Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PolicyBinding' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - put: - operationId: policies_bindings_update - description: PolicyBinding Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PolicyBinding' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PolicyBinding' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - patch: - operationId: policies_bindings_partial_update - description: PolicyBinding Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PolicyBinding' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PolicyBinding' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - delete: - operationId: policies_bindings_delete - description: PolicyBinding Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: policy_binding_uuid - in: path - description: A UUID string identifying this Policy Binding. - required: true - type: string - format: uuid - /policies/dummy/: - get: - operationId: policies_dummy_list - description: Dummy Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/DummyPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - post: - operationId: policies_dummy_create - description: Dummy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DummyPolicy' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/DummyPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/dummy/{policy_uuid}/: - get: - operationId: policies_dummy_read - description: Dummy Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DummyPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - put: - operationId: policies_dummy_update - description: Dummy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DummyPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DummyPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - patch: - operationId: policies_dummy_partial_update - description: Dummy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DummyPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DummyPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - delete: - operationId: policies_dummy_delete - description: Dummy Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: policy_uuid - in: path - description: A UUID string identifying this Dummy Policy. - required: true - type: string - format: uuid - /policies/event_matcher/: - get: - operationId: policies_event_matcher_list - description: Event Matcher Policy Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/EventMatcherPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - post: - operationId: policies_event_matcher_create - description: Event Matcher Policy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/EventMatcherPolicy' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/EventMatcherPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/event_matcher/{policy_uuid}/: - get: - operationId: policies_event_matcher_read - description: Event Matcher Policy Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/EventMatcherPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - put: - operationId: policies_event_matcher_update - description: Event Matcher Policy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/EventMatcherPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/EventMatcherPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - patch: - operationId: policies_event_matcher_partial_update - description: Event Matcher Policy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/EventMatcherPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/EventMatcherPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - delete: - operationId: policies_event_matcher_delete - description: Event Matcher Policy Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: policy_uuid - in: path - description: A UUID string identifying this Event Matcher Policy. - required: true - type: string - format: uuid - /policies/expression/: - get: - operationId: policies_expression_list - description: Source Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/ExpressionPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - post: - operationId: policies_expression_create - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ExpressionPolicy' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/ExpressionPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/expression/{policy_uuid}/: - get: - operationId: policies_expression_read - description: Source Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ExpressionPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - put: - operationId: policies_expression_update - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ExpressionPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ExpressionPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - patch: - operationId: policies_expression_partial_update - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ExpressionPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ExpressionPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - delete: - operationId: policies_expression_delete - description: Source Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: policy_uuid - in: path - description: A UUID string identifying this Expression Policy. - required: true - type: string - format: uuid - /policies/haveibeenpwned/: - get: - operationId: policies_haveibeenpwned_list - description: Source Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/HaveIBeenPwendPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - post: - operationId: policies_haveibeenpwned_create - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/HaveIBeenPwendPolicy' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/HaveIBeenPwendPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/haveibeenpwned/{policy_uuid}/: - get: - operationId: policies_haveibeenpwned_read - description: Source Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/HaveIBeenPwendPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - put: - operationId: policies_haveibeenpwned_update - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/HaveIBeenPwendPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/HaveIBeenPwendPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - patch: - operationId: policies_haveibeenpwned_partial_update - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/HaveIBeenPwendPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/HaveIBeenPwendPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - delete: - operationId: policies_haveibeenpwned_delete - description: Source Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: policy_uuid - in: path - description: A UUID string identifying this Have I Been Pwned Policy. - required: true - type: string - format: uuid - /policies/password/: - get: - operationId: policies_password_list - description: Password Policy Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/PasswordPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - post: - operationId: policies_password_create - description: Password Policy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PasswordPolicy' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/PasswordPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/password/{policy_uuid}/: - get: - operationId: policies_password_read - description: Password Policy Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PasswordPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - put: - operationId: policies_password_update - description: Password Policy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PasswordPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PasswordPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - patch: - operationId: policies_password_partial_update - description: Password Policy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PasswordPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PasswordPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - delete: - operationId: policies_password_delete - description: Password Policy Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: policy_uuid - in: path - description: A UUID string identifying this Password Policy. - required: true - type: string - format: uuid - /policies/password_expiry/: - get: - operationId: policies_password_expiry_list - description: Password Expiry Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/PasswordExpiryPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - post: - operationId: policies_password_expiry_create - description: Password Expiry Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PasswordExpiryPolicy' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/PasswordExpiryPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/password_expiry/{policy_uuid}/: - get: - operationId: policies_password_expiry_read - description: Password Expiry Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PasswordExpiryPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - put: - operationId: policies_password_expiry_update - description: Password Expiry Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PasswordExpiryPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PasswordExpiryPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - patch: - operationId: policies_password_expiry_partial_update - description: Password Expiry Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PasswordExpiryPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PasswordExpiryPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - delete: - operationId: policies_password_expiry_delete - description: Password Expiry Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: policy_uuid - in: path - description: A UUID string identifying this Password Expiry Policy. - required: true - type: string - format: uuid - /policies/reputation/: - get: - operationId: policies_reputation_list - description: Reputation Policy Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/ReputationPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - post: - operationId: policies_reputation_create - description: Reputation Policy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ReputationPolicy' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/ReputationPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/reputation/ips/: - get: - operationId: policies_reputation_ips_list - description: IPReputation Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/IPReputation' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - post: - operationId: policies_reputation_ips_create - description: IPReputation Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/IPReputation' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/IPReputation' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/reputation/ips/{id}/: - get: - operationId: policies_reputation_ips_read - description: IPReputation Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/IPReputation' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - put: - operationId: policies_reputation_ips_update - description: IPReputation Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/IPReputation' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/IPReputation' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - patch: - operationId: policies_reputation_ips_partial_update - description: IPReputation Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/IPReputation' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/IPReputation' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - delete: - operationId: policies_reputation_ips_delete - description: IPReputation Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: id - in: path - description: A unique integer value identifying this ip reputation. - required: true - type: integer - /policies/reputation/users/: - get: - operationId: policies_reputation_users_list - description: UserReputation Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/UserReputation' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - post: - operationId: policies_reputation_users_create - description: UserReputation Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserReputation' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/UserReputation' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - policies - parameters: [] - /policies/reputation/users/{id}/: - get: - operationId: policies_reputation_users_read - description: UserReputation Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserReputation' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - put: - operationId: policies_reputation_users_update - description: UserReputation Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserReputation' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserReputation' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - patch: - operationId: policies_reputation_users_partial_update - description: UserReputation Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserReputation' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserReputation' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - delete: - operationId: policies_reputation_users_delete - description: UserReputation Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: id - in: path - description: A unique integer value identifying this user reputation. - required: true - type: integer - /policies/reputation/{policy_uuid}/: - get: - operationId: policies_reputation_read - description: Reputation Policy Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ReputationPolicy' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - put: - operationId: policies_reputation_update - description: Reputation Policy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ReputationPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ReputationPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - patch: - operationId: policies_reputation_partial_update - description: Reputation Policy Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ReputationPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ReputationPolicy' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - delete: - operationId: policies_reputation_delete - description: Reputation Policy Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - policies - parameters: - - name: policy_uuid - in: path - description: A UUID string identifying this Reputation Policy. - required: true - type: string - format: uuid - /propertymappings/all/: - get: - operationId: propertymappings_all_list - description: PropertyMapping Viewset - parameters: - - name: managed__isnull - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/PropertyMapping' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - propertymappings - parameters: [] - /propertymappings/all/types/: - get: - operationId: propertymappings_all_types - description: Get all creatable property-mapping types - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/TypeCreate' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - propertymappings - parameters: [] - /propertymappings/all/{pm_uuid}/: - get: - operationId: propertymappings_all_read - description: PropertyMapping Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PropertyMapping' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - delete: - operationId: propertymappings_all_delete - description: PropertyMapping Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - parameters: - - name: pm_uuid - in: path - description: A UUID string identifying this Property Mapping. - required: true - type: string - format: uuid - /propertymappings/all/{pm_uuid}/test/: - post: - operationId: propertymappings_all_test - description: Test Property Mapping - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PolicyTest' - - name: format_result - in: query - type: boolean - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PropertyMappingTestResult' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - parameters: - - name: pm_uuid - in: path - description: A UUID string identifying this Property Mapping. - required: true - type: string - format: uuid - /propertymappings/ldap/: - get: - operationId: propertymappings_ldap_list - description: LDAP PropertyMapping Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/LDAPPropertyMapping' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - propertymappings - post: - operationId: propertymappings_ldap_create - description: LDAP PropertyMapping Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/LDAPPropertyMapping' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/LDAPPropertyMapping' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - propertymappings - parameters: [] - /propertymappings/ldap/{pm_uuid}/: - get: - operationId: propertymappings_ldap_read - description: LDAP PropertyMapping Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/LDAPPropertyMapping' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - put: - operationId: propertymappings_ldap_update - description: LDAP PropertyMapping Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/LDAPPropertyMapping' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/LDAPPropertyMapping' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - patch: - operationId: propertymappings_ldap_partial_update - description: LDAP PropertyMapping Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/LDAPPropertyMapping' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/LDAPPropertyMapping' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - delete: - operationId: propertymappings_ldap_delete - description: LDAP PropertyMapping Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - parameters: - - name: pm_uuid - in: path - description: A UUID string identifying this LDAP Property Mapping. - required: true - type: string - format: uuid - /propertymappings/saml/: - get: - operationId: propertymappings_saml_list - description: SAMLPropertyMapping Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/SAMLPropertyMapping' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - propertymappings - post: - operationId: propertymappings_saml_create - description: SAMLPropertyMapping Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/SAMLPropertyMapping' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/SAMLPropertyMapping' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - propertymappings - parameters: [] - /propertymappings/saml/{pm_uuid}/: - get: - operationId: propertymappings_saml_read - description: SAMLPropertyMapping Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SAMLPropertyMapping' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - put: - operationId: propertymappings_saml_update - description: SAMLPropertyMapping Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/SAMLPropertyMapping' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SAMLPropertyMapping' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - patch: - operationId: propertymappings_saml_partial_update - description: SAMLPropertyMapping Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/SAMLPropertyMapping' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SAMLPropertyMapping' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - delete: - operationId: propertymappings_saml_delete - description: SAMLPropertyMapping Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - parameters: - - name: pm_uuid - in: path - description: A UUID string identifying this SAML Property Mapping. - required: true - type: string - format: uuid - /propertymappings/scope/: - get: - operationId: propertymappings_scope_list - description: ScopeMapping Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/ScopeMapping' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - propertymappings - post: - operationId: propertymappings_scope_create - description: ScopeMapping Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ScopeMapping' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/ScopeMapping' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - propertymappings - parameters: [] - /propertymappings/scope/{pm_uuid}/: - get: - operationId: propertymappings_scope_read - description: ScopeMapping Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ScopeMapping' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - put: - operationId: propertymappings_scope_update - description: ScopeMapping Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ScopeMapping' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ScopeMapping' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - patch: - operationId: propertymappings_scope_partial_update - description: ScopeMapping Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ScopeMapping' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ScopeMapping' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - delete: - operationId: propertymappings_scope_delete - description: ScopeMapping Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - propertymappings - parameters: - - name: pm_uuid - in: path - description: A UUID string identifying this Scope Mapping. - required: true - type: string - format: uuid - /providers/all/: - get: - operationId: providers_all_list - description: Provider Viewset - parameters: - - name: application__isnull - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Provider' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - parameters: [] - /providers/all/types/: - get: - operationId: providers_all_types - description: Get all creatable provider types - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/TypeCreate' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - parameters: [] - /providers/all/{id}/: - get: - operationId: providers_all_read - description: Provider Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Provider' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - delete: - operationId: providers_all_delete - description: Provider Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - parameters: - - name: id - in: path - description: A unique integer value identifying this provider. - required: true - type: integer - /providers/ldap/: - get: - operationId: providers_ldap_list - description: LDAPProvider Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/LDAPProvider' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - post: - operationId: providers_ldap_create - description: LDAPProvider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/LDAPProvider' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/LDAPProvider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - parameters: [] - /providers/ldap/{id}/: - get: - operationId: providers_ldap_read - description: LDAPProvider Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/LDAPProvider' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - put: - operationId: providers_ldap_update - description: LDAPProvider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/LDAPProvider' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/LDAPProvider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - patch: - operationId: providers_ldap_partial_update - description: LDAPProvider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/LDAPProvider' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/LDAPProvider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - delete: - operationId: providers_ldap_delete - description: LDAPProvider Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - parameters: - - name: id - in: path - description: A unique integer value identifying this LDAP Provider. - required: true - type: integer - /providers/oauth2/: - get: - operationId: providers_oauth2_list - description: OAuth2Provider Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/OAuth2Provider' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - post: - operationId: providers_oauth2_create - description: OAuth2Provider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/OAuth2Provider' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/OAuth2Provider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - parameters: [] - /providers/oauth2/{id}/: - get: - operationId: providers_oauth2_read - description: OAuth2Provider Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/OAuth2Provider' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - put: - operationId: providers_oauth2_update - description: OAuth2Provider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/OAuth2Provider' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/OAuth2Provider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - patch: - operationId: providers_oauth2_partial_update - description: OAuth2Provider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/OAuth2Provider' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/OAuth2Provider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - delete: - operationId: providers_oauth2_delete - description: OAuth2Provider Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - parameters: - - name: id - in: path - description: A unique integer value identifying this OAuth2/OpenID Provider. - required: true - type: integer - /providers/oauth2/{id}/setup_urls/: - get: - operationId: providers_oauth2_setup_urls - description: Get Providers setup URLs - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/OAuth2ProviderSetupURLs' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - parameters: - - name: id - in: path - description: A unique integer value identifying this OAuth2/OpenID Provider. - required: true - type: integer - /providers/proxy/: - get: - operationId: providers_proxy_list - description: ProxyProvider Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/ProxyProvider' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - post: - operationId: providers_proxy_create - description: ProxyProvider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ProxyProvider' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/ProxyProvider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - parameters: [] - /providers/proxy/{id}/: - get: - operationId: providers_proxy_read - description: ProxyProvider Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ProxyProvider' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - put: - operationId: providers_proxy_update - description: ProxyProvider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ProxyProvider' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ProxyProvider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - patch: - operationId: providers_proxy_partial_update - description: ProxyProvider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ProxyProvider' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ProxyProvider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - delete: - operationId: providers_proxy_delete - description: ProxyProvider Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - parameters: - - name: id - in: path - description: A unique integer value identifying this Proxy Provider. - required: true - type: integer - /providers/saml/: - get: - operationId: providers_saml_list - description: SAMLProvider Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/SAMLProvider' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - post: - operationId: providers_saml_create - description: SAMLProvider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/SAMLProvider' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/SAMLProvider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - parameters: [] - /providers/saml/import_metadata/: - post: - operationId: providers_saml_import_metadata - description: Create provider from SAML Metadata - parameters: - - name: name - in: formData - required: true - type: string - minLength: 1 - - name: authorization_flow - in: formData - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - - name: file - in: formData - required: true - type: file - responses: - '204': - description: Successfully imported provider - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - consumes: - - multipart/form-data - tags: - - providers - parameters: [] - /providers/saml/{id}/: - get: - operationId: providers_saml_read - description: SAMLProvider Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SAMLProvider' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - put: - operationId: providers_saml_update - description: SAMLProvider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/SAMLProvider' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SAMLProvider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - patch: - operationId: providers_saml_partial_update - description: SAMLProvider Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/SAMLProvider' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SAMLProvider' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - delete: - operationId: providers_saml_delete - description: SAMLProvider Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - providers - parameters: - - name: id - in: path - description: A unique integer value identifying this SAML Provider. - required: true - type: integer - /providers/saml/{id}/metadata/: - get: - operationId: providers_saml_metadata - description: Return metadata as XML string - parameters: - - name: download - in: query - type: boolean - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SAMLMetadata' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - providers - parameters: - - name: id - in: path - description: A unique integer value identifying this SAML Provider. - required: true - type: integer - /root/config/: - get: - operationId: root_config_list - description: Retrive public configuration options - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Config' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - root - parameters: [] - /sources/all/: - get: - operationId: sources_all_list - description: Source Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Source' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - parameters: [] - /sources/all/types/: - get: - operationId: sources_all_types - description: Get all creatable source types - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/TypeCreate' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - parameters: [] - /sources/all/user_settings/: - get: - operationId: sources_all_user_settings - description: Get all sources the user can configure - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/UserSetting' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - parameters: [] - /sources/all/{slug}/: - get: - operationId: sources_all_read - description: Source Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Source' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - delete: - operationId: sources_all_delete - description: Source Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - parameters: - - name: slug - in: path - description: Internal source name, used in URLs. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /sources/ldap/: - get: - operationId: sources_ldap_list - description: LDAP Source Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/LDAPSource' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - post: - operationId: sources_ldap_create - description: LDAP Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/LDAPSource' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/LDAPSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - parameters: [] - /sources/ldap/{slug}/: - get: - operationId: sources_ldap_read - description: LDAP Source Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/LDAPSource' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - put: - operationId: sources_ldap_update - description: LDAP Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/LDAPSource' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/LDAPSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - patch: - operationId: sources_ldap_partial_update - description: LDAP Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/LDAPSource' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/LDAPSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - delete: - operationId: sources_ldap_delete - description: LDAP Source Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - parameters: - - name: slug - in: path - description: Internal source name, used in URLs. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /sources/ldap/{slug}/sync_status/: - get: - operationId: sources_ldap_sync_status - description: Get source's sync status - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Task' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - parameters: - - name: slug - in: path - description: Internal source name, used in URLs. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /sources/oauth/: - get: - operationId: sources_oauth_list - description: Source Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/OAuthSource' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - post: - operationId: sources_oauth_create - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/OAuthSource' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/OAuthSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - parameters: [] - /sources/oauth/source_types/: - get: - operationId: sources_oauth_source_types - description: Get all creatable source types - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/SourceType' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - parameters: [] - /sources/oauth/{slug}/: - get: - operationId: sources_oauth_read - description: Source Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/OAuthSource' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - put: - operationId: sources_oauth_update - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/OAuthSource' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/OAuthSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - patch: - operationId: sources_oauth_partial_update - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/OAuthSource' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/OAuthSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - delete: - operationId: sources_oauth_delete - description: Source Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - parameters: - - name: slug - in: path - description: Internal source name, used in URLs. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /sources/oauth_user_connections/: - get: - operationId: sources_oauth_user_connections_list - description: Source Viewset - parameters: - - name: source__slug - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/UserOAuthSourceConnection' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - post: - operationId: sources_oauth_user_connections_create - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserOAuthSourceConnection' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/UserOAuthSourceConnection' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - parameters: [] - /sources/oauth_user_connections/{id}/: - get: - operationId: sources_oauth_user_connections_read - description: Source Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserOAuthSourceConnection' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - put: - operationId: sources_oauth_user_connections_update - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserOAuthSourceConnection' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserOAuthSourceConnection' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - patch: - operationId: sources_oauth_user_connections_partial_update - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserOAuthSourceConnection' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserOAuthSourceConnection' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - delete: - operationId: sources_oauth_user_connections_delete - description: Source Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - parameters: - - name: id - in: path - description: A unique integer value identifying this User OAuth Source Connection. - required: true - type: integer - /sources/plex/: - get: - operationId: sources_plex_list - description: Plex source Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/PlexSource' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - post: - operationId: sources_plex_create - description: Plex source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PlexSource' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/PlexSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - parameters: [] - /sources/plex/redeem_token/: - post: - operationId: sources_plex_redeem_token - description: |- - Redeem a plex token, check it's access to resources against what's allowed - for the source, and redirect to an authentication/enrollment flow. - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PlexTokenRedeem' - - name: slug - in: query - type: string - responses: - '200': - description: '' - schema: - $ref: '#/definitions/RedirectChallenge' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - parameters: [] - /sources/plex/{slug}/: - get: - operationId: sources_plex_read - description: Plex source Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PlexSource' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - put: - operationId: sources_plex_update - description: Plex source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PlexSource' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PlexSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - patch: - operationId: sources_plex_partial_update - description: Plex source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PlexSource' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PlexSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - delete: - operationId: sources_plex_delete - description: Plex source Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - parameters: - - name: slug - in: path - description: Internal source name, used in URLs. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /sources/saml/: - get: - operationId: sources_saml_list - description: SAMLSource Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/SAMLSource' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - post: - operationId: sources_saml_create - description: SAMLSource Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/SAMLSource' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/SAMLSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - sources - parameters: [] - /sources/saml/{slug}/: - get: - operationId: sources_saml_read - description: SAMLSource Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SAMLSource' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - put: - operationId: sources_saml_update - description: SAMLSource Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/SAMLSource' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SAMLSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - patch: - operationId: sources_saml_partial_update - description: SAMLSource Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/SAMLSource' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SAMLSource' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - delete: - operationId: sources_saml_delete - description: SAMLSource Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - parameters: - - name: slug - in: path - description: Internal source name, used in URLs. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /sources/saml/{slug}/metadata/: - get: - operationId: sources_saml_metadata - description: Return metadata as XML string - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/SAMLMetadata' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - sources - parameters: - - name: slug - in: path - description: Internal source name, used in URLs. - required: true - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - /stages/all/: - get: - operationId: stages_all_list - description: Stage Viewset - parameters: - - name: name - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Stage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/all/types/: - get: - operationId: stages_all_types - description: Get all creatable stage types - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/TypeCreate' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/all/user_settings/: - get: - operationId: stages_all_user_settings - description: Get all stages the user can configure - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/StageUserSetting' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/all/{stage_uuid}/: - get: - operationId: stages_all_read - description: Stage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Stage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_all_delete - description: Stage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this stage. - required: true - type: string - format: uuid - /stages/authenticator/static/: - get: - operationId: stages_authenticator_static_list - description: AuthenticatorStaticStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/AuthenticatorStaticStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_authenticator_static_create - description: AuthenticatorStaticStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticatorStaticStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/AuthenticatorStaticStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/authenticator/static/{stage_uuid}/: - get: - operationId: stages_authenticator_static_read - description: AuthenticatorStaticStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticatorStaticStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_authenticator_static_update - description: AuthenticatorStaticStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticatorStaticStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticatorStaticStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_authenticator_static_partial_update - description: AuthenticatorStaticStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticatorStaticStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticatorStaticStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_authenticator_static_delete - description: AuthenticatorStaticStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this Static Authenticator Stage. - required: true - type: string - format: uuid - /stages/authenticator/totp/: - get: - operationId: stages_authenticator_totp_list - description: AuthenticatorTOTPStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/AuthenticatorTOTPStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_authenticator_totp_create - description: AuthenticatorTOTPStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticatorTOTPStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/AuthenticatorTOTPStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/authenticator/totp/{stage_uuid}/: - get: - operationId: stages_authenticator_totp_read - description: AuthenticatorTOTPStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticatorTOTPStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_authenticator_totp_update - description: AuthenticatorTOTPStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticatorTOTPStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticatorTOTPStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_authenticator_totp_partial_update - description: AuthenticatorTOTPStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticatorTOTPStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticatorTOTPStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_authenticator_totp_delete - description: AuthenticatorTOTPStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this TOTP Authenticator Setup Stage. - required: true - type: string - format: uuid - /stages/authenticator/validate/: - get: - operationId: stages_authenticator_validate_list - description: AuthenticatorValidateStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/AuthenticatorValidateStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_authenticator_validate_create - description: AuthenticatorValidateStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticatorValidateStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/AuthenticatorValidateStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/authenticator/validate/{stage_uuid}/: - get: - operationId: stages_authenticator_validate_read - description: AuthenticatorValidateStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticatorValidateStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_authenticator_validate_update - description: AuthenticatorValidateStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticatorValidateStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticatorValidateStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_authenticator_validate_partial_update - description: AuthenticatorValidateStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticatorValidateStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticatorValidateStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_authenticator_validate_delete - description: AuthenticatorValidateStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this Authenticator Validation Stage. - required: true - type: string - format: uuid - /stages/authenticator/webauthn/: - get: - operationId: stages_authenticator_webauthn_list - description: AuthenticateWebAuthnStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/AuthenticateWebAuthnStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_authenticator_webauthn_create - description: AuthenticateWebAuthnStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticateWebAuthnStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/AuthenticateWebAuthnStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/authenticator/webauthn/{stage_uuid}/: - get: - operationId: stages_authenticator_webauthn_read - description: AuthenticateWebAuthnStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticateWebAuthnStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_authenticator_webauthn_update - description: AuthenticateWebAuthnStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticateWebAuthnStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticateWebAuthnStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_authenticator_webauthn_partial_update - description: AuthenticateWebAuthnStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/AuthenticateWebAuthnStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/AuthenticateWebAuthnStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_authenticator_webauthn_delete - description: AuthenticateWebAuthnStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this WebAuthn Authenticator Setup Stage. - required: true - type: string - format: uuid - /stages/captcha/: - get: - operationId: stages_captcha_list - description: CaptchaStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/CaptchaStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_captcha_create - description: CaptchaStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/CaptchaStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/CaptchaStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/captcha/{stage_uuid}/: - get: - operationId: stages_captcha_read - description: CaptchaStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/CaptchaStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_captcha_update - description: CaptchaStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/CaptchaStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/CaptchaStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_captcha_partial_update - description: CaptchaStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/CaptchaStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/CaptchaStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_captcha_delete - description: CaptchaStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this Captcha Stage. - required: true - type: string - format: uuid - /stages/consent/: - get: - operationId: stages_consent_list - description: ConsentStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/ConsentStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_consent_create - description: ConsentStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ConsentStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/ConsentStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/consent/{stage_uuid}/: - get: - operationId: stages_consent_read - description: ConsentStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ConsentStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_consent_update - description: ConsentStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ConsentStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ConsentStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_consent_partial_update - description: ConsentStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/ConsentStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/ConsentStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_consent_delete - description: ConsentStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this Consent Stage. - required: true - type: string - format: uuid - /stages/deny/: - get: - operationId: stages_deny_list - description: DenyStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/DenyStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_deny_create - description: DenyStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DenyStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/DenyStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/deny/{stage_uuid}/: - get: - operationId: stages_deny_read - description: DenyStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DenyStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_deny_update - description: DenyStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DenyStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DenyStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_deny_partial_update - description: DenyStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DenyStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DenyStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_deny_delete - description: DenyStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this Deny Stage. - required: true - type: string - format: uuid - /stages/dummy/: - get: - operationId: stages_dummy_list - description: DummyStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/DummyStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_dummy_create - description: DummyStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DummyStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/DummyStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/dummy/{stage_uuid}/: - get: - operationId: stages_dummy_read - description: DummyStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DummyStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_dummy_update - description: DummyStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DummyStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DummyStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_dummy_partial_update - description: DummyStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/DummyStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/DummyStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_dummy_delete - description: DummyStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this Dummy Stage. - required: true - type: string - format: uuid - /stages/email/: - get: - operationId: stages_email_list - description: EmailStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/EmailStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_email_create - description: EmailStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/EmailStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/EmailStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/email/templates/: - get: - operationId: stages_email_templates - description: Get all available templates, including custom templates - parameters: [] - responses: - '200': - description: '' - schema: - type: array - items: - $ref: '#/definitions/TypeCreate' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/email/{stage_uuid}/: - get: - operationId: stages_email_read - description: EmailStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/EmailStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_email_update - description: EmailStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/EmailStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/EmailStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_email_partial_update - description: EmailStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/EmailStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/EmailStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_email_delete - description: EmailStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this Email Stage. - required: true - type: string - format: uuid - /stages/identification/: - get: - operationId: stages_identification_list - description: IdentificationStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/IdentificationStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_identification_create - description: IdentificationStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/IdentificationStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/IdentificationStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/identification/{stage_uuid}/: - get: - operationId: stages_identification_read - description: IdentificationStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/IdentificationStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_identification_update - description: IdentificationStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/IdentificationStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/IdentificationStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_identification_partial_update - description: IdentificationStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/IdentificationStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/IdentificationStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_identification_delete - description: IdentificationStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this Identification Stage. - required: true - type: string - format: uuid - /stages/invitation/invitations/: - get: - operationId: stages_invitation_invitations_list - description: Invitation Viewset - parameters: - - name: created_by__username - in: query - description: '' - required: false - type: string - - name: expires - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Invitation' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_invitation_invitations_create - description: Invitation Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Invitation' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/Invitation' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/invitation/invitations/{invite_uuid}/: - get: - operationId: stages_invitation_invitations_read - description: Invitation Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Invitation' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_invitation_invitations_update - description: Invitation Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Invitation' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Invitation' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_invitation_invitations_partial_update - description: Invitation Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Invitation' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Invitation' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_invitation_invitations_delete - description: Invitation Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: invite_uuid - in: path - description: A UUID string identifying this Invitation. - required: true - type: string - format: uuid - /stages/invitation/stages/: - get: - operationId: stages_invitation_stages_list - description: InvitationStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/InvitationStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_invitation_stages_create - description: InvitationStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/InvitationStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/InvitationStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/invitation/stages/{stage_uuid}/: - get: - operationId: stages_invitation_stages_read - description: InvitationStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/InvitationStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_invitation_stages_update - description: InvitationStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/InvitationStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/InvitationStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_invitation_stages_partial_update - description: InvitationStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/InvitationStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/InvitationStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_invitation_stages_delete - description: InvitationStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this Invitation Stage. - required: true - type: string - format: uuid - /stages/password/: - get: - operationId: stages_password_list - description: PasswordStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/PasswordStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_password_create - description: PasswordStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PasswordStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/PasswordStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/password/{stage_uuid}/: - get: - operationId: stages_password_read - description: PasswordStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PasswordStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_password_update - description: PasswordStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PasswordStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PasswordStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_password_partial_update - description: PasswordStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PasswordStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PasswordStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_password_delete - description: PasswordStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this Password Stage. - required: true - type: string - format: uuid - /stages/prompt/prompts/: - get: - operationId: stages_prompt_prompts_list - description: Prompt Viewset - parameters: - - name: field_key - in: query - description: '' - required: false - type: string - - name: label - in: query - description: '' - required: false - type: string - - name: type - in: query - description: '' - required: false - type: string - - name: placeholder - in: query - description: '' - required: false - type: string - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/Prompt' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_prompt_prompts_create - description: Prompt Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Prompt' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/Prompt' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/prompt/prompts/{prompt_uuid}/: - get: - operationId: stages_prompt_prompts_read - description: Prompt Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Prompt' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_prompt_prompts_update - description: Prompt Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Prompt' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Prompt' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_prompt_prompts_partial_update - description: Prompt Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/Prompt' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/Prompt' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_prompt_prompts_delete - description: Prompt Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: prompt_uuid - in: path - description: A UUID string identifying this Prompt. - required: true - type: string - format: uuid - /stages/prompt/stages/: - get: - operationId: stages_prompt_stages_list - description: PromptStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/PromptStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_prompt_stages_create - description: PromptStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PromptStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/PromptStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/prompt/stages/{stage_uuid}/: - get: - operationId: stages_prompt_stages_read - description: PromptStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PromptStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_prompt_stages_update - description: PromptStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PromptStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PromptStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_prompt_stages_partial_update - description: PromptStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/PromptStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/PromptStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_prompt_stages_delete - description: PromptStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this Prompt Stage. - required: true - type: string - format: uuid - /stages/user_delete/: - get: - operationId: stages_user_delete_list - description: UserDeleteStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/UserDeleteStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_user_delete_create - description: UserDeleteStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserDeleteStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/UserDeleteStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/user_delete/{stage_uuid}/: - get: - operationId: stages_user_delete_read - description: UserDeleteStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserDeleteStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_user_delete_update - description: UserDeleteStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserDeleteStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserDeleteStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_user_delete_partial_update - description: UserDeleteStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserDeleteStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserDeleteStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_user_delete_delete - description: UserDeleteStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this User Delete Stage. - required: true - type: string - format: uuid - /stages/user_login/: - get: - operationId: stages_user_login_list - description: UserLoginStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/UserLoginStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_user_login_create - description: UserLoginStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserLoginStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/UserLoginStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/user_login/{stage_uuid}/: - get: - operationId: stages_user_login_read - description: UserLoginStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserLoginStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_user_login_update - description: UserLoginStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserLoginStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserLoginStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_user_login_partial_update - description: UserLoginStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserLoginStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserLoginStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_user_login_delete - description: UserLoginStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this User Login Stage. - required: true - type: string - format: uuid - /stages/user_logout/: - get: - operationId: stages_user_logout_list - description: UserLogoutStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/UserLogoutStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_user_logout_create - description: UserLogoutStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserLogoutStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/UserLogoutStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/user_logout/{stage_uuid}/: - get: - operationId: stages_user_logout_read - description: UserLogoutStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserLogoutStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_user_logout_update - description: UserLogoutStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserLogoutStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserLogoutStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_user_logout_partial_update - description: UserLogoutStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserLogoutStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserLogoutStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_user_logout_delete - description: UserLogoutStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this User Logout Stage. - required: true - type: string - format: uuid - /stages/user_write/: - get: - operationId: stages_user_write_list - description: UserWriteStage Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: page - in: query - description: Page Index - required: false - type: integer - - name: page_size - in: query - description: Page Size - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - results - - pagination - type: object - properties: - pagination: - required: - - next - - previous - - count - - current - - total_pages - - start_index - - end_index - type: object - properties: - next: - type: number - previous: - type: number - count: - type: number - current: - type: number - total_pages: - type: number - start_index: - type: number - end_index: - type: number - results: - type: array - items: - $ref: '#/definitions/UserWriteStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - post: - operationId: stages_user_write_create - description: UserWriteStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserWriteStage' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/UserWriteStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - tags: - - stages - parameters: [] - /stages/user_write/{stage_uuid}/: - get: - operationId: stages_user_write_read - description: UserWriteStage Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserWriteStage' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - put: - operationId: stages_user_write_update - description: UserWriteStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserWriteStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserWriteStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - patch: - operationId: stages_user_write_partial_update - description: UserWriteStage Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/UserWriteStage' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/UserWriteStage' - '400': - description: Invalid input. - schema: - $ref: '#/definitions/ValidationError' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - delete: - operationId: stages_user_write_delete - description: UserWriteStage Viewset - parameters: [] - responses: - '204': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' - '404': - description: Object does not exist or caller has insufficient permissions - to access it. - schema: - $ref: '#/definitions/APIException' - tags: - - stages - parameters: - - name: stage_uuid - in: path - description: A UUID string identifying this User Write Stage. - required: true - type: string - format: uuid -definitions: - GenericError: - title: Generic API Error - required: - - detail - type: object - properties: - detail: - description: Error details - type: string - code: - description: Error code - type: string - ValidationError: - title: Validation Error - type: object - properties: - non_field_errors: - description: List of validation errors not related to any field - type: array - items: - type: string - additionalProperties: - description: A list of error messages for each field that triggered a validation - error - type: array - items: - type: string - APIException: - title: Generic API Error - required: - - detail - type: object - properties: - detail: - description: Error details - type: string - code: - description: Error code - type: string - App: - required: - - name - - label - type: object - properties: - name: - title: Name - type: string - minLength: 1 - label: - title: Label - type: string - minLength: 1 - Coordinate: - type: object - properties: - x_cord: - title: X cord - type: integer - readOnly: true - y_cord: - title: Y cord - type: integer - readOnly: true - LoginMetrics: - type: object - properties: - logins_per_1h: - description: Get successful logins per hour for the last 24 hours - type: array - items: - $ref: '#/definitions/Coordinate' - readOnly: true - logins_failed_per_1h: - description: Get failed logins per hour for the last 24 hours - type: array - items: - $ref: '#/definitions/Coordinate' - readOnly: true - Task: - required: - - task_name - - task_description - - task_finish_timestamp - - status - - messages - type: object - properties: - task_name: - title: Task name - type: string - minLength: 1 - task_description: - title: Task description - type: string - minLength: 1 - task_finish_timestamp: - title: Task finish timestamp - type: string - format: date-time - status: - title: Status - type: string - enum: - - SUCCESSFUL - - WARNING - - ERROR - messages: - type: array - items: - type: string - x-nullable: true - Version: - type: object - properties: - version_current: - title: Version current - type: string - readOnly: true - version_latest: - title: Version latest - type: string - readOnly: true - build_hash: - title: Build hash - type: string - readOnly: true - outdated: - title: Outdated - type: boolean - readOnly: true - StaticDevice: - required: - - name - type: object - properties: - name: - title: Name - description: The human-readable name of this device. - type: string - maxLength: 64 - minLength: 1 - token_set: - type: array - items: - required: - - token - type: object - properties: - id: - title: ID - type: integer - readOnly: true - token: - title: Token - type: string - maxLength: 16 - minLength: 1 - device: - required: - - name - - user - type: object - properties: - id: - title: ID - type: integer - readOnly: true - name: - title: Name - description: The human-readable name of this device. - type: string - maxLength: 64 - minLength: 1 - confirmed: - title: Confirmed - description: Is this device ready for use? - type: boolean - throttling_failure_timestamp: - title: Throttling failure timestamp - description: A timestamp of the last failed verification attempt. - Null if last attempt succeeded. - type: string - format: date-time - x-nullable: true - throttling_failure_count: - title: Throttling failure count - description: Number of successive failed attempts. - type: integer - maximum: 2147483647 - minimum: 0 - user: - title: User - description: The user that this device belongs to. - type: integer - readOnly: true - readOnly: true - pk: - title: ID - type: integer - readOnly: true - TOTPDevice: - required: - - name - type: object - properties: - name: - title: Name - description: The human-readable name of this device. - type: string - maxLength: 64 - minLength: 1 - pk: - title: ID - type: integer - readOnly: true - WebAuthnDevice: - required: - - name - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - name: - title: Name - type: string - maxLength: 200 - minLength: 1 - created_on: - title: Created on - type: string - format: date-time - readOnly: true - Provider: - required: - - name - - authorization_flow - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - name: - title: Name - type: string - minLength: 1 - authorization_flow: - title: Authorization flow - description: Flow used when authorizing this provider. - type: string - format: uuid - property_mappings: - type: array - items: - type: string - format: uuid - uniqueItems: true - component: - title: Component - type: string - readOnly: true - assigned_application_slug: - title: Assigned application slug - type: string - readOnly: true - assigned_application_name: - title: Assigned application name - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - Application: - required: - - name - - slug - type: object - properties: - pk: - title: Pbm uuid - type: string - format: uuid - readOnly: true - name: - title: Name - description: Application's display Name. - type: string - minLength: 1 - slug: - title: Slug - description: Internal application name, used in URLs. - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - maxLength: 50 - minLength: 1 - provider: - title: Provider - type: integer - x-nullable: true - provider_obj: - $ref: '#/definitions/Provider' - launch_url: - title: Launch url - type: string - readOnly: true - meta_launch_url: - title: Meta launch url - type: string - format: uri - maxLength: 200 - meta_icon: - title: Meta icon - type: string - readOnly: true - format: uri - meta_description: - title: Meta description - type: string - meta_publisher: - title: Meta publisher - type: string - policy_engine_mode: - title: Policy engine mode - type: string - enum: - - all - - any - Group: - required: - - name - - parent - - users - type: object - properties: - pk: - title: Group uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - maxLength: 80 - minLength: 1 - is_superuser: - title: Is superuser - description: Users added to this group will be superusers. - type: boolean - parent: - title: Parent - type: string - format: uuid - x-nullable: true - users: - type: array - items: - type: integer - uniqueItems: true - attributes: - title: Attributes - type: object - User: - required: - - username - - name - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - username: - title: Username - description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ - only. - type: string - pattern: ^[\w.@+-]+$ - maxLength: 150 - minLength: 1 - name: - title: Name - description: User's display name. - type: string - minLength: 1 - is_active: - title: Active - description: Designates whether this user should be treated as active. Unselect - this instead of deleting accounts. - type: boolean - last_login: - title: Last login - type: string - format: date-time - x-nullable: true - is_superuser: - title: Is superuser - type: boolean - readOnly: true - groups: - type: array - items: - $ref: '#/definitions/Group' - readOnly: true - email: - title: Email address - type: string - format: email - maxLength: 254 - avatar: - title: Avatar - type: string - readOnly: true - minLength: 1 - attributes: - title: Attributes - type: object - uid: - title: Uid - type: string - readOnly: true - minLength: 1 - Token: - required: - - identifier - type: object - properties: - pk: - title: Token uuid - type: string - format: uuid - readOnly: true - managed: - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object can - be overwritten by migrations. You can still modify the objects via the API, - but expect changes to be overwritten in a later update. - type: string - minLength: 1 - x-nullable: true - identifier: - title: Identifier - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - maxLength: 255 - minLength: 1 - intent: - title: Intent - type: string - enum: - - verification - - api - - recovery - user: - $ref: '#/definitions/User' - description: - title: Description - type: string - expires: - title: Expires - type: string - format: date-time - expiring: - title: Expiring - type: boolean - TokenView: - type: object - properties: - key: - title: Key - type: string - readOnly: true - minLength: 1 - UserConsent: - required: - - user - - application - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - expires: - title: Expires - type: string - format: date-time - user: - $ref: '#/definitions/User' - application: - $ref: '#/definitions/Application' - SessionUser: - required: - - user - type: object - properties: - user: - $ref: '#/definitions/User' - original: - $ref: '#/definitions/User' - UserMetrics: - type: object - properties: - logins_per_1h: - description: Get successful logins per hour for the last 24 hours - type: array - items: - $ref: '#/definitions/Coordinate' - readOnly: true - logins_failed_per_1h: - description: Get failed logins per hour for the last 24 hours - type: array - items: - $ref: '#/definitions/Coordinate' - readOnly: true - authorizations_per_1h: - description: Get failed logins per hour for the last 24 hours - type: array - items: - $ref: '#/definitions/Coordinate' - readOnly: true - Link: - required: - - link - type: object - properties: - link: - title: Link - type: string - minLength: 1 - CertificateKeyPair: - required: - - name - - certificate_data - type: object - properties: - pk: - title: Kp uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - fingerprint: - title: Fingerprint - type: string - readOnly: true - certificate_data: - title: Certificate data - description: PEM-encoded Certificate data - type: string - minLength: 1 - key_data: - title: Key data - description: Optional Private Key. If this is set, you can use this keypair - for encryption. - type: string - cert_expiry: - title: Cert expiry - type: string - format: date-time - readOnly: true - cert_subject: - title: Cert subject - type: string - readOnly: true - private_key_available: - title: Private key available - type: boolean - readOnly: true - CertificateGeneration: - required: - - common_name - - validity_days - type: object - properties: - common_name: - title: Common name - type: string - minLength: 1 - subject_alt_name: - title: Subject-alt name - type: string - validity_days: - title: Validity days - type: integer - CertificateData: - type: object - properties: - data: - title: Data - type: string - readOnly: true - minLength: 1 - Event: - required: - - action - - app - type: object - properties: - pk: - title: Event uuid - type: string - format: uuid - readOnly: true - user: - title: User - type: object - action: - title: Action - type: string - minLength: 1 - app: - title: App - type: string - minLength: 1 - context: - title: Context - type: object - client_ip: - title: Client ip - type: string - minLength: 1 - x-nullable: true - created: - title: Created - type: string - format: date-time - readOnly: true - expires: - title: Expires - type: string - format: date-time - TypeCreate: - required: - - name - - description - - component - - model_name - type: object - properties: - name: - title: Name - type: string - minLength: 1 - description: - title: Description - type: string - minLength: 1 - component: - title: Component - type: string - minLength: 1 - model_name: - title: Model name - type: string - minLength: 1 - EventTopPerUser: - required: - - application - - counted_events - - unique_users - type: object - properties: - application: - title: Application - type: object - additionalProperties: - type: string - x-nullable: true - counted_events: - title: Counted events - type: integer - unique_users: - title: Unique users - type: integer - Notification: - type: object - properties: - pk: - title: Uuid - type: string - format: uuid - readOnly: true - severity: - title: Severity - type: string - readOnly: true - body: - title: Body - type: string - readOnly: true - created: - title: Created - type: string - format: date-time - readOnly: true - event: - $ref: '#/definitions/Event' - seen: - title: Seen - type: boolean - NotificationRule: - required: - - name - - transports - type: object - properties: - pk: - title: Pbm uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - transports: - description: Select which transports should be used to notify the user. If - none are selected, the notification will only be shown in the authentik - UI. - type: array - items: - description: Select which transports should be used to notify the user. - If none are selected, the notification will only be shown in the authentik - UI. - type: string - format: uuid - uniqueItems: true - severity: - title: Severity - description: Controls which severity level the created notifications will - have. - type: string - enum: - - notice - - warning - - alert - group: - title: Group - description: Define which group of users this notification should be sent - and shown to. If left empty, Notification won't ben sent. - type: string - format: uuid - x-nullable: true - group_obj: - $ref: '#/definitions/Group' - NotificationTransport: - required: - - name - - mode - type: object - properties: - pk: - title: Uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - mode: - title: Mode - type: string - enum: - - webhook - - webhook_slack - - email - mode_verbose: - title: Mode verbose - type: string - readOnly: true - webhook_url: - title: Webhook url - type: string - send_once: - title: Send once - description: Only send notification once, for example when sending a webhook - into a chat channel. - type: boolean - NotificationTransportTest: - required: - - messages - type: object - properties: - messages: - type: array - items: - type: string - minLength: 1 - Flow: - required: - - name - - slug - - title - - designation - type: object - properties: - pk: - title: Flow uuid - type: string - format: uuid - readOnly: true - policybindingmodel_ptr_id: - title: Policybindingmodel ptr id - type: string - readOnly: true - name: - title: Name - type: string - minLength: 1 - slug: - title: Slug - description: Visible in the URL. - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - maxLength: 50 - minLength: 1 - title: - title: Title - description: Shown as the Title in Flow pages. - type: string - minLength: 1 - designation: - title: Designation - description: Decides what this Flow is used for. For example, the Authentication - flow is redirect to when an un-authenticated user visits authentik. - type: string - enum: - - authentication - - authorization - - invalidation - - enrollment - - unenrollment - - recovery - - stage_configuration - background: - title: Background - description: Background shown during execution - type: string - readOnly: true - format: uri - stages: - type: array - items: - type: string - format: uuid - readOnly: true - uniqueItems: true - policies: - type: array - items: - type: string - format: uuid - readOnly: true - uniqueItems: true - cache_count: - title: Cache count - type: string - readOnly: true - policy_engine_mode: - title: Policy engine mode - type: string - enum: - - all - - any - Stage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - FlowStageBinding: - required: - - target - - stage - - order - type: object - properties: - pk: - title: Fsb uuid - type: string - format: uuid - readOnly: true - policybindingmodel_ptr_id: - title: Policybindingmodel ptr id - type: string - readOnly: true - target: - title: Target - type: string - format: uuid - stage: - title: Stage - type: string - format: uuid - stage_obj: - $ref: '#/definitions/Stage' - evaluate_on_plan: - title: Evaluate on plan - description: Evaluate policies during the Flow planning process. Disable this - for input-based policies. - type: boolean - re_evaluate_policies: - title: Re evaluate policies - description: Evaluate policies when the Stage is present to the user. - type: boolean - order: - title: Order - type: integer - maximum: 2147483647 - minimum: -2147483648 - policy_engine_mode: - title: Policy engine mode - type: string - enum: - - all - - any - ErrorDetail: - required: - - string - - code - type: object - properties: - string: - title: String - type: string - minLength: 1 - code: - title: Code - type: string - minLength: 1 - Challenge: - required: - - type - type: object - properties: - type: - title: Type - type: string - enum: - - native - - shell - - redirect - component: - title: Component - type: string - minLength: 1 - title: - title: Title - type: string - minLength: 1 - background: - title: Background - type: string - minLength: 1 - response_errors: - title: Response errors - type: object - additionalProperties: - type: array - items: - $ref: '#/definitions/ErrorDetail' - ChallengeResponse: - type: object - properties: {} - Cache: - type: object - properties: - count: - title: Count - type: integer - readOnly: true - FlowDiagram: - type: object - properties: - diagram: - title: Diagram - type: string - readOnly: true - minLength: 1 - OAuth2Provider: - required: - - name - - authorization_flow - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - name: - title: Name - type: string - minLength: 1 - authorization_flow: - title: Authorization flow - description: Flow used when authorizing this provider. - type: string - format: uuid - property_mappings: - type: array - items: - type: string - format: uuid - uniqueItems: true - component: - title: Component - type: string - readOnly: true - assigned_application_slug: - title: Assigned application slug - type: string - readOnly: true - assigned_application_name: - title: Assigned application name - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - client_type: - title: Client Type - description: |- - Confidential clients are capable of maintaining the confidentiality - of their credentials. Public clients are incapable. - type: string - enum: - - confidential - - public - client_id: - title: Client ID - type: string - maxLength: 255 - minLength: 1 - client_secret: - title: Client Secret - type: string - maxLength: 255 - access_code_validity: - title: Access code validity - description: 'Access codes not valid on or after current time + this value - (Format: hours=1;minutes=2;seconds=3).' - type: string - minLength: 1 - token_validity: - title: Token validity - description: 'Tokens not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - type: string - minLength: 1 - include_claims_in_id_token: - title: Include claims in id_token - description: Include User claims from scopes in the id_token, for applications - that don't access the userinfo endpoint. - type: boolean - jwt_alg: - title: JWT Algorithm - description: Algorithm used to sign the JWT Token - type: string - enum: - - HS256 - - RS256 - rsa_key: - title: RSA Key - description: Key used to sign the tokens. Only required when JWT Algorithm - is set to RS256. - type: string - format: uuid - x-nullable: true - redirect_uris: - title: Redirect URIs - description: Enter each URI on a new line. - type: string - minLength: 1 - sub_mode: - title: Sub mode - description: Configure what data should be used as unique User Identifier. - For most cases, the default should be fine. - type: string - enum: - - hashed_user_id - - user_username - - user_email - - user_upn - issuer_mode: - title: Issuer mode - description: Configure how the issuer field of the ID Token should be filled. - type: string - enum: - - global - - per_provider - ExpiringBaseGrantModel: - required: - - provider - - user - - scope - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - provider: - $ref: '#/definitions/OAuth2Provider' - user: - $ref: '#/definitions/User' - is_expired: - title: Is expired - type: string - readOnly: true - expires: - title: Expires - type: string - format: date-time - scope: - type: array - items: - type: string - minLength: 1 - Outpost: - required: - - name - - providers - - config - type: object - properties: - pk: - title: Uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - type: - title: Type - type: string - enum: - - proxy - - ldap - providers: - type: array - items: - type: integer - uniqueItems: true - providers_obj: - type: array - items: - $ref: '#/definitions/Provider' - readOnly: true - service_connection: - title: Service connection - description: Select Service-Connection authentik should use to manage this - outpost. Leave empty if authentik should not handle the deployment. - type: string - format: uuid - x-nullable: true - token_identifier: - title: Token identifier - type: string - readOnly: true - config: - title: Config - type: object - OutpostDefaultConfig: - type: object - properties: - config: - title: Config - type: object - readOnly: true - OutpostHealth: - type: object - properties: - last_seen: - title: Last seen - type: string - format: date-time - readOnly: true - version: - title: Version - type: string - readOnly: true - minLength: 1 - version_should: - title: Version should - type: string - readOnly: true - minLength: 1 - version_outdated: - title: Version outdated - type: boolean - readOnly: true - LDAPOutpostConfig: - required: - - name - - bind_flow_slug - - application_slug - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - name: - title: Name - type: string - minLength: 1 - base_dn: - title: Base dn - description: DN under which objects are accessible. - type: string - minLength: 1 - bind_flow_slug: - title: Bind flow slug - type: string - minLength: 1 - application_slug: - title: Application slug - type: string - minLength: 1 - search_group: - title: Search group - description: Users in this group can do search queries. If not set, every - user can execute search queries. - type: string - format: uuid - x-nullable: true - OpenIDConnectConfiguration: - description: Embed OpenID Connect provider information - required: - - issuer - - authorization_endpoint - - token_endpoint - - userinfo_endpoint - - end_session_endpoint - - introspection_endpoint - - jwks_uri - - response_types_supported - - id_token_signing_alg_values_supported - - subject_types_supported - - token_endpoint_auth_methods_supported - type: object - properties: - issuer: - title: Issuer - type: string - minLength: 1 - authorization_endpoint: - title: Authorization endpoint - type: string - minLength: 1 - token_endpoint: - title: Token endpoint - type: string - minLength: 1 - userinfo_endpoint: - title: Userinfo endpoint - type: string - minLength: 1 - end_session_endpoint: - title: End session endpoint - type: string - minLength: 1 - introspection_endpoint: - title: Introspection endpoint - type: string - minLength: 1 - jwks_uri: - title: Jwks uri - type: string - minLength: 1 - response_types_supported: - type: array - items: - type: string - minLength: 1 - id_token_signing_alg_values_supported: - type: array - items: - type: string - minLength: 1 - subject_types_supported: - type: array - items: - type: string - minLength: 1 - token_endpoint_auth_methods_supported: - type: array - items: - type: string - minLength: 1 - ProxyOutpostConfig: - required: - - name - - external_host - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - name: - title: Name - type: string - minLength: 1 - internal_host: - title: Internal host - type: string - external_host: - title: External host - type: string - minLength: 1 - internal_host_ssl_validation: - title: Internal host SSL Validation - description: Validate SSL Certificates of upstream servers - type: boolean - client_id: - title: Client ID - type: string - maxLength: 255 - minLength: 1 - client_secret: - title: Client Secret - type: string - maxLength: 255 - oidc_configuration: - $ref: '#/definitions/OpenIDConnectConfiguration' - cookie_secret: - title: Cookie secret - type: string - minLength: 1 - certificate: - title: Certificate - type: string - format: uuid - x-nullable: true - skip_path_regex: - title: Skip path regex - description: Regular expressions for which authentication is not required. - Each new line is interpreted as a new Regular Expression. - type: string - basic_auth_enabled: - title: Set HTTP-Basic Authentication - description: Set a custom HTTP-Basic Authentication header based on values - from authentik. - type: boolean - basic_auth_password_attribute: - title: HTTP-Basic Password Key - description: User/Group Attribute used for the password part of the HTTP-Basic - Header. - type: string - basic_auth_user_attribute: - title: HTTP-Basic Username Key - description: User/Group Attribute used for the user part of the HTTP-Basic - Header. If not set, the user's Email address is used. - type: string - forward_auth_mode: - title: Forward auth mode - description: Enable support for forwardAuth in traefik and nginx auth_request. - Exclusive with internal_host. - type: boolean - ServiceConnection: - required: - - name - type: object - properties: - pk: - title: Uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - local: - title: Local - description: If enabled, use the local connection. Required Docker socket/Kubernetes - Integration - type: boolean - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - ServiceConnectionState: - type: object - properties: - healthy: - title: Healthy - type: boolean - readOnly: true - version: - title: Version - type: string - readOnly: true - minLength: 1 - DockerServiceConnection: - required: - - name - - url - type: object - properties: - pk: - title: Uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - local: - title: Local - description: If enabled, use the local connection. Required Docker socket/Kubernetes - Integration - type: boolean - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - url: - title: Url - description: Can be in the format of 'unix://' when connecting to a - local docker daemon, or 'https://:2376' when connecting to a remote - system. - type: string - minLength: 1 - tls_verification: - title: Tls verification - description: CA which the endpoint's Certificate is verified against. Can - be left empty for no validation. - type: string - format: uuid - x-nullable: true - tls_authentication: - title: Tls authentication - description: Certificate/Key used for authentication. Can be left empty for - no authentication. - type: string - format: uuid - x-nullable: true - KubernetesServiceConnection: - required: - - name - type: object - properties: - pk: - title: Uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - local: - title: Local - description: If enabled, use the local connection. Required Docker socket/Kubernetes - Integration - type: boolean - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - kubeconfig: - title: Kubeconfig - description: Paste your kubeconfig here. authentik will automatically use - the currently selected context. - type: object - Policy: - type: object - properties: - pk: - title: Policy uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - x-nullable: true - execution_logging: - title: Execution logging - description: When this option is enabled, all executions of this policy will - be logged. By default, only execution errors are logged. - type: boolean - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - bound_to: - title: Bound to - type: integer - readOnly: true - PolicyTest: - required: - - user - type: object - properties: - user: - title: User - type: integer - context: - title: Context - type: object - PolicyTestResult: - required: - - passing - type: object - properties: - passing: - title: Passing - type: boolean - messages: - type: array - items: - type: string - minLength: 1 - readOnly: true - PolicyBinding: - required: - - target - - order - type: object - properties: - pk: - title: Policy binding uuid - type: string - format: uuid - readOnly: true - policy: - title: Policy - type: string - format: uuid - x-nullable: true - group: - title: Group - type: string - format: uuid - x-nullable: true - user: - title: User - type: integer - x-nullable: true - policy_obj: - $ref: '#/definitions/Policy' - group_obj: - $ref: '#/definitions/Group' - user_obj: - $ref: '#/definitions/User' - target: - title: Target - type: string - format: uuid - enabled: - title: Enabled - type: boolean - order: - title: Order - type: integer - maximum: 2147483647 - minimum: -2147483648 - timeout: - title: Timeout - description: Timeout after which Policy execution is terminated. - type: integer - maximum: 2147483647 - minimum: -2147483648 - DummyPolicy: - type: object - properties: - pk: - title: Policy uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - x-nullable: true - execution_logging: - title: Execution logging - description: When this option is enabled, all executions of this policy will - be logged. By default, only execution errors are logged. - type: boolean - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - bound_to: - title: Bound to - type: integer - readOnly: true - result: - title: Result - type: boolean - wait_min: - title: Wait min - type: integer - maximum: 2147483647 - minimum: -2147483648 - wait_max: - title: Wait max - type: integer - maximum: 2147483647 - minimum: -2147483648 - EventMatcherPolicy: - type: object - properties: - pk: - title: Policy uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - x-nullable: true - execution_logging: - title: Execution logging - description: When this option is enabled, all executions of this policy will - be logged. By default, only execution errors are logged. - type: boolean - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - bound_to: - title: Bound to - type: integer - readOnly: true - action: - title: Action - description: Match created events with this action type. When left empty, - all action types will be matched. - type: string - enum: - - login - - login_failed - - logout - - user_write - - suspicious_request - - password_set - - secret_view - - invitation_used - - authorize_application - - source_linked - - impersonation_started - - impersonation_ended - - policy_execution - - policy_exception - - property_mapping_exception - - system_task_execution - - system_task_exception - - configuration_error - - model_created - - model_updated - - model_deleted - - update_available - - custom_ - client_ip: - title: Client ip - description: Matches Event's Client IP (strict matching, for network matching - use an Expression Policy) - type: string - app: - title: App - description: Match events created by selected application. When left empty, - all applications are matched. - type: string - enum: - - authentik.admin - - authentik.api - - authentik.events - - authentik.crypto - - authentik.flows - - authentik.outposts - - authentik.lib - - authentik.policies - - authentik.policies.dummy - - authentik.policies.event_matcher - - authentik.policies.expiry - - authentik.policies.expression - - authentik.policies.hibp - - authentik.policies.password - - authentik.policies.reputation - - authentik.providers.proxy - - authentik.providers.ldap - - authentik.providers.oauth2 - - authentik.providers.saml - - authentik.recovery - - authentik.sources.ldap - - authentik.sources.oauth - - authentik.sources.plex - - authentik.sources.saml - - authentik.stages.authenticator_static - - authentik.stages.authenticator_totp - - authentik.stages.authenticator_validate - - authentik.stages.authenticator_webauthn - - authentik.stages.captcha - - authentik.stages.consent - - authentik.stages.deny - - authentik.stages.dummy - - authentik.stages.email - - authentik.stages.identification - - authentik.stages.invitation - - authentik.stages.password - - authentik.stages.prompt - - authentik.stages.user_delete - - authentik.stages.user_login - - authentik.stages.user_logout - - authentik.stages.user_write - - authentik.core - - authentik.managed - ExpressionPolicy: - required: - - expression - type: object - properties: - pk: - title: Policy uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - x-nullable: true - execution_logging: - title: Execution logging - description: When this option is enabled, all executions of this policy will - be logged. By default, only execution errors are logged. - type: boolean - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - bound_to: - title: Bound to - type: integer - readOnly: true - expression: - title: Expression - type: string - minLength: 1 - HaveIBeenPwendPolicy: - type: object - properties: - pk: - title: Policy uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - x-nullable: true - execution_logging: - title: Execution logging - description: When this option is enabled, all executions of this policy will - be logged. By default, only execution errors are logged. - type: boolean - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - bound_to: - title: Bound to - type: integer - readOnly: true - password_field: - title: Password field - description: Field key to check, field keys defined in Prompt stages are available. - type: string - minLength: 1 - allowed_count: - title: Allowed count - type: integer - maximum: 2147483647 - minimum: -2147483648 - PasswordPolicy: - required: - - error_message - type: object - properties: - pk: - title: Policy uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - x-nullable: true - execution_logging: - title: Execution logging - description: When this option is enabled, all executions of this policy will - be logged. By default, only execution errors are logged. - type: boolean - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - bound_to: - title: Bound to - type: integer - readOnly: true - password_field: - title: Password field - description: Field key to check, field keys defined in Prompt stages are available. - type: string - minLength: 1 - amount_uppercase: - title: Amount uppercase - type: integer - maximum: 2147483647 - minimum: -2147483648 - amount_lowercase: - title: Amount lowercase - type: integer - maximum: 2147483647 - minimum: -2147483648 - amount_symbols: - title: Amount symbols - type: integer - maximum: 2147483647 - minimum: -2147483648 - length_min: - title: Length min - type: integer - maximum: 2147483647 - minimum: -2147483648 - symbol_charset: - title: Symbol charset - type: string - minLength: 1 - error_message: - title: Error message - type: string - minLength: 1 - PasswordExpiryPolicy: - required: - - days - type: object - properties: - pk: - title: Policy uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - x-nullable: true - execution_logging: - title: Execution logging - description: When this option is enabled, all executions of this policy will - be logged. By default, only execution errors are logged. - type: boolean - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - bound_to: - title: Bound to - type: integer - readOnly: true - days: - title: Days - type: integer - maximum: 2147483647 - minimum: -2147483648 - deny_only: - title: Deny only - type: boolean - ReputationPolicy: - type: object - properties: - pk: - title: Policy uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - x-nullable: true - execution_logging: - title: Execution logging - description: When this option is enabled, all executions of this policy will - be logged. By default, only execution errors are logged. - type: boolean - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - bound_to: - title: Bound to - type: integer - readOnly: true - check_ip: - title: Check ip - type: boolean - check_username: - title: Check username - type: boolean - threshold: - title: Threshold - type: integer - maximum: 2147483647 - minimum: -2147483648 - IPReputation: - required: - - ip - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - ip: - title: Ip - type: string - minLength: 1 - score: - title: Score - type: integer - maximum: 2147483647 - minimum: -2147483648 - updated: - title: Updated - type: string - format: date-time - readOnly: true - UserReputation: - required: - - user - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - user: - title: User - type: integer - score: - title: Score - type: integer - maximum: 2147483647 - minimum: -2147483648 - updated: - title: Updated - type: string - format: date-time - readOnly: true - PropertyMapping: - required: - - name - - expression - type: object - properties: - pk: - title: Pm uuid - type: string - format: uuid - readOnly: true - managed: - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object can - be overwritten by migrations. You can still modify the objects via the API, - but expect changes to be overwritten in a later update. - type: string - minLength: 1 - x-nullable: true - name: - title: Name - type: string - minLength: 1 - expression: - title: Expression - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - PropertyMappingTestResult: - type: object - properties: - result: - title: Result - type: string - readOnly: true - minLength: 1 - successful: - title: Successful - type: boolean - readOnly: true - LDAPPropertyMapping: - required: - - name - - expression - - object_field - type: object - properties: - pk: - title: Pm uuid - type: string - format: uuid - readOnly: true - managed: - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object can - be overwritten by migrations. You can still modify the objects via the API, - but expect changes to be overwritten in a later update. - type: string - minLength: 1 - x-nullable: true - name: - title: Name - type: string - minLength: 1 - expression: - title: Expression - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - object_field: - title: Object field - type: string - minLength: 1 - SAMLPropertyMapping: - required: - - name - - expression - - saml_name - type: object - properties: - pk: - title: Pm uuid - type: string - format: uuid - readOnly: true - managed: - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object can - be overwritten by migrations. You can still modify the objects via the API, - but expect changes to be overwritten in a later update. - type: string - minLength: 1 - x-nullable: true - name: - title: Name - type: string - minLength: 1 - expression: - title: Expression - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - saml_name: - title: SAML Name - type: string - minLength: 1 - friendly_name: - title: Friendly name - type: string - x-nullable: true - ScopeMapping: - required: - - name - - expression - - scope_name - type: object - properties: - pk: - title: Pm uuid - type: string - format: uuid - readOnly: true - managed: - title: Managed by authentik - description: Objects which are managed by authentik. These objects are created - and updated automatically. This is flag only indicates that an object can - be overwritten by migrations. You can still modify the objects via the API, - but expect changes to be overwritten in a later update. - type: string - minLength: 1 - x-nullable: true - name: - title: Name - type: string - minLength: 1 - expression: - title: Expression - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - scope_name: - title: Scope name - description: Scope used by the client - type: string - minLength: 1 - description: - title: Description - description: Description shown to the user when consenting. If left empty, - the user won't be informed. - type: string - LDAPProvider: - required: - - name - - authorization_flow - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - name: - title: Name - type: string - minLength: 1 - authorization_flow: - title: Authorization flow - description: Flow used when authorizing this provider. - type: string - format: uuid - property_mappings: - type: array - items: - type: string - format: uuid - uniqueItems: true - component: - title: Component - type: string - readOnly: true - assigned_application_slug: - title: Assigned application slug - type: string - readOnly: true - assigned_application_name: - title: Assigned application name - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - base_dn: - title: Base dn - description: DN under which objects are accessible. - type: string - minLength: 1 - search_group: - title: Search group - description: Users in this group can do search queries. If not set, every - user can execute search queries. - type: string - format: uuid - x-nullable: true - OAuth2ProviderSetupURLs: - type: object - properties: - issuer: - title: Issuer - type: string - readOnly: true - authorize: - title: Authorize - type: string - readOnly: true - token: - title: Token - type: string - readOnly: true - user_info: - title: User info - type: string - readOnly: true - provider_info: - title: Provider info - type: string - readOnly: true - logout: - title: Logout - type: string - readOnly: true - ProxyProvider: - required: - - name - - authorization_flow - - external_host - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - name: - title: Name - type: string - minLength: 1 - authorization_flow: - title: Authorization flow - description: Flow used when authorizing this provider. - type: string - format: uuid - property_mappings: - type: array - items: - type: string - format: uuid - uniqueItems: true - component: - title: Component - type: string - readOnly: true - assigned_application_slug: - title: Assigned application slug - type: string - readOnly: true - assigned_application_name: - title: Assigned application name - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - internal_host: - title: Internal host - type: string - external_host: - title: External host - type: string - minLength: 1 - internal_host_ssl_validation: - title: Internal host SSL Validation - description: Validate SSL Certificates of upstream servers - type: boolean - certificate: - title: Certificate - type: string - format: uuid - x-nullable: true - skip_path_regex: - title: Skip path regex - description: Regular expressions for which authentication is not required. - Each new line is interpreted as a new Regular Expression. - type: string - basic_auth_enabled: - title: Set HTTP-Basic Authentication - description: Set a custom HTTP-Basic Authentication header based on values - from authentik. - type: boolean - basic_auth_password_attribute: - title: HTTP-Basic Password Key - description: User/Group Attribute used for the password part of the HTTP-Basic - Header. - type: string - basic_auth_user_attribute: - title: HTTP-Basic Username Key - description: User/Group Attribute used for the user part of the HTTP-Basic - Header. If not set, the user's Email address is used. - type: string - forward_auth_mode: - title: Forward auth mode - description: Enable support for forwardAuth in traefik and nginx auth_request. - Exclusive with internal_host. - type: boolean - redirect_uris: - title: Redirect uris - type: string - readOnly: true - minLength: 1 - SAMLProvider: - required: - - name - - authorization_flow - - acs_url - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - name: - title: Name - type: string - minLength: 1 - authorization_flow: - title: Authorization flow - description: Flow used when authorizing this provider. - type: string - format: uuid - property_mappings: - type: array - items: - type: string - format: uuid - uniqueItems: true - component: - title: Component - type: string - readOnly: true - assigned_application_slug: - title: Assigned application slug - type: string - readOnly: true - assigned_application_name: - title: Assigned application name - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - acs_url: - title: ACS URL - type: string - format: uri - maxLength: 200 - minLength: 1 - audience: - title: Audience - description: Value of the audience restriction field of the asseration. When - left empty, no audience restriction will be added. - type: string - issuer: - title: Issuer - description: Also known as EntityID - type: string - minLength: 1 - assertion_valid_not_before: - title: Assertion valid not before - description: 'Assertion valid not before current time + this value (Format: - hours=-1;minutes=-2;seconds=-3).' - type: string - minLength: 1 - assertion_valid_not_on_or_after: - title: Assertion valid not on or after - description: 'Assertion not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - type: string - minLength: 1 - session_valid_not_on_or_after: - title: Session valid not on or after - description: 'Session not valid on or after current time + this value (Format: - hours=1;minutes=2;seconds=3).' - type: string - minLength: 1 - name_id_mapping: - title: NameID Property Mapping - description: Configure how the NameID value will be created. When left empty, - the NameIDPolicy of the incoming request will be considered - type: string - x-nullable: true - digest_algorithm: - title: Digest algorithm - type: string - enum: - - http://www.w3.org/2000/09/xmldsig#sha1 - - http://www.w3.org/2001/04/xmlenc#sha256 - - http://www.w3.org/2001/04/xmldsig-more#sha384 - - http://www.w3.org/2001/04/xmlenc#sha512 - signature_algorithm: - title: Signature algorithm - type: string - enum: - - http://www.w3.org/2000/09/xmldsig#rsa-sha1 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 - - http://www.w3.org/2000/09/xmldsig#dsa-sha1 - signing_kp: - title: Signing Keypair - description: Keypair used to sign outgoing Responses going to the Service - Provider. - type: string - format: uuid - x-nullable: true - verification_kp: - title: Verification Certificate - description: When selected, incoming assertion's Signatures will be validated - against this certificate. To allow unsigned Requests, leave on default. - type: string - format: uuid - x-nullable: true - sp_binding: - title: Service Provider Binding - description: This determines how authentik sends the response back to the - Service Provider. - type: string - enum: - - redirect - - post - SAMLMetadata: - type: object - properties: - metadata: - title: Metadata - type: string - readOnly: true - FooterLink: - type: object - properties: - href: - title: Href - type: string - readOnly: true - minLength: 1 - name: - title: Name - type: string - readOnly: true - minLength: 1 - Config: - type: object - properties: - branding_logo: - title: Branding logo - type: string - readOnly: true - minLength: 1 - branding_title: - title: Branding title - type: string - readOnly: true - minLength: 1 - ui_footer_links: - type: array - items: - $ref: '#/definitions/FooterLink' - readOnly: true - error_reporting_enabled: - title: Error reporting enabled - type: boolean - readOnly: true - error_reporting_environment: - title: Error reporting environment - type: string - readOnly: true - minLength: 1 - error_reporting_send_pii: - title: Error reporting send pii - type: boolean - readOnly: true - Source: - required: - - name - - slug - type: object - properties: - pk: - title: Pbm uuid - type: string - format: uuid - readOnly: true - name: - title: Name - description: Source's display Name. - type: string - minLength: 1 - slug: - title: Slug - description: Internal source name, used in URLs. - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - maxLength: 50 - minLength: 1 - enabled: - title: Enabled - type: boolean - authentication_flow: - title: Authentication flow - description: Flow to use when authenticating existing users. - type: string - format: uuid - x-nullable: true - enrollment_flow: - title: Enrollment flow - description: Flow to use when enrolling new users. - type: string - format: uuid - x-nullable: true - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - policy_engine_mode: - title: Policy engine mode - type: string - enum: - - all - - any - user_matching_mode: - title: User matching mode - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - type: string - enum: - - identifier - - email_link - - email_deny - - username_link - - username_deny - UserSetting: - required: - - object_uid - - component - - title - type: object - properties: - object_uid: - title: Object uid - type: string - minLength: 1 - component: - title: Component - type: string - minLength: 1 - title: - title: Title - type: string - minLength: 1 - LDAPSource: - required: - - name - - slug - - server_uri - - bind_cn - - bind_password - - base_dn - type: object - properties: - pk: - title: Pbm uuid - type: string - format: uuid - readOnly: true - name: - title: Name - description: Source's display Name. - type: string - minLength: 1 - slug: - title: Slug - description: Internal source name, used in URLs. - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - maxLength: 50 - minLength: 1 - enabled: - title: Enabled - type: boolean - authentication_flow: - title: Authentication flow - description: Flow to use when authenticating existing users. - type: string - format: uuid - x-nullable: true - enrollment_flow: - title: Enrollment flow - description: Flow to use when enrolling new users. - type: string - format: uuid - x-nullable: true - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - policy_engine_mode: - title: Policy engine mode - type: string - enum: - - all - - any - user_matching_mode: - title: User matching mode - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - type: string - enum: - - identifier - - email_link - - email_deny - - username_link - - username_deny - server_uri: - title: Server URI - type: string - minLength: 1 - bind_cn: - title: Bind CN - type: string - minLength: 1 - bind_password: - title: Bind password - type: string - minLength: 1 - start_tls: - title: Enable Start TLS - type: boolean - base_dn: - title: Base DN - type: string - minLength: 1 - additional_user_dn: - title: Addition User DN - description: Prepended to Base DN for User-queries. - type: string - additional_group_dn: - title: Addition Group DN - description: Prepended to Base DN for Group-queries. - type: string - user_object_filter: - title: User object filter - description: Consider Objects matching this filter to be Users. - type: string - minLength: 1 - group_object_filter: - title: Group object filter - description: Consider Objects matching this filter to be Groups. - type: string - minLength: 1 - group_membership_field: - title: Group membership field - description: Field which contains members of a group. - type: string - minLength: 1 - object_uniqueness_field: - title: Object uniqueness field - description: Field which contains a unique Identifier. - type: string - minLength: 1 - sync_users: - title: Sync users - type: boolean - sync_users_password: - title: Sync users password - description: When a user changes their password, sync it back to LDAP. This - can only be enabled on a single LDAP source. - type: boolean - sync_groups: - title: Sync groups - type: boolean - sync_parent_group: - title: Sync parent group - type: string - format: uuid - x-nullable: true - property_mappings: - type: array - items: - type: string - format: uuid - uniqueItems: true - property_mappings_group: - description: Property mappings used for group creation/updating. - type: array - items: - description: Property mappings used for group creation/updating. - type: string - format: uuid - uniqueItems: true - SourceType: - description: Get source's type configuration - required: - - name - - slug - - urls_customizable - type: object - properties: - name: - title: Name - type: string - minLength: 1 - slug: - title: Slug - type: string - minLength: 1 - urls_customizable: - title: Urls customizable - type: boolean - request_token_url: - title: Request token url - type: string - readOnly: true - minLength: 1 - x-nullable: true - authorization_url: - title: Authorization url - type: string - readOnly: true - minLength: 1 - x-nullable: true - access_token_url: - title: Access token url - type: string - readOnly: true - minLength: 1 - x-nullable: true - profile_url: - title: Profile url - type: string - readOnly: true - minLength: 1 - x-nullable: true - OAuthSource: - required: - - name - - slug - - provider_type - - consumer_key - - consumer_secret - type: object - properties: - pk: - title: Pbm uuid - type: string - format: uuid - readOnly: true - name: - title: Name - description: Source's display Name. - type: string - minLength: 1 - slug: - title: Slug - description: Internal source name, used in URLs. - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - maxLength: 50 - minLength: 1 - enabled: - title: Enabled - type: boolean - authentication_flow: - title: Authentication flow - description: Flow to use when authenticating existing users. - type: string - format: uuid - x-nullable: true - enrollment_flow: - title: Enrollment flow - description: Flow to use when enrolling new users. - type: string - format: uuid - x-nullable: true - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - policy_engine_mode: - title: Policy engine mode - type: string - enum: - - all - - any - user_matching_mode: - title: User matching mode - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - type: string - enum: - - identifier - - email_link - - email_deny - - username_link - - username_deny - provider_type: - title: Provider type - type: string - maxLength: 255 - minLength: 1 - request_token_url: - title: Request Token URL - description: URL used to request the initial token. This URL is only required - for OAuth 1. - type: string - maxLength: 255 - minLength: 1 - x-nullable: true - authorization_url: - title: Authorization URL - description: URL the user is redirect to to conest the flow. - type: string - maxLength: 255 - minLength: 1 - x-nullable: true - access_token_url: - title: Access Token URL - description: URL used by authentik to retrive tokens. - type: string - maxLength: 255 - minLength: 1 - x-nullable: true - profile_url: - title: Profile URL - description: URL used by authentik to get user information. - type: string - maxLength: 255 - minLength: 1 - x-nullable: true - consumer_key: - title: Consumer key - type: string - minLength: 1 - consumer_secret: - title: Consumer secret - type: string - minLength: 1 - callback_url: - title: Callback url - type: string - readOnly: true - type: - $ref: '#/definitions/SourceType' - UserOAuthSourceConnection: - required: - - user - - source - - identifier - type: object - properties: - pk: - title: ID - type: integer - readOnly: true - user: - title: User - type: integer - source: - title: Source - type: string - identifier: - title: Identifier - type: string - maxLength: 255 - minLength: 1 - PlexSource: - required: - - name - - slug - type: object - properties: - pk: - title: Pbm uuid - type: string - format: uuid - readOnly: true - name: - title: Name - description: Source's display Name. - type: string - minLength: 1 - slug: - title: Slug - description: Internal source name, used in URLs. - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - maxLength: 50 - minLength: 1 - enabled: - title: Enabled - type: boolean - authentication_flow: - title: Authentication flow - description: Flow to use when authenticating existing users. - type: string - format: uuid - x-nullable: true - enrollment_flow: - title: Enrollment flow - description: Flow to use when enrolling new users. - type: string - format: uuid - x-nullable: true - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - policy_engine_mode: - title: Policy engine mode - type: string - enum: - - all - - any - user_matching_mode: - title: User matching mode - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - type: string - enum: - - identifier - - email_link - - email_deny - - username_link - - username_deny - client_id: - title: Client id - description: Client identifier used to talk to Plex. - type: string - minLength: 1 - allowed_servers: - description: Which servers a user has to be a member of to be granted access. - Empty list allows every server. - type: array - items: - title: Allowed servers - type: string - minLength: 1 - allow_friends: - title: Allow friends - description: Allow friends to authenticate, even if you don't share a server. - type: boolean - plex_token: - title: Plex token - description: Plex token used to check firends - type: string - minLength: 1 - PlexTokenRedeem: - required: - - plex_token - type: object - properties: - plex_token: - title: Plex token - type: string - minLength: 1 - RedirectChallenge: - required: - - type - - to - type: object - properties: - type: - title: Type - type: string - enum: - - native - - shell - - redirect - component: - title: Component - type: string - minLength: 1 - title: - title: Title - type: string - minLength: 1 - background: - title: Background - type: string - minLength: 1 - response_errors: - title: Response errors - type: object - additionalProperties: - type: array - items: - $ref: '#/definitions/ErrorDetail' - to: - title: To - type: string - minLength: 1 - SAMLSource: - required: - - name - - slug - - pre_authentication_flow - - sso_url - type: object - properties: - pk: - title: Pbm uuid - type: string - format: uuid - readOnly: true - name: - title: Name - description: Source's display Name. - type: string - minLength: 1 - slug: - title: Slug - description: Internal source name, used in URLs. - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - maxLength: 50 - minLength: 1 - enabled: - title: Enabled - type: boolean - authentication_flow: - title: Authentication flow - description: Flow to use when authenticating existing users. - type: string - format: uuid - x-nullable: true - enrollment_flow: - title: Enrollment flow - description: Flow to use when enrolling new users. - type: string - format: uuid - x-nullable: true - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - policy_engine_mode: - title: Policy engine mode - type: string - enum: - - all - - any - user_matching_mode: - title: User matching mode - description: How the source determines if an existing user should be authenticated - or a new user enrolled. - type: string - enum: - - identifier - - email_link - - email_deny - - username_link - - username_deny - pre_authentication_flow: - title: Pre authentication flow - description: Flow used before authentication. - type: string - format: uuid - issuer: - title: Issuer - description: Also known as Entity ID. Defaults the Metadata URL. - type: string - sso_url: - title: SSO URL - description: URL that the initial Login request is sent to. - type: string - format: uri - maxLength: 200 - minLength: 1 - slo_url: - title: SLO URL - description: Optional URL if your IDP supports Single-Logout. - type: string - format: uri - maxLength: 200 - x-nullable: true - allow_idp_initiated: - title: Allow idp initiated - description: Allows authentication flows initiated by the IdP. This can be - a security risk, as no validation of the request ID is done. - type: boolean - name_id_policy: - title: Name id policy - description: NameID Policy sent to the IdP. Can be unset, in which case no - Policy is sent. - type: string - enum: - - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress - - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent - - urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName - - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName - - urn:oasis:names:tc:SAML:2.0:nameid-format:transient - binding_type: - title: Binding type - type: string - enum: - - REDIRECT - - POST - - POST_AUTO - signing_kp: - title: Singing Keypair - description: Keypair which is used to sign outgoing requests. Leave empty - to disable signing. - type: string - format: uuid - x-nullable: true - digest_algorithm: - title: Digest algorithm - type: string - enum: - - http://www.w3.org/2000/09/xmldsig#sha1 - - http://www.w3.org/2001/04/xmlenc#sha256 - - http://www.w3.org/2001/04/xmldsig-more#sha384 - - http://www.w3.org/2001/04/xmlenc#sha512 - signature_algorithm: - title: Signature algorithm - type: string - enum: - - http://www.w3.org/2000/09/xmldsig#rsa-sha1 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 - - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 - - http://www.w3.org/2000/09/xmldsig#dsa-sha1 - temporary_user_delete_after: - title: Delete temporary users after - description: "Time offset when temporary users should be deleted. This only\ - \ applies if your IDP uses the NameID Format 'transient', and the user doesn't\ - \ log out manually. (Format: hours=1;minutes=2;seconds=3)." - type: string - minLength: 1 - StageUserSetting: - required: - - object_uid - - component - - title - type: object - properties: - object_uid: - title: Object uid - type: string - minLength: 1 - component: - title: Component - type: string - minLength: 1 - title: - title: Title - type: string - minLength: 1 - configure_flow: - title: Configure flow - type: boolean - AuthenticatorStaticStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - configure_flow: - title: Configure flow - description: Flow used by an authenticated user to configure this Stage. If - empty, user will not be able to configure this stage. - type: string - format: uuid - x-nullable: true - token_count: - title: Token count - type: integer - maximum: 2147483647 - minimum: -2147483648 - AuthenticatorTOTPStage: - required: - - name - - digits - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - configure_flow: - title: Configure flow - description: Flow used by an authenticated user to configure this Stage. If - empty, user will not be able to configure this stage. - type: string - format: uuid - x-nullable: true - digits: - title: Digits - type: integer - enum: - - 6 - - 8 - AuthenticatorValidateStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - not_configured_action: - title: Not configured action - type: string - enum: - - skip - - deny - - configure - device_classes: - description: Device classes which can be used to authenticate - type: array - items: - title: Device classes - type: string - enum: - - static - - totp - - webauthn - configuration_stage: - title: Configuration stage - description: Stage used to configure Authenticator when user doesn't have - any compatible devices. After this configuration Stage passes, the user - is not prompted again. - type: string - format: uuid - x-nullable: true - AuthenticateWebAuthnStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - configure_flow: - title: Configure flow - description: Flow used by an authenticated user to configure this Stage. If - empty, user will not be able to configure this stage. - type: string - format: uuid - x-nullable: true - CaptchaStage: - required: - - name - - public_key - - private_key - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - public_key: - title: Public key - description: Public key, acquired from https://www.google.com/recaptcha/intro/v3.html - type: string - minLength: 1 - private_key: - title: Private key - description: Private key, acquired from https://www.google.com/recaptcha/intro/v3.html - type: string - minLength: 1 - ConsentStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - mode: - title: Mode - type: string - enum: - - always_require - - permanent - - expiring - consent_expire_in: - title: Consent expires in - description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' - type: string - minLength: 1 - DenyStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - DummyStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - EmailStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - use_global_settings: - title: Use global settings - description: When enabled, global Email connection settings will be used and - connection settings below will be ignored. - type: boolean - host: - title: Host - type: string - minLength: 1 - port: - title: Port - type: integer - maximum: 2147483647 - minimum: -2147483648 - username: - title: Username - type: string - password: - title: Password - type: string - use_tls: - title: Use tls - type: boolean - use_ssl: - title: Use ssl - type: boolean - timeout: - title: Timeout - type: integer - maximum: 2147483647 - minimum: -2147483648 - from_address: - title: From address - type: string - format: email - maxLength: 254 - minLength: 1 - token_expiry: - title: Token expiry - description: Time in minutes the token sent is valid. - type: integer - maximum: 2147483647 - minimum: -2147483648 - subject: - title: Subject - type: string - minLength: 1 - template: - title: Template - type: string - minLength: 1 - IdentificationStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - user_fields: - description: Fields of the user object to match against. (Hold shift to select - multiple options) - type: array - items: - title: User fields - type: string - enum: - - email - - username - case_insensitive_matching: - title: Case insensitive matching - description: When enabled, user fields are matched regardless of their casing. - type: boolean - show_matched_user: - title: Show matched user - description: When a valid username/email has been entered, and this option - is enabled, the user's username and avatar will be shown. Otherwise, the - text that the user entered will be shown - type: boolean - enrollment_flow: - title: Enrollment flow - description: Optional enrollment flow, which is linked at the bottom of the - page. - type: string - format: uuid - x-nullable: true - recovery_flow: - title: Recovery flow - description: Optional recovery flow, which is linked at the bottom of the - page. - type: string - format: uuid - x-nullable: true - Invitation: - type: object - properties: - pk: - title: Invite uuid - type: string - format: uuid - readOnly: true - expires: - title: Expires - type: string - format: date-time - x-nullable: true - fixed_data: - title: Fixed data - type: object - created_by: - $ref: '#/definitions/User' - single_use: - title: Single use - description: When enabled, the invitation will be deleted after usage. - type: boolean - InvitationStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - continue_flow_without_invitation: - title: Continue flow without invitation - description: If this flag is set, this Stage will jump to the next Stage when - no Invitation is given. By default this Stage will cancel the Flow when - no invitation is given. - type: boolean - PasswordStage: - required: - - name - - backends - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - backends: - description: Selection of backends to test the password against. - type: array - items: - title: Backends - type: string - enum: - - django.contrib.auth.backends.ModelBackend - - authentik.sources.ldap.auth.LDAPBackend - configure_flow: - title: Configure flow - description: Flow used by an authenticated user to configure this Stage. If - empty, user will not be able to configure this stage. - type: string - format: uuid - x-nullable: true - failed_attempts_before_cancel: - title: Failed attempts before cancel - description: How many attempts a user has before the flow is canceled. To - lock the user out, use a reputation policy and a user_write stage. - type: integer - maximum: 2147483647 - minimum: -2147483648 - Prompt: - required: - - field_key - - label - - type - type: object - properties: - pk: - title: Prompt uuid - type: string - format: uuid - readOnly: true - field_key: - title: Field key - description: Name of the form field, also used to store the value - type: string - format: slug - pattern: ^[-a-zA-Z0-9_]+$ - maxLength: 50 - minLength: 1 - label: - title: Label - type: string - minLength: 1 - type: - title: Type - type: string - enum: - - text - - username - - email - - password - - number - - checkbox - - date - - date-time - - separator - - hidden - - static - required: - title: Required - type: boolean - placeholder: - title: Placeholder - type: string - order: - title: Order - type: integer - maximum: 2147483647 - minimum: -2147483648 - promptstage_set: - type: array - items: - $ref: '#/definitions/Stage' - PromptStage: - required: - - name - - fields - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - fields: - type: array - items: - type: string - format: uuid - uniqueItems: true - validation_policies: - type: array - items: - type: string - format: uuid - uniqueItems: true - UserDeleteStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - UserLoginStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - session_duration: - title: Session duration - description: 'Determines how long a session lasts. Default of 0 means that - the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' - type: string - minLength: 1 - UserLogoutStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' - UserWriteStage: - required: - - name - type: object - properties: - pk: - title: Stage uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - minLength: 1 - component: - title: Component - type: string - readOnly: true - verbose_name: - title: Verbose name - type: string - readOnly: true - verbose_name_plural: - title: Verbose name plural - type: string - readOnly: true - flow_set: - type: array - items: - $ref: '#/definitions/Flow' diff --git a/web/azure-pipelines.yml b/web/azure-pipelines.yml index e7d99859b3..039e3608b8 100644 --- a/web/azure-pipelines.yml +++ b/web/azure-pipelines.yml @@ -9,7 +9,7 @@ trigger: stages: - stage: generate jobs: - - job: swagger_generate + - job: generate_api pool: vmImage: 'ubuntu-latest' steps: @@ -19,12 +19,11 @@ stages: displayName: 'Install Node.js' - task: CmdLine@2 inputs: - script: | - docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 + script: make gen-web - task: PublishPipelineArtifact@1 inputs: targetPath: 'web/api/' - artifact: 'ts_swagger_client' + artifact: 'ts_api_client' publishLocation: 'pipeline' - stage: lint jobs: @@ -39,7 +38,7 @@ stages: - task: DownloadPipelineArtifact@2 inputs: buildType: 'current' - artifactName: 'ts_swagger_client' + artifactName: 'ts_api_client' path: "web/api/" - task: Npm@1 inputs: @@ -61,7 +60,7 @@ stages: - task: DownloadPipelineArtifact@2 inputs: buildType: 'current' - artifactName: 'ts_swagger_client' + artifactName: 'ts_api_client' path: "web/api/" - task: Npm@1 inputs: @@ -85,7 +84,7 @@ stages: - task: DownloadPipelineArtifact@2 inputs: buildType: 'current' - artifactName: 'ts_swagger_client' + artifactName: 'ts_api_client' path: "web/api/" - task: Npm@1 inputs: diff --git a/web/src/api/Config.ts b/web/src/api/Config.ts index 488e758bf2..83374bab87 100644 --- a/web/src/api/Config.ts +++ b/web/src/api/Config.ts @@ -15,13 +15,13 @@ export class LoggingMiddleware implements Middleware { let globalConfigPromise: Promise; export function config(): Promise { if (!globalConfigPromise) { - globalConfigPromise = new RootApi(DEFAULT_CONFIG).rootConfigList(); + globalConfigPromise = new RootApi(DEFAULT_CONFIG).rootConfigRetrieve(); } return globalConfigPromise; } export const DEFAULT_CONFIG = new Configuration({ - basePath: "/api/v2beta", + basePath: "", headers: { "X-CSRFToken": getCookie("authentik_csrf"), }, diff --git a/web/src/api/Flows.ts b/web/src/api/Flows.ts index 10f7c40f91..367ded8e17 100644 --- a/web/src/api/Flows.ts +++ b/web/src/api/Flows.ts @@ -1,4 +1,4 @@ -import { ChallengeTypeEnum } from "authentik-api"; +import { ChallengeChoices } from "authentik-api"; export interface Error { code: string; @@ -10,7 +10,7 @@ export interface ErrorDict { } export interface Challenge { - type: ChallengeTypeEnum; + type: ChallengeChoices; component?: string; title?: string; response_errors?: ErrorDict; diff --git a/web/src/api/Users.ts b/web/src/api/Users.ts index a0201c7cc5..5c74d035c9 100644 --- a/web/src/api/Users.ts +++ b/web/src/api/Users.ts @@ -4,9 +4,14 @@ import { DEFAULT_CONFIG } from "./Config"; let globalMePromise: Promise; export function me(): Promise { if (!globalMePromise) { - globalMePromise = new CoreApi(DEFAULT_CONFIG).coreUsersMe().catch((ex) => { + globalMePromise = new CoreApi(DEFAULT_CONFIG).coreUsersMeRetrieve().catch((ex) => { const defaultUser: SessionUser = { user: { + pk: -1, + isSuperuser: false, + groups: [], + avatar: "", + uid: "", username: "", name: "" } diff --git a/web/src/elements/buttons/TokenCopyButton.ts b/web/src/elements/buttons/TokenCopyButton.ts index b04c327d87..9def978920 100644 --- a/web/src/elements/buttons/TokenCopyButton.ts +++ b/web/src/elements/buttons/TokenCopyButton.ts @@ -17,7 +17,7 @@ export class TokenCopyButton extends ActionButton { if (!this.identifier) { return Promise.reject(); } - return new CoreApi(DEFAULT_CONFIG).coreTokensViewKey({ + return new CoreApi(DEFAULT_CONFIG).coreTokensViewKeyRetrieve({ identifier: this.identifier }).then((token) => { if (!token.key) { diff --git a/web/src/elements/charts/AdminLoginsChart.ts b/web/src/elements/charts/AdminLoginsChart.ts index 6a89f66454..316cfc012a 100644 --- a/web/src/elements/charts/AdminLoginsChart.ts +++ b/web/src/elements/charts/AdminLoginsChart.ts @@ -8,7 +8,7 @@ import { DEFAULT_CONFIG } from "../../api/Config"; export class AdminLoginsChart extends AKChart { apiRequest(): Promise { - return new AdminApi(DEFAULT_CONFIG).adminMetricsList(); + return new AdminApi(DEFAULT_CONFIG).adminMetricsRetrieve(); } getChartData(data: LoginMetrics): ChartData { diff --git a/web/src/elements/charts/ApplicationAuthorizeChart.ts b/web/src/elements/charts/ApplicationAuthorizeChart.ts index 4484de7f4e..861f51da75 100644 --- a/web/src/elements/charts/ApplicationAuthorizeChart.ts +++ b/web/src/elements/charts/ApplicationAuthorizeChart.ts @@ -11,7 +11,7 @@ export class ApplicationAuthorizeChart extends AKChart { applicationSlug!: string; apiRequest(): Promise { - return new CoreApi(DEFAULT_CONFIG).coreApplicationsMetrics({ slug: this.applicationSlug }); + return new CoreApi(DEFAULT_CONFIG).coreApplicationsMetricsList({ slug: this.applicationSlug }); } getChartData(data: Coordinate[]): ChartData { diff --git a/web/src/elements/charts/UserChart.ts b/web/src/elements/charts/UserChart.ts index e68e0780d1..29dc8ef49c 100644 --- a/web/src/elements/charts/UserChart.ts +++ b/web/src/elements/charts/UserChart.ts @@ -11,7 +11,7 @@ export class UserChart extends AKChart { userId?: number; apiRequest(): Promise { - return new CoreApi(DEFAULT_CONFIG).coreUsersMetrics({ + return new CoreApi(DEFAULT_CONFIG).coreUsersMetricsRetrieve({ id: this.userId || 0, }); } diff --git a/web/src/elements/forms/Form.ts b/web/src/elements/forms/Form.ts index 786c4cf03d..4eaade5a05 100644 --- a/web/src/elements/forms/Form.ts +++ b/web/src/elements/forms/Form.ts @@ -14,7 +14,7 @@ import PFInputGroup from "@patternfly/patternfly/components/InputGroup/input-gro import { MessageLevel } from "../messages/Message"; import { IronFormElement } from "@polymer/iron-form/iron-form"; import { camelToSnake, convertToSlug } from "../../utils"; -import { ValidationError } from "authentik-api/src"; +import { ValidationError } from "authentik-api"; import { EVENT_REFRESH } from "../../constants"; export class APIError extends Error { diff --git a/web/src/elements/notifications/NotificationDrawer.ts b/web/src/elements/notifications/NotificationDrawer.ts index b97dd2b9ff..0185aa1116 100644 --- a/web/src/elements/notifications/NotificationDrawer.ts +++ b/web/src/elements/notifications/NotificationDrawer.ts @@ -32,7 +32,7 @@ export class NotificationDrawer extends LitElement { firstUpdated(): void { new EventsApi(DEFAULT_CONFIG).eventsNotificationsList({ - seen: "false", + seen: false, ordering: "-created", }).then(r => { this.notifications = r; @@ -73,7 +73,7 @@ export class NotificationDrawer extends LitElement { `; diff --git a/web/src/pages/LibraryPage.ts b/web/src/pages/LibraryPage.ts index c963122fad..853f1617ac 100644 --- a/web/src/pages/LibraryPage.ts +++ b/web/src/pages/LibraryPage.ts @@ -56,7 +56,7 @@ export class LibraryApplication extends LitElement { if (!this.application) { return html``; } - return html` + return html`
${this.application.metaIcon ? html`Application Icon` diff --git a/web/src/pages/admin-overview/TopApplicationsTable.ts b/web/src/pages/admin-overview/TopApplicationsTable.ts index 9c42c8f9b2..12e052ee69 100644 --- a/web/src/pages/admin-overview/TopApplicationsTable.ts +++ b/web/src/pages/admin-overview/TopApplicationsTable.ts @@ -18,7 +18,7 @@ export class TopApplicationsTable extends LitElement { } firstUpdated(): void { - new EventsApi(DEFAULT_CONFIG).eventsEventsTopPerUser({ + new EventsApi(DEFAULT_CONFIG).eventsEventsTopPerUserList({ action: "authorize_application", topN: 11, }).then((events) => { diff --git a/web/src/pages/admin-overview/cards/BackupStatusCard.ts b/web/src/pages/admin-overview/cards/BackupStatusCard.ts index 707cd1e90b..18ff320882 100644 --- a/web/src/pages/admin-overview/cards/BackupStatusCard.ts +++ b/web/src/pages/admin-overview/cards/BackupStatusCard.ts @@ -1,20 +1,20 @@ import { t } from "@lingui/macro"; import { customElement, html, TemplateResult } from "lit-element"; import { AdminStatus, AdminStatusCard } from "./AdminStatusCard"; -import { AdminApi, TaskStatusEnum } from "authentik-api"; +import { AdminApi, StatusEnum } from "authentik-api"; import { DEFAULT_CONFIG } from "../../../api/Config"; import { convertToTitle } from "../../../utils"; @customElement("ak-admin-status-card-backup") -export class BackupStatusCard extends AdminStatusCard { +export class BackupStatusCard extends AdminStatusCard { - getPrimaryValue(): Promise { - return new AdminApi(DEFAULT_CONFIG).adminSystemTasksRead({ + getPrimaryValue(): Promise { + return new AdminApi(DEFAULT_CONFIG).adminSystemTasksRetrieve({ id: "backup_database" }).then((value) => { return value.status; }).catch(() => { - return TaskStatusEnum.Error; + return StatusEnum.Error; }); } @@ -22,14 +22,14 @@ export class BackupStatusCard extends AdminStatusCard { return html`${convertToTitle(this.value?.toString() || "")}`; } - getStatus(value: TaskStatusEnum): Promise { + getStatus(value: StatusEnum): Promise { switch (value) { - case TaskStatusEnum.Warning: + case StatusEnum.Warning: return Promise.resolve({ icon: "fa fa-exclamation-triangle pf-m-warning", message: t`Backup finished with warnings.`, }); - case TaskStatusEnum.Error: + case StatusEnum.Error: return Promise.resolve({ icon: "fa fa-times-circle pf-m-danger", message: t`Backup finished with errors.`, diff --git a/web/src/pages/admin-overview/cards/VersionStatusCard.ts b/web/src/pages/admin-overview/cards/VersionStatusCard.ts index 499efe3bae..f8cdde1ad7 100644 --- a/web/src/pages/admin-overview/cards/VersionStatusCard.ts +++ b/web/src/pages/admin-overview/cards/VersionStatusCard.ts @@ -8,7 +8,7 @@ import { AdminStatusCard, AdminStatus } from "./AdminStatusCard"; export class VersionStatusCard extends AdminStatusCard { getPrimaryValue(): Promise { - return new AdminApi(DEFAULT_CONFIG).adminVersionList(); + return new AdminApi(DEFAULT_CONFIG).adminVersionRetrieve(); } getStatus(value: Version): Promise { diff --git a/web/src/pages/admin-overview/cards/WorkerStatusCard.ts b/web/src/pages/admin-overview/cards/WorkerStatusCard.ts index f93dc1402c..5b97b4a287 100644 --- a/web/src/pages/admin-overview/cards/WorkerStatusCard.ts +++ b/web/src/pages/admin-overview/cards/WorkerStatusCard.ts @@ -8,8 +8,8 @@ import { AdminStatus, AdminStatusCard } from "./AdminStatusCard"; export class WorkersStatusCard extends AdminStatusCard { getPrimaryValue(): Promise { - return new AdminApi(DEFAULT_CONFIG).adminWorkersList({}).then((workers) => { - return workers.pagination.count; + return new AdminApi(DEFAULT_CONFIG).adminWorkersRetrieve().then((workers) => { + return workers.count; }); } diff --git a/web/src/pages/admin-overview/charts/FlowStatusChart.ts b/web/src/pages/admin-overview/charts/FlowStatusChart.ts index 4836642795..b064e567c0 100644 --- a/web/src/pages/admin-overview/charts/FlowStatusChart.ts +++ b/web/src/pages/admin-overview/charts/FlowStatusChart.ts @@ -31,7 +31,7 @@ export class PolicyStatusChart extends AKChart { async apiRequest(): Promise { const api = new FlowsApi(DEFAULT_CONFIG); - const cached = (await api.flowsInstancesCacheInfo()).count || 0; + const cached = (await api.flowsInstancesCacheInfoRetrieve()).count || 0; const count = (await api.flowsInstancesList({ pageSize: 1 })).pagination.count; diff --git a/web/src/pages/admin-overview/charts/GroupCountStatusChart.ts b/web/src/pages/admin-overview/charts/GroupCountStatusChart.ts index 9755ebc4b2..186a6060a2 100644 --- a/web/src/pages/admin-overview/charts/GroupCountStatusChart.ts +++ b/web/src/pages/admin-overview/charts/GroupCountStatusChart.ts @@ -34,7 +34,7 @@ export class GroupCountStatusChart extends AKChart { pageSize: 1 })).pagination.count; const superusers = (await api.coreGroupsList({ - isSuperuser: "true" + isSuperuser: true })).pagination.count; this.centerText = count.toString(); return { diff --git a/web/src/pages/admin-overview/charts/LDAPSyncStatusChart.ts b/web/src/pages/admin-overview/charts/LDAPSyncStatusChart.ts index 934f937efe..fac4532dbe 100644 --- a/web/src/pages/admin-overview/charts/LDAPSyncStatusChart.ts +++ b/web/src/pages/admin-overview/charts/LDAPSyncStatusChart.ts @@ -1,6 +1,6 @@ import { t } from "@lingui/macro"; import { customElement } from "lit-element"; -import { SourcesApi, TaskStatusEnum } from "authentik-api"; +import { SourcesApi, StatusEnum } from "authentik-api"; import { DEFAULT_CONFIG } from "../../../api/Config"; import "../../../elements/forms/ConfirmationForm"; import { AKChart } from "../../../elements/charts/Chart"; @@ -38,10 +38,10 @@ export class LDAPSyncStatusChart extends AKChart { let unsynced = 0; await Promise.all(sources.results.map(async (element) => { try { - const health = await api.sourcesLdapSyncStatus({ + const health = await api.sourcesLdapSyncStatusRetrieve({ slug: element.slug, }); - if (health.status !== TaskStatusEnum.Successful) { + if (health.status !== StatusEnum.Successful) { failed += 1; } const now = new Date().getTime(); diff --git a/web/src/pages/admin-overview/charts/OutpostStatusChart.ts b/web/src/pages/admin-overview/charts/OutpostStatusChart.ts index 073f686542..de8681f6f9 100644 --- a/web/src/pages/admin-overview/charts/OutpostStatusChart.ts +++ b/web/src/pages/admin-overview/charts/OutpostStatusChart.ts @@ -37,7 +37,7 @@ export class OutpostStatusChart extends AKChart { let outdated = 0; let unhealthy = 0; await Promise.all(outposts.results.map(async (element) => { - const health = await api.outpostsOutpostsHealth({ + const health = await api.outpostsInstancesHealthList({ uuid: element.pk || "", }); if (health.length === 0) { diff --git a/web/src/pages/admin-overview/charts/PolicyStatusChart.ts b/web/src/pages/admin-overview/charts/PolicyStatusChart.ts index 6d859e19a0..6adf4d7b05 100644 --- a/web/src/pages/admin-overview/charts/PolicyStatusChart.ts +++ b/web/src/pages/admin-overview/charts/PolicyStatusChart.ts @@ -32,13 +32,13 @@ export class PolicyStatusChart extends AKChart { async apiRequest(): Promise { const api = new PoliciesApi(DEFAULT_CONFIG); - const cached = (await api.policiesAllCacheInfo()).count || 0; + const cached = (await api.policiesAllCacheInfoRetrieve()).count || 0; const count = (await api.policiesAllList({ pageSize: 1 })).pagination.count; const unbound = (await api.policiesAllList({ - bindingsIsnull: "true", - promptstageIsnull: "true", + bindingsIsnull: true, + promptstageIsnull: true, })).pagination.count; this.centerText = count.toString(); return { diff --git a/web/src/pages/applications/ApplicationForm.ts b/web/src/pages/applications/ApplicationForm.ts index 2e027a1bf6..9070d20fdf 100644 --- a/web/src/pages/applications/ApplicationForm.ts +++ b/web/src/pages/applications/ApplicationForm.ts @@ -1,4 +1,4 @@ -import { CoreApi, Application, ProvidersApi, Provider, ApplicationPolicyEngineModeEnum } from "authentik-api"; +import { CoreApi, Application, ProvidersApi, Provider, PolicyEngineMode } from "authentik-api"; import { t } from "@lingui/macro"; import { CSSResult, customElement, property } from "lit-element"; import { html, TemplateResult } from "lit-html"; @@ -18,7 +18,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class ApplicationForm extends ModelForm { loadInstance(pk: string): Promise { - return new CoreApi(DEFAULT_CONFIG).coreApplicationsRead({ + return new CoreApi(DEFAULT_CONFIG).coreApplicationsRetrieve({ slug: pk }); } @@ -43,17 +43,17 @@ export class ApplicationForm extends ModelForm { if (this.instance) { writeOp = new CoreApi(DEFAULT_CONFIG).coreApplicationsUpdate({ slug: this.instance.slug, - data: data + applicationRequest: data }); } else { writeOp = new CoreApi(DEFAULT_CONFIG).coreApplicationsCreate({ - data: data + applicationRequest: data }); } const icon = this.getFormFile(); if (icon) { return writeOp.then(app => { - return new CoreApi(DEFAULT_CONFIG).coreApplicationsSetIcon({ + return new CoreApi(DEFAULT_CONFIG).coreApplicationsSetIconCreate({ slug: app.slug, file: icon }); @@ -115,7 +115,7 @@ export class ApplicationForm extends ModelForm {
- ${until(new SourcesApi(DEFAULT_CONFIG).sourcesLdapSyncStatus({ + ${until(new SourcesApi(DEFAULT_CONFIG).sourcesLdapSyncStatusRetrieve({ slug: this.source.slug }).then((ls) => { let header = html``; - if (ls.status === TaskStatusEnum.Warning) { + if (ls.status === StatusEnum.Warning) { header = html`

${t`Task finished with warnings`}

`; - } else if (status === TaskStatusEnum.Error) { + } else if (status === StatusEnum.Error) { header = html`

${t`Task finished with errors`}

`; } else { header = html`

${t`Last sync: ${ls.taskFinishTimestamp.toLocaleString()}`}

`; @@ -161,7 +161,7 @@ export class LDAPSourceViewPage extends LitElement { .apiRequest=${() => { return new SourcesApi(DEFAULT_CONFIG).sourcesLdapPartialUpdate({ slug: this.source?.slug || "", - data: this.source, + patchedLDAPSourceRequest: this.source, }); }}> ${t`Retry Task`} diff --git a/web/src/pages/sources/oauth/OAuthSourceForm.ts b/web/src/pages/sources/oauth/OAuthSourceForm.ts index de7d66630b..d7ece0fb6a 100644 --- a/web/src/pages/sources/oauth/OAuthSourceForm.ts +++ b/web/src/pages/sources/oauth/OAuthSourceForm.ts @@ -1,4 +1,4 @@ -import { OAuthSource, SourcesApi, FlowsApi, FlowDesignationEnum, OAuthSourceUserMatchingModeEnum } from "authentik-api"; +import { OAuthSource, SourcesApi, FlowsApi, UserMatchingModeEnum, OAuthSourceRequest, FlowsInstancesListDesignationEnum } from "authentik-api"; import { t } from "@lingui/macro"; import { customElement, property } from "lit-element"; import { html, TemplateResult } from "lit-html"; @@ -15,7 +15,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class OAuthSourceForm extends ModelForm { loadInstance(pk: string): Promise { - return new SourcesApi(DEFAULT_CONFIG).sourcesOauthRead({ + return new SourcesApi(DEFAULT_CONFIG).sourcesOauthRetrieve({ slug: pk, }).then(source => { this.showUrlOptions = first(source.type?.urlsCustomizable, false); @@ -44,11 +44,11 @@ export class OAuthSourceForm extends ModelForm { if (this.instance) { return new SourcesApi(DEFAULT_CONFIG).sourcesOauthPartialUpdate({ slug: this.instance.slug, - data: data + patchedOAuthSourceRequest: data }); } else { return new SourcesApi(DEFAULT_CONFIG).sourcesOauthCreate({ - data: data + oAuthSourceRequest: data as unknown as OAuthSourceRequest }); } }; @@ -139,19 +139,19 @@ export class OAuthSourceForm extends ModelForm { ?required=${true} name="userMatchingMode"> @@ -173,7 +173,7 @@ export class OAuthSourceForm extends ModelForm { ?required=${true} ?writeOnly=${this.instance !== undefined} name="consumerSecret"> - + { } this.instance.providerType = selected.value; }}> - ${until(new SourcesApi(DEFAULT_CONFIG).sourcesOauthSourceTypes().then(types => { + ${until(new SourcesApi(DEFAULT_CONFIG).sourcesOauthSourceTypesList().then(types => { return types.map(type => { let selected = this.instance?.providerType === type.slug; if (!this.instance?.pk) { @@ -230,7 +230,7 @@ export class OAuthSourceForm extends ModelForm { ${until(new FlowsApi(DEFAULT_CONFIG).flowsInstancesList({ ordering: "pk", - designation: FlowDesignationEnum.Enrollment, + designation: FlowsInstancesListDesignationEnum.Enrollment, }).then(flows => { return flows.results.map(flow => { let selected = this.instance?.enrollmentFlow === flow.pk; diff --git a/web/src/pages/sources/oauth/OAuthSourceViewPage.ts b/web/src/pages/sources/oauth/OAuthSourceViewPage.ts index b4f9bb4985..f2176bd51c 100644 --- a/web/src/pages/sources/oauth/OAuthSourceViewPage.ts +++ b/web/src/pages/sources/oauth/OAuthSourceViewPage.ts @@ -29,7 +29,7 @@ export class OAuthSourceViewPage extends LitElement { @property({ type: String }) set sourceSlug(value: string) { - new SourcesApi(DEFAULT_CONFIG).sourcesOauthRead({ + new SourcesApi(DEFAULT_CONFIG).sourcesOauthRetrieve({ slug: value }).then((source) => { this.source = source; diff --git a/web/src/pages/sources/plex/PlexSourceForm.ts b/web/src/pages/sources/plex/PlexSourceForm.ts index 404f83d44d..c553808005 100644 --- a/web/src/pages/sources/plex/PlexSourceForm.ts +++ b/web/src/pages/sources/plex/PlexSourceForm.ts @@ -1,4 +1,4 @@ -import { PlexSource, SourcesApi, FlowsApi, FlowDesignationEnum, PlexSourceUserMatchingModeEnum } from "authentik-api"; +import { PlexSource, SourcesApi, FlowsApi, UserMatchingModeEnum, FlowsInstancesListDesignationEnum } from "authentik-api"; import { t } from "@lingui/macro"; import { customElement, property } from "lit-element"; import { html, TemplateResult } from "lit-html"; @@ -16,7 +16,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class PlexSourceForm extends ModelForm { loadInstance(pk: string): Promise { - return new SourcesApi(DEFAULT_CONFIG).sourcesPlexRead({ + return new SourcesApi(DEFAULT_CONFIG).sourcesPlexRetrieve({ slug: pk, }).then(source => { this.plexToken = source.plexToken; @@ -50,11 +50,11 @@ export class PlexSourceForm extends ModelForm { if (this.instance?.slug) { return new SourcesApi(DEFAULT_CONFIG).sourcesPlexUpdate({ slug: this.instance.slug, - data: data + plexSourceRequest: data }); } else { return new SourcesApi(DEFAULT_CONFIG).sourcesPlexCreate({ - data: data + plexSourceRequest: data }); } }; @@ -137,19 +137,19 @@ export class PlexSourceForm extends ModelForm { ?required=${true} name="userMatchingMode"> @@ -181,7 +181,7 @@ export class PlexSourceForm extends ModelForm { ${until(new FlowsApi(DEFAULT_CONFIG).flowsInstancesList({ ordering: "pk", - designation: FlowDesignationEnum.Enrollment, + designation: FlowsInstancesListDesignationEnum.Enrollment, }).then(flows => { return flows.results.map(flow => { let selected = this.instance?.enrollmentFlow === flow.pk; diff --git a/web/src/pages/sources/plex/PlexSourceViewPage.ts b/web/src/pages/sources/plex/PlexSourceViewPage.ts index 556c610e3b..6593595c82 100644 --- a/web/src/pages/sources/plex/PlexSourceViewPage.ts +++ b/web/src/pages/sources/plex/PlexSourceViewPage.ts @@ -29,7 +29,7 @@ export class PlexSourceViewPage extends LitElement { @property({ type: String }) set sourceSlug(value: string) { - new SourcesApi(DEFAULT_CONFIG).sourcesPlexRead({ + new SourcesApi(DEFAULT_CONFIG).sourcesPlexRetrieve({ slug: value }).then((source) => { this.source = source; diff --git a/web/src/pages/sources/saml/SAMLSourceForm.ts b/web/src/pages/sources/saml/SAMLSourceForm.ts index a20695c4bd..7d71a2c200 100644 --- a/web/src/pages/sources/saml/SAMLSourceForm.ts +++ b/web/src/pages/sources/saml/SAMLSourceForm.ts @@ -1,4 +1,4 @@ -import { SAMLSource, SourcesApi, SAMLSourceBindingTypeEnum, SAMLSourceNameIdPolicyEnum, CryptoApi, SAMLSourceDigestAlgorithmEnum, SAMLSourceSignatureAlgorithmEnum, FlowsApi, FlowDesignationEnum } from "authentik-api"; +import { SAMLSource, SourcesApi, BindingTypeEnum, NameIdPolicyEnum, CryptoApi, DigestAlgorithmEnum, SignatureAlgorithmEnum, FlowsApi, FlowsInstancesListDesignationEnum } from "authentik-api"; import { t } from "@lingui/macro"; import { customElement } from "lit-element"; import { html, TemplateResult } from "lit-html"; @@ -14,7 +14,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class SAMLSourceForm extends ModelForm { loadInstance(pk: string): Promise { - return new SourcesApi(DEFAULT_CONFIG).sourcesSamlRead({ + return new SourcesApi(DEFAULT_CONFIG).sourcesSamlRetrieve({ slug: pk, }); } @@ -31,11 +31,11 @@ export class SAMLSourceForm extends ModelForm { if (this.instance) { return new SourcesApi(DEFAULT_CONFIG).sourcesSamlUpdate({ slug: this.instance.slug, - data: data + sAMLSourceRequest: data }); } else { return new SourcesApi(DEFAULT_CONFIG).sourcesSamlCreate({ - data: data + sAMLSourceRequest: data }); } }; @@ -92,13 +92,13 @@ export class SAMLSourceForm extends ModelForm { ?required=${true} name="bindingType"> @@ -139,19 +139,19 @@ export class SAMLSourceForm extends ModelForm { ?required=${true} name="nameIdPolicy"> @@ -168,16 +168,16 @@ export class SAMLSourceForm extends ModelForm { ?required=${true} name="digestAlgorithm"> @@ -187,19 +187,19 @@ export class SAMLSourceForm extends ModelForm { ?required=${true} name="signatureAlgorithm"> @@ -218,7 +218,7 @@ export class SAMLSourceForm extends ModelForm { ${until(new FlowsApi(DEFAULT_CONFIG).flowsInstancesList({ ordering: "pk", - designation: FlowDesignationEnum.Authentication, + designation: FlowsInstancesListDesignationEnum.Authentication, }).then(flows => { return flows.results.map(flow => { let selected = this.instance?.authenticationFlow === flow.pk; @@ -258,7 +258,7 @@ export class SAMLSourceForm extends ModelForm { { const target = ev.target as HTMLSelectElement; - if (target.selectedOptions[0].value === AuthenticatorValidateStageNotConfiguredActionEnum.Configure) { + if (target.selectedOptions[0].value === NotConfiguredActionEnum.Configure) { this.showConfigureFlow = true; } else { this.showConfigureFlow = false; } }}> - - - @@ -95,13 +95,13 @@ export class AuthenticatorValidateStageForm extends ModelForm diff --git a/web/src/pages/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts b/web/src/pages/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts index 0b449b019d..4577ccbb46 100644 --- a/web/src/pages/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts +++ b/web/src/pages/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class AuthenticateWebAuthnStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorWebauthnRead({ + return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorWebauthnRetrieve({ stageUuid: pk, }); } @@ -28,11 +28,11 @@ export class AuthenticateWebAuthnStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesCaptchaRead({ + return new StagesApi(DEFAULT_CONFIG).stagesCaptchaRetrieve({ stageUuid: pk, }); } @@ -29,11 +29,11 @@ export class CaptchaStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesCaptchaPartialUpdate({ stageUuid: this.instance.pk || "", - data: data + patchedCaptchaStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesCaptchaCreate({ - data: data + captchaStageRequest: data as unknown as CaptchaStageRequest }); } }; @@ -66,7 +66,7 @@ export class CaptchaStageForm extends ModelForm { ?required=${true} ?writeOnly=${this.instance !== undefined} name="privateKey"> - +

${t`Private key, acquired from https://www.google.com/recaptcha/intro/v3.html.`}
diff --git a/web/src/pages/stages/consent/ConsentStageForm.ts b/web/src/pages/stages/consent/ConsentStageForm.ts index c1776f77b1..31e968d7dd 100644 --- a/web/src/pages/stages/consent/ConsentStageForm.ts +++ b/web/src/pages/stages/consent/ConsentStageForm.ts @@ -12,7 +12,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class ConsentStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesConsentRead({ + return new StagesApi(DEFAULT_CONFIG).stagesConsentRetrieve({ stageUuid: pk, }).then(stage => { this.showExpiresIn = stage.name === ConsentStageModeEnum.Expiring; @@ -35,11 +35,11 @@ export class ConsentStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesConsentUpdate({ stageUuid: this.instance.pk || "", - data: data + consentStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesConsentCreate({ - data: data + consentStageRequest: data }); } }; diff --git a/web/src/pages/stages/deny/DenyStageForm.ts b/web/src/pages/stages/deny/DenyStageForm.ts index 9b261a25c3..f6bab8a8f8 100644 --- a/web/src/pages/stages/deny/DenyStageForm.ts +++ b/web/src/pages/stages/deny/DenyStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class DenyStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesDenyRead({ + return new StagesApi(DEFAULT_CONFIG).stagesDenyRetrieve({ stageUuid: pk, }); } @@ -28,11 +28,11 @@ export class DenyStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesDenyUpdate({ stageUuid: this.instance.pk || "", - data: data + denyStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesDenyCreate({ - data: data + denyStageRequest: data }); } }; diff --git a/web/src/pages/stages/dummy/DummyStageForm.ts b/web/src/pages/stages/dummy/DummyStageForm.ts index b753efec52..837da5a9d1 100644 --- a/web/src/pages/stages/dummy/DummyStageForm.ts +++ b/web/src/pages/stages/dummy/DummyStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class DummyStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesDummyRead({ + return new StagesApi(DEFAULT_CONFIG).stagesDummyRetrieve({ stageUuid: pk, }); } @@ -28,11 +28,11 @@ export class DummyStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesDummyUpdate({ stageUuid: this.instance.pk || "", - data: data + dummyStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesDummyCreate({ - data: data + dummyStageRequest: data }); } }; diff --git a/web/src/pages/stages/email/EmailStageForm.ts b/web/src/pages/stages/email/EmailStageForm.ts index d7d82a424c..77d7d72079 100644 --- a/web/src/pages/stages/email/EmailStageForm.ts +++ b/web/src/pages/stages/email/EmailStageForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class EmailStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesEmailRead({ + return new StagesApi(DEFAULT_CONFIG).stagesEmailRetrieve({ stageUuid: pk, }).then(stage => { this.showConnectionSettings = !stage.useGlobalSettings; @@ -37,11 +37,11 @@ export class EmailStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesEmailPartialUpdate({ stageUuid: this.instance.pk || "", - data: data + patchedEmailStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesEmailCreate({ - data: data + emailStageRequest: data }); } }; @@ -76,7 +76,7 @@ export class EmailStageForm extends ModelForm { label=${t`SMTP Password`} ?writeOnly=${this.instance !== undefined} name="password"> - +
@@ -156,7 +156,7 @@ export class EmailStageForm extends ModelForm { ?required=${true} name="template"> - - @@ -101,7 +101,7 @@ export class IdentificationStageForm extends ModelForm--------- ${until(new FlowsApi(DEFAULT_CONFIG).flowsInstancesList({ ordering: "pk", - designation: FlowDesignationEnum.Enrollment, + designation: FlowsInstancesListDesignationEnum.Enrollment, }).then(flows => { return flows.results.map(flow => { const selected = this.instance?.enrollmentFlow === flow.pk; @@ -118,7 +118,7 @@ export class IdentificationStageForm extends ModelForm--------- ${until(new FlowsApi(DEFAULT_CONFIG).flowsInstancesList({ ordering: "pk", - designation: FlowDesignationEnum.Recovery, + designation: FlowsInstancesListDesignationEnum.Recovery, }).then(flows => { return flows.results.map(flow => { const selected = this.instance?.recoveryFlow === flow.pk; diff --git a/web/src/pages/stages/invitation/InvitationForm.ts b/web/src/pages/stages/invitation/InvitationForm.ts index 76b3065ce1..83e827d35f 100644 --- a/web/src/pages/stages/invitation/InvitationForm.ts +++ b/web/src/pages/stages/invitation/InvitationForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class InvitationForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesInvitationInvitationsRead({ + return new StagesApi(DEFAULT_CONFIG).stagesInvitationInvitationsRetrieve({ inviteUuid: pk, }); } @@ -30,11 +30,11 @@ export class InvitationForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesInvitationInvitationsUpdate({ inviteUuid: this.instance.pk || "", - data: data + invitationRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesInvitationInvitationsCreate({ - data: data + invitationRequest: data }); } }; diff --git a/web/src/pages/stages/invitation/InvitationListPage.ts b/web/src/pages/stages/invitation/InvitationListPage.ts index c6c30ea316..788f034749 100644 --- a/web/src/pages/stages/invitation/InvitationListPage.ts +++ b/web/src/pages/stages/invitation/InvitationListPage.ts @@ -59,7 +59,7 @@ export class InvitationListPage extends TablePage { .obj=${item} objectLabel=${t`Prompt`} .delete=${() => { - return new StagesApi(DEFAULT_CONFIG).stagesInvitationInvitationsDelete({ + return new StagesApi(DEFAULT_CONFIG).stagesInvitationInvitationsDestroy({ inviteUuid: item.pk || "" }); }}> diff --git a/web/src/pages/stages/invitation/InvitationStageForm.ts b/web/src/pages/stages/invitation/InvitationStageForm.ts index 6597581342..ed5e1542f3 100644 --- a/web/src/pages/stages/invitation/InvitationStageForm.ts +++ b/web/src/pages/stages/invitation/InvitationStageForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class InvitationStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesRead({ + return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesRetrieve({ stageUuid: pk, }); } @@ -30,11 +30,11 @@ export class InvitationStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesUpdate({ stageUuid: this.instance.pk || "", - data: data + invitationStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesCreate({ - data: data + invitationStageRequest: data }); } }; diff --git a/web/src/pages/stages/password/PasswordStageForm.ts b/web/src/pages/stages/password/PasswordStageForm.ts index 4b8981eba0..910f61fdb1 100644 --- a/web/src/pages/stages/password/PasswordStageForm.ts +++ b/web/src/pages/stages/password/PasswordStageForm.ts @@ -1,4 +1,4 @@ -import { FlowDesignationEnum, FlowsApi, PasswordStage, PasswordStageBackendsEnum, StagesApi } from "authentik-api"; +import { FlowsApi, PasswordStage, BackendsEnum, StagesApi, FlowsInstancesListDesignationEnum } from "authentik-api"; import { t } from "@lingui/macro"; import { customElement } from "lit-element"; import { html, TemplateResult } from "lit-html"; @@ -14,7 +14,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class PasswordStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesPasswordRead({ + return new StagesApi(DEFAULT_CONFIG).stagesPasswordRetrieve({ stageUuid: pk, }); } @@ -31,16 +31,16 @@ export class PasswordStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesPasswordUpdate({ stageUuid: this.instance.pk || "", - data: data + passwordStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesPasswordCreate({ - data: data + passwordStageRequest: data }); } }; - isBackendSelected(field: PasswordStageBackendsEnum): boolean { + isBackendSelected(field: BackendsEnum): boolean { return (this.instance?.backends || []).filter(isField => { return field === isField; }).length > 0; @@ -67,10 +67,10 @@ export class PasswordStageForm extends ModelForm { ?required=${true} name="backends"> @@ -85,7 +85,7 @@ export class PasswordStageForm extends ModelForm { ${until(new FlowsApi(DEFAULT_CONFIG).flowsInstancesList({ ordering: "pk", - designation: FlowDesignationEnum.StageConfiguration, + designation: FlowsInstancesListDesignationEnum.StageConfiguration, }).then(flows => { return flows.results.map(flow => { let selected = this.instance?.configureFlow === flow.pk; diff --git a/web/src/pages/stages/prompt/PromptForm.ts b/web/src/pages/stages/prompt/PromptForm.ts index fab889beea..d8269dee9a 100644 --- a/web/src/pages/stages/prompt/PromptForm.ts +++ b/web/src/pages/stages/prompt/PromptForm.ts @@ -12,7 +12,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class PromptForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesPromptPromptsRead({ + return new StagesApi(DEFAULT_CONFIG).stagesPromptPromptsRetrieve({ promptUuid: pk }); } @@ -29,11 +29,11 @@ export class PromptForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesPromptPromptsUpdate({ promptUuid: this.instance.pk || "", - data: data + promptRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesPromptPromptsCreate({ - data: data + promptRequest: data }); } }; diff --git a/web/src/pages/stages/prompt/PromptListPage.ts b/web/src/pages/stages/prompt/PromptListPage.ts index 5cdf6af945..cc2ef42105 100644 --- a/web/src/pages/stages/prompt/PromptListPage.ts +++ b/web/src/pages/stages/prompt/PromptListPage.ts @@ -78,7 +78,7 @@ export class PromptListPage extends TablePage { .obj=${item} objectLabel=${t`Prompt`} .delete=${() => { - return new StagesApi(DEFAULT_CONFIG).stagesPromptPromptsDelete({ + return new StagesApi(DEFAULT_CONFIG).stagesPromptPromptsDestroy({ promptUuid: item.pk || "" }); }}> diff --git a/web/src/pages/stages/prompt/PromptStageForm.ts b/web/src/pages/stages/prompt/PromptStageForm.ts index 89711f639a..ef3b3c4038 100644 --- a/web/src/pages/stages/prompt/PromptStageForm.ts +++ b/web/src/pages/stages/prompt/PromptStageForm.ts @@ -15,7 +15,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class PromptStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesRead({ + return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesRetrieve({ stageUuid: pk, }); } @@ -32,11 +32,11 @@ export class PromptStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesUpdate({ stageUuid: this.instance.pk || "", - data: data + promptStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesCreate({ - data: data + promptStageRequest: data }); } }; diff --git a/web/src/pages/stages/user_delete/UserDeleteStageForm.ts b/web/src/pages/stages/user_delete/UserDeleteStageForm.ts index 2e03e7aca7..000200f942 100644 --- a/web/src/pages/stages/user_delete/UserDeleteStageForm.ts +++ b/web/src/pages/stages/user_delete/UserDeleteStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class UserDeleteStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteRead({ + return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteRetrieve({ stageUuid: pk, }); } @@ -28,11 +28,11 @@ export class UserDeleteStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteUpdate({ stageUuid: this.instance.pk || "", - data: data + userDeleteStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteCreate({ - data: data + userDeleteStageRequest: data }); } }; diff --git a/web/src/pages/stages/user_login/UserLoginStageForm.ts b/web/src/pages/stages/user_login/UserLoginStageForm.ts index aacf236660..32adda5942 100644 --- a/web/src/pages/stages/user_login/UserLoginStageForm.ts +++ b/web/src/pages/stages/user_login/UserLoginStageForm.ts @@ -12,7 +12,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class UserLoginStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesUserLoginRead({ + return new StagesApi(DEFAULT_CONFIG).stagesUserLoginRetrieve({ stageUuid: pk, }); } @@ -29,11 +29,11 @@ export class UserLoginStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesUserLoginUpdate({ stageUuid: this.instance.pk || "", - data: data + userLoginStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesUserLoginCreate({ - data: data + userLoginStageRequest: data }); } }; diff --git a/web/src/pages/stages/user_logout/UserLogoutStageForm.ts b/web/src/pages/stages/user_logout/UserLogoutStageForm.ts index 2bf3da4135..af9a249d34 100644 --- a/web/src/pages/stages/user_logout/UserLogoutStageForm.ts +++ b/web/src/pages/stages/user_logout/UserLogoutStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class UserLogoutStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutRead({ + return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutRetrieve({ stageUuid: pk, }); } @@ -28,11 +28,11 @@ export class UserLogoutStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutUpdate({ stageUuid: this.instance.pk || "", - data: data + userLogoutStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutCreate({ - data: data + userLogoutStageRequest: data }); } }; diff --git a/web/src/pages/stages/user_write/UserWriteStageForm.ts b/web/src/pages/stages/user_write/UserWriteStageForm.ts index cb8c7b31d5..aebd2143cf 100644 --- a/web/src/pages/stages/user_write/UserWriteStageForm.ts +++ b/web/src/pages/stages/user_write/UserWriteStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class UserWriteStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesUserWriteRead({ + return new StagesApi(DEFAULT_CONFIG).stagesUserWriteRetrieve({ stageUuid: pk, }); } @@ -28,11 +28,11 @@ export class UserWriteStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesUserWriteUpdate({ stageUuid: this.instance.pk || "", - data: data + userWriteStageRequest: data }); } else { return new StagesApi(DEFAULT_CONFIG).stagesUserWriteCreate({ - data: data + userWriteStageRequest: data }); } }; diff --git a/web/src/pages/system-tasks/SystemTaskListPage.ts b/web/src/pages/system-tasks/SystemTaskListPage.ts index b7c4077f35..ed33ff181a 100644 --- a/web/src/pages/system-tasks/SystemTaskListPage.ts +++ b/web/src/pages/system-tasks/SystemTaskListPage.ts @@ -7,7 +7,7 @@ import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList import "../../elements/buttons/SpinnerButton"; import "../../elements/buttons/ActionButton"; import { TableColumn } from "../../elements/table/Table"; -import { AdminApi, Task, TaskStatusEnum } from "authentik-api"; +import { AdminApi, Task, StatusEnum } from "authentik-api"; import { DEFAULT_CONFIG } from "../../api/Config"; import { PFColor } from "../../elements/Label"; @@ -62,11 +62,11 @@ export class SystemTaskListPage extends TablePage { taskStatus(task: Task): TemplateResult { switch (task.status) { - case TaskStatusEnum.Successful: + case StatusEnum.Successful: return html``; - case TaskStatusEnum.Warning: + case StatusEnum.Warning: return html``; - case TaskStatusEnum.Error: + case StatusEnum.Error: return html``; default: return html``; @@ -105,8 +105,8 @@ export class SystemTaskListPage extends TablePage { this.taskStatus(item), html` { - return new AdminApi(DEFAULT_CONFIG).adminSystemTasksRetry({ - id: item.taskName + return new AdminApi(DEFAULT_CONFIG).adminSystemTasksRetryCreate({ + id: item.taskName, }); }}> ${t`Retry Task`} diff --git a/web/src/pages/tokens/TokenListPage.ts b/web/src/pages/tokens/TokenListPage.ts index b34bc5a529..a3fd39b453 100644 --- a/web/src/pages/tokens/TokenListPage.ts +++ b/web/src/pages/tokens/TokenListPage.ts @@ -59,7 +59,7 @@ export class TokenListPage extends TablePage { .obj=${item} objectLabel=${t`Token`} .delete=${() => { - return new CoreApi(DEFAULT_CONFIG).coreTokensDelete({ + return new CoreApi(DEFAULT_CONFIG).coreTokensDestroy({ identifier: item.identifier }); }}> diff --git a/web/src/pages/user-settings/UserDetailsPage.ts b/web/src/pages/user-settings/UserDetailsPage.ts index b66ef926ef..b9c876a5f3 100644 --- a/web/src/pages/user-settings/UserDetailsPage.ts +++ b/web/src/pages/user-settings/UserDetailsPage.ts @@ -49,7 +49,7 @@ export class UserDetailsPage extends LitElement { .send=${(data: unknown) => { return new CoreApi(DEFAULT_CONFIG).coreUsersUpdate({ id: this.user?.pk || 0, - data: data as User + userRequest: data as User }); }}>
diff --git a/web/src/pages/user-settings/UserSettingsPage.ts b/web/src/pages/user-settings/UserSettingsPage.ts index 8f474ff033..75650bbbab 100644 --- a/web/src/pages/user-settings/UserSettingsPage.ts +++ b/web/src/pages/user-settings/UserSettingsPage.ts @@ -21,8 +21,8 @@ import "../../elements/Tabs"; import "../../elements/PageHeader"; import "./tokens/UserTokenList"; import "./UserDetailsPage"; -import "./settings/UserSettingsAuthenticatorTOTP"; import "./settings/UserSettingsAuthenticatorStatic"; +import "./settings/UserSettingsAuthenticatorTOTP"; import "./settings/UserSettingsAuthenticatorWebAuthn"; import "./settings/UserSettingsPassword"; import "./settings/SourceSettingsOAuth"; @@ -78,14 +78,14 @@ export class UserSettingsPage extends LitElement {
- ${until(new StagesApi(DEFAULT_CONFIG).stagesAllUserSettings().then((stages) => { + ${until(new StagesApi(DEFAULT_CONFIG).stagesAllUserSettingsList().then((stages) => { return stages.map((stage) => { return html`
${this.renderStageSettings(stage)}
`; }); }))} - ${until(new SourcesApi(DEFAULT_CONFIG).sourcesAllUserSettings().then((source) => { + ${until(new SourcesApi(DEFAULT_CONFIG).sourcesAllUserSettingsList().then((source) => { return source.map((stage) => { return html`
${this.renderSourceSettings(stage)} diff --git a/web/src/pages/user-settings/settings/SourceSettingsOAuth.ts b/web/src/pages/user-settings/settings/SourceSettingsOAuth.ts index a3d1eeeff4..fa94b7f7e2 100644 --- a/web/src/pages/user-settings/settings/SourceSettingsOAuth.ts +++ b/web/src/pages/user-settings/settings/SourceSettingsOAuth.ts @@ -31,7 +31,7 @@ export class SourceSettingsOAuth extends BaseUserSettings { return html`

${t`Connected.`}

`; } @@ -57,9 +72,9 @@ export class UserSettingsAuthenticatorStatic extends BaseUserSettings { render(): TemplateResult { return html`
- ${t`Static tokens`} + ${t`Time-based One-Time Passwords`}
- ${until(new AuthenticatorsApi(DEFAULT_CONFIG).authenticatorsTotpList({}).then((devices) => { + ${until(new AuthenticatorsApi(DEFAULT_CONFIG).authenticatorsStaticList({}).then((devices) => { return devices.results.length > 0 ? this.renderEnabled() : this.renderDisabled(); }))}
`; diff --git a/web/src/pages/user-settings/settings/UserSettingsAuthenticatorTOTP.ts b/web/src/pages/user-settings/settings/UserSettingsAuthenticatorTOTP.ts index 2ce65527f9..ca58bf7916 100644 --- a/web/src/pages/user-settings/settings/UserSettingsAuthenticatorTOTP.ts +++ b/web/src/pages/user-settings/settings/UserSettingsAuthenticatorTOTP.ts @@ -1,10 +1,9 @@ import { AuthenticatorsApi } from "authentik-api"; import { t } from "@lingui/macro"; -import { CSSResult, customElement, html, property, TemplateResult } from "lit-element"; +import { customElement, html, property, TemplateResult } from "lit-element"; import { until } from "lit-html/directives/until"; import { DEFAULT_CONFIG } from "../../../api/Config"; import { FlowURLManager } from "../../../api/legacy"; -import { STATIC_TOKEN_STYLE } from "../../../flows/stages/authenticator_static/AuthenticatorStaticStage"; import { BaseUserSettings } from "./BaseUserSettings"; @customElement("ak-user-settings-authenticator-totp") @@ -13,42 +12,28 @@ export class UserSettingsAuthenticatorTOTP extends BaseUserSettings { @property({ type: Boolean }) configureFlow = false; - static get styles(): CSSResult[] { - return super.styles.concat(STATIC_TOKEN_STYLE); - } - renderEnabled(): TemplateResult { return html`

${t`Status: Enabled`}

-
    - ${until(new AuthenticatorsApi(DEFAULT_CONFIG).authenticatorsStaticList({}).then((devices) => { - if (devices.results.length < 1) { - return; - } - return devices.results[0].tokenSet?.map((token) => { - return html`
  • ${token.token}
    • `; - }); - }))} -
`; } @@ -72,7 +57,7 @@ export class UserSettingsAuthenticatorTOTP extends BaseUserSettings { render(): TemplateResult { return html`
- ${t`Time-based One-Time Passwords`} + ${t`Static tokens`}
${until(new AuthenticatorsApi(DEFAULT_CONFIG).authenticatorsTotpList({}).then((devices) => { return devices.results.length > 0 ? this.renderEnabled() : this.renderDisabled(); diff --git a/web/src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts b/web/src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts index fc40933e7e..2aa19db3b9 100644 --- a/web/src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts +++ b/web/src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts @@ -29,7 +29,7 @@ export class UserSettingsAuthenticatorWebAuthn extends BaseUserSettings { .obj=${device} objectLabel=${t`Authenticator`} .delete=${() => { - return new AuthenticatorsApi(DEFAULT_CONFIG).authenticatorsWebauthnDelete({ + return new AuthenticatorsApi(DEFAULT_CONFIG).authenticatorsWebauthnDestroy({ id: device.pk || 0 }); }}> @@ -53,7 +53,7 @@ export class UserSettingsAuthenticatorWebAuthn extends BaseUserSettings { .send=${(data: unknown) => { return new AuthenticatorsApi(DEFAULT_CONFIG).authenticatorsWebauthnUpdate({ id: device.pk || 0, - data: data as WebAuthnDevice + webAuthnDeviceRequest: data as WebAuthnDevice }); }}> diff --git a/web/src/pages/user-settings/tokens/UserTokenForm.ts b/web/src/pages/user-settings/tokens/UserTokenForm.ts index 8fad961096..3ca2746357 100644 --- a/web/src/pages/user-settings/tokens/UserTokenForm.ts +++ b/web/src/pages/user-settings/tokens/UserTokenForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class UserTokenForm extends ModelForm { loadInstance(pk: string): Promise { - return new CoreApi(DEFAULT_CONFIG).coreTokensRead({ + return new CoreApi(DEFAULT_CONFIG).coreTokensRetrieve({ identifier: pk }); } @@ -28,11 +28,11 @@ export class UserTokenForm extends ModelForm { if (this.instance) { return new CoreApi(DEFAULT_CONFIG).coreTokensUpdate({ identifier: this.instance.identifier, - data: data + tokenRequest: data }); } else { return new CoreApi(DEFAULT_CONFIG).coreTokensCreate({ - data: data + tokenRequest: data }); } }; diff --git a/web/src/pages/user-settings/tokens/UserTokenList.ts b/web/src/pages/user-settings/tokens/UserTokenList.ts index 9cd0ad58ab..de6b5124e6 100644 --- a/web/src/pages/user-settings/tokens/UserTokenList.ts +++ b/web/src/pages/user-settings/tokens/UserTokenList.ts @@ -120,7 +120,7 @@ export class UserTokenList extends Table { .obj=${item} objectLabel=${t`Token`} .delete=${() => { - return new CoreApi(DEFAULT_CONFIG).coreTokensDelete({ + return new CoreApi(DEFAULT_CONFIG).coreTokensDestroy({ identifier: item.identifier }); }}> diff --git a/web/src/pages/users/UserForm.ts b/web/src/pages/users/UserForm.ts index 2f5c727618..9cec630ed2 100644 --- a/web/src/pages/users/UserForm.ts +++ b/web/src/pages/users/UserForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class UserForm extends ModelForm { loadInstance(pk: number): Promise { - return new CoreApi(DEFAULT_CONFIG).coreUsersRead({ + return new CoreApi(DEFAULT_CONFIG).coreUsersRetrieve({ id: pk }); } @@ -31,11 +31,11 @@ export class UserForm extends ModelForm { if (this.instance) { return new CoreApi(DEFAULT_CONFIG).coreUsersUpdate({ id: this.instance.pk || 0, - data: data + userRequest: data }); } else { return new CoreApi(DEFAULT_CONFIG).coreUsersCreate({ - data: data + userRequest: data }); } }; diff --git a/web/src/pages/users/UserListPage.ts b/web/src/pages/users/UserListPage.ts index cbf999fc98..f919b6e901 100644 --- a/web/src/pages/users/UserListPage.ts +++ b/web/src/pages/users/UserListPage.ts @@ -94,7 +94,7 @@ export class UserListPage extends TablePage { .delete=${() => { return new CoreApi(DEFAULT_CONFIG).coreUsersPartialUpdate({ id: item.pk || 0, - data: { + patchedUserRequest: { username: item.username, name: item.name, isActive: !item.isActive, @@ -112,7 +112,7 @@ export class UserListPage extends TablePage { .obj=${item} objectLabel=${t`User`} .delete=${() => { - return new CoreApi(DEFAULT_CONFIG).coreUsersDelete({ + return new CoreApi(DEFAULT_CONFIG).coreUsersDestroy({ id: item.pk || 0 }); }}> @@ -125,7 +125,7 @@ export class UserListPage extends TablePage { { - return new CoreApi(DEFAULT_CONFIG).coreUsersRecovery({ + return new CoreApi(DEFAULT_CONFIG).coreUsersRecoveryRetrieve({ id: item.pk || 0, }).then(rec => { showMessage({ diff --git a/web/src/pages/users/UserViewPage.ts b/web/src/pages/users/UserViewPage.ts index 4f8d640513..3747130742 100644 --- a/web/src/pages/users/UserViewPage.ts +++ b/web/src/pages/users/UserViewPage.ts @@ -38,7 +38,7 @@ export class UserViewPage extends LitElement { @property({ type: Number }) set userId(id: number) { - new CoreApi(DEFAULT_CONFIG).coreUsersRead({ + new CoreApi(DEFAULT_CONFIG).coreUsersRetrieve({ id: id, }).then((user) => { this.user = user; @@ -154,7 +154,7 @@ export class UserViewPage extends LitElement {
{ - return new CoreApi(DEFAULT_CONFIG).coreUsersRecovery({ + return new CoreApi(DEFAULT_CONFIG).coreUsersRecoveryRetrieve({ id: this.user?.pk || 0, }).then(rec => { showMessage({ @@ -198,7 +198,7 @@ export class UserViewPage extends LitElement {
- +
@@ -206,7 +206,7 @@ export class UserViewPage extends LitElement {
- +
@@ -214,7 +214,7 @@ export class UserViewPage extends LitElement {
- +
diff --git a/website/developer-docs/api.md b/website/developer-docs/api.md index 25e41ebe18..1689099406 100644 --- a/website/developer-docs/api.md +++ b/website/developer-docs/api.md @@ -4,7 +4,7 @@ title: API Starting with 2021.3.5, every authentik instance has a built-in API browser, which can be accessed at https://authentik.company/api/v2beta/. -To generate an API client, you can use the Swagger schema at https://authentik.company/api/v2beta/swagger.json. +To generate an API client, you can use the OpenAPI v3 schema at https://authentik.company/api/v2beta/schema/. While testing, the API requests are authenticated by your browser session. diff --git a/website/developer-docs/local-dev-environment.md b/website/developer-docs/local-dev-environment.md index e44bcdb778..7bb909c01c 100644 --- a/website/developer-docs/local-dev-environment.md +++ b/website/developer-docs/local-dev-environment.md @@ -31,24 +31,18 @@ Most functions and classes have type-hints and docstrings, so it is recommended Before committing code, run `make lint` to ensure your code is formatted well. This also requires `pyright`, which can be installed with npm. -Run `make gen` to run all unittests and generated an updated swagger document for any changes you made. +Run `make gen` to generate an updated OpenAPI document for any changes you made. ## Frontend By default, no transpiled bundle of the frontend is included. To build the UI, you need Node 12 or newer. -The Frontend also uses a generated API client to talk with the backend. To generate this client, you can use the [openapitools/openapi-generator-cli](https://github.com/OpenAPITools/openapi-generator) CLI tool. +The Frontend also uses a generated API client to talk with the backend. To generate this client, [openapitools/openapi-generator-cli](https://github.com/OpenAPITools/openapi-generator) is used. If you want to generate the client without installing anything, run this command: ```shell -docker run \ - --rm -v $(pwd):/local \ - openapitools/openapi-generator-cli generate \ - -i /local/swagger.yaml \ - -g typescript-fetch \ - -o /local/web/api \ - --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 +make gen-web ``` To build the UI, run these commands: diff --git a/website/src/pages/api.jsx b/website/src/pages/api.jsx index fb50a85483..8652c682ea 100644 --- a/website/src/pages/api.jsx +++ b/website/src/pages/api.jsx @@ -10,7 +10,7 @@ function APIBrowser() { return (