openapi: 3.0.3 info: title: authentik version: 2025.6.2 description: Making authentication simple. contact: email: hello@goauthentik.io license: name: MIT url: https://github.com/goauthentik/authentik/blob/main/LICENSE paths: /admin/apps/: get: operationId: admin_apps_list description: Read-only view list all installed apps tags: - admin security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/App' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /admin/metrics/: get: operationId: admin_metrics_retrieve description: Login Metrics per 1h tags: - admin security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LoginMetrics' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /admin/models/: get: operationId: admin_models_list description: Read-only view list all installed models tags: - admin security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/App' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /admin/settings/: get: operationId: admin_settings_retrieve description: Settings view tags: - admin security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Settings' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: admin_settings_update description: Settings view tags: - admin requestBody: content: application/json: schema: $ref: '#/components/schemas/SettingsRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Settings' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: admin_settings_partial_update description: Settings view tags: - admin requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSettingsRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Settings' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /admin/system/: get: operationId: admin_system_retrieve description: Get system information. tags: - admin security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SystemInfo' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: admin_system_create description: Get system information. tags: - admin security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SystemInfo' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /admin/version/: get: operationId: admin_version_retrieve description: Get running and latest version. tags: - admin security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Version' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /admin/version/history/: get: operationId: admin_version_history_list description: VersionHistory Viewset parameters: - in: query name: build schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: search required: false in: query description: A search term. schema: type: string - in: query name: version schema: type: string tags: - admin security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/VersionHistory' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /admin/version/history/{id}/: get: operationId: admin_version_history_retrieve description: VersionHistory Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Version history. required: true tags: - admin security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/VersionHistory' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /admin/workers/: get: operationId: admin_workers_list description: Get currently connected worker count. tags: - admin security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/Worker' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/all/: get: operationId: authenticators_admin_all_list description: Get all devices for current user parameters: - in: query name: user schema: type: integer tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/Device' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/duo/: get: operationId: authenticators_admin_duo_list description: Viewset for Duo authenticator devices (for admins) parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedDuoDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: authenticators_admin_duo_create description: Viewset for Duo authenticator devices (for admins) tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/DuoDeviceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/DuoDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/duo/{id}/: get: operationId: authenticators_admin_duo_retrieve description: Viewset for Duo authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Duo Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DuoDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_admin_duo_update description: Viewset for Duo authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Duo Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/DuoDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DuoDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_admin_duo_partial_update description: Viewset for Duo authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Duo Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedDuoDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DuoDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_admin_duo_destroy description: Viewset for Duo authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Duo Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/email/: get: operationId: authenticators_admin_email_list description: Viewset for email authenticator devices (for admins) parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedEmailDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: authenticators_admin_email_create description: Viewset for email authenticator devices (for admins) tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/EmailDeviceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/EmailDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/email/{id}/: get: operationId: authenticators_admin_email_retrieve description: Viewset for email authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Email Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EmailDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_admin_email_update description: Viewset for email authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Email Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/EmailDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EmailDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_admin_email_partial_update description: Viewset for email authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Email Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedEmailDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EmailDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_admin_email_destroy description: Viewset for email authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Email Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/endpoint/: get: operationId: authenticators_admin_endpoint_list description: Viewset for Endpoint authenticator devices (for admins) parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedEndpointDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: authenticators_admin_endpoint_create description: Viewset for Endpoint authenticator devices (for admins) tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/EndpointDeviceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/EndpointDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/endpoint/{uuid}/: get: operationId: authenticators_admin_endpoint_retrieve description: Viewset for Endpoint authenticator devices (for admins) parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Endpoint Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EndpointDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_admin_endpoint_update description: Viewset for Endpoint authenticator devices (for admins) parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Endpoint Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/EndpointDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EndpointDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_admin_endpoint_partial_update description: Viewset for Endpoint authenticator devices (for admins) parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Endpoint Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedEndpointDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EndpointDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_admin_endpoint_destroy description: Viewset for Endpoint authenticator devices (for admins) parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Endpoint Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/sms/: get: operationId: authenticators_admin_sms_list description: Viewset for sms authenticator devices (for admins) parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSMSDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: authenticators_admin_sms_create description: Viewset for sms authenticator devices (for admins) tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/SMSDeviceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SMSDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/sms/{id}/: get: operationId: authenticators_admin_sms_retrieve description: Viewset for sms authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SMS Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SMSDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_admin_sms_update description: Viewset for sms authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SMS Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/SMSDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SMSDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_admin_sms_partial_update description: Viewset for sms authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SMS Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSMSDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SMSDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_admin_sms_destroy description: Viewset for sms authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SMS Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/static/: get: operationId: authenticators_admin_static_list description: Viewset for static authenticator devices (for admins) parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedStaticDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: authenticators_admin_static_create description: Viewset for static authenticator devices (for admins) tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/StaticDeviceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/StaticDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/static/{id}/: get: operationId: authenticators_admin_static_retrieve description: Viewset for static authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Static Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/StaticDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_admin_static_update description: Viewset for static authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Static Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/StaticDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/StaticDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_admin_static_partial_update description: Viewset for static authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Static Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedStaticDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/StaticDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_admin_static_destroy description: Viewset for static authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Static Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/totp/: get: operationId: authenticators_admin_totp_list description: Viewset for totp authenticator devices (for admins) parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedTOTPDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: authenticators_admin_totp_create description: Viewset for totp authenticator devices (for admins) tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/TOTPDeviceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/TOTPDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/totp/{id}/: get: operationId: authenticators_admin_totp_retrieve description: Viewset for totp authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this TOTP Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/TOTPDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_admin_totp_update description: Viewset for totp authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this TOTP Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/TOTPDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/TOTPDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_admin_totp_partial_update description: Viewset for totp authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this TOTP Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedTOTPDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/TOTPDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_admin_totp_destroy description: Viewset for totp authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this TOTP Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/webauthn/: get: operationId: authenticators_admin_webauthn_list description: Viewset for WebAuthn authenticator devices (for admins) parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedWebAuthnDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: authenticators_admin_webauthn_create description: Viewset for WebAuthn authenticator devices (for admins) tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/WebAuthnDeviceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/WebAuthnDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/admin/webauthn/{id}/: get: operationId: authenticators_admin_webauthn_retrieve description: Viewset for WebAuthn authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this WebAuthn Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/WebAuthnDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_admin_webauthn_update description: Viewset for WebAuthn authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this WebAuthn Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/WebAuthnDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/WebAuthnDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_admin_webauthn_partial_update description: Viewset for WebAuthn authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this WebAuthn Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/WebAuthnDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_admin_webauthn_destroy description: Viewset for WebAuthn authenticator devices (for admins) parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this WebAuthn Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/all/: get: operationId: authenticators_all_list description: Get all devices for current user tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/Device' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/duo/: get: operationId: authenticators_duo_list description: Viewset for Duo authenticator devices parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedDuoDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/duo/{id}/: get: operationId: authenticators_duo_retrieve description: Viewset for Duo authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Duo Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DuoDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_duo_update description: Viewset for Duo authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Duo Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/DuoDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DuoDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_duo_partial_update description: Viewset for Duo authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Duo Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedDuoDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DuoDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_duo_destroy description: Viewset for Duo authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Duo Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/duo/{id}/used_by/: get: operationId: authenticators_duo_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Duo Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/email/: get: operationId: authenticators_email_list description: Viewset for email authenticator devices parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedEmailDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/email/{id}/: get: operationId: authenticators_email_retrieve description: Viewset for email authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Email Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EmailDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_email_update description: Viewset for email authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Email Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/EmailDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EmailDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_email_partial_update description: Viewset for email authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Email Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedEmailDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EmailDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_email_destroy description: Viewset for email authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Email Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/email/{id}/used_by/: get: operationId: authenticators_email_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Email Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/endpoint/: get: operationId: authenticators_endpoint_list description: Viewset for Endpoint authenticator devices parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedEndpointDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/endpoint/{uuid}/: get: operationId: authenticators_endpoint_retrieve description: Viewset for Endpoint authenticator devices parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Endpoint Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EndpointDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/endpoint/{uuid}/used_by/: get: operationId: authenticators_endpoint_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Endpoint Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/sms/: get: operationId: authenticators_sms_list description: Viewset for sms authenticator devices parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSMSDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/sms/{id}/: get: operationId: authenticators_sms_retrieve description: Viewset for sms authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SMS Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SMSDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_sms_update description: Viewset for sms authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SMS Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/SMSDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SMSDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_sms_partial_update description: Viewset for sms authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SMS Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSMSDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SMSDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_sms_destroy description: Viewset for sms authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SMS Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/sms/{id}/used_by/: get: operationId: authenticators_sms_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SMS Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/static/: get: operationId: authenticators_static_list description: Viewset for static authenticator devices parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedStaticDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/static/{id}/: get: operationId: authenticators_static_retrieve description: Viewset for static authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Static Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/StaticDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_static_update description: Viewset for static authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Static Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/StaticDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/StaticDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_static_partial_update description: Viewset for static authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Static Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedStaticDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/StaticDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_static_destroy description: Viewset for static authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Static Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/static/{id}/used_by/: get: operationId: authenticators_static_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Static Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/totp/: get: operationId: authenticators_totp_list description: Viewset for totp authenticator devices parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedTOTPDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/totp/{id}/: get: operationId: authenticators_totp_retrieve description: Viewset for totp authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this TOTP Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/TOTPDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_totp_update description: Viewset for totp authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this TOTP Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/TOTPDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/TOTPDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_totp_partial_update description: Viewset for totp authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this TOTP Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedTOTPDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/TOTPDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_totp_destroy description: Viewset for totp authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this TOTP Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/totp/{id}/used_by/: get: operationId: authenticators_totp_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this TOTP Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/webauthn/: get: operationId: authenticators_webauthn_list description: Viewset for WebAuthn authenticator devices parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedWebAuthnDeviceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/webauthn/{id}/: get: operationId: authenticators_webauthn_retrieve description: Viewset for WebAuthn authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this WebAuthn Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/WebAuthnDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: authenticators_webauthn_update description: Viewset for WebAuthn authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this WebAuthn Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/WebAuthnDeviceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/WebAuthnDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: authenticators_webauthn_partial_update description: Viewset for WebAuthn authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this WebAuthn Device. required: true tags: - authenticators requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/WebAuthnDevice' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: authenticators_webauthn_destroy description: Viewset for WebAuthn authenticator devices parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this WebAuthn Device. required: true tags: - authenticators security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /authenticators/webauthn/{id}/used_by/: get: operationId: authenticators_webauthn_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this WebAuthn Device. required: true tags: - authenticators security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/application_entitlements/: get: operationId: core_application_entitlements_list description: ApplicationEntitlement Viewset parameters: - in: query name: app schema: type: string format: uuid - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: pbm_uuid schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedApplicationEntitlementList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: core_application_entitlements_create description: ApplicationEntitlement Viewset tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/ApplicationEntitlementRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/ApplicationEntitlement' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/application_entitlements/{pbm_uuid}/: get: operationId: core_application_entitlements_retrieve description: ApplicationEntitlement Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this Application Entitlement. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApplicationEntitlement' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: core_application_entitlements_update description: ApplicationEntitlement Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this Application Entitlement. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/ApplicationEntitlementRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApplicationEntitlement' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: core_application_entitlements_partial_update description: ApplicationEntitlement Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this Application Entitlement. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedApplicationEntitlementRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApplicationEntitlement' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: core_application_entitlements_destroy description: ApplicationEntitlement Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this Application Entitlement. required: true tags: - core security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/application_entitlements/{pbm_uuid}/used_by/: get: operationId: core_application_entitlements_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this Application Entitlement. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/applications/: get: operationId: core_applications_list description: Custom list method that checks Policy based access instead of guardian parameters: - in: query name: for_user schema: type: integer - in: query name: group schema: type: string - in: query name: meta_description schema: type: string - in: query name: meta_launch_url schema: type: string - in: query name: meta_publisher schema: type: string - in: query name: name schema: type: string - in: query name: only_with_launch_url schema: type: boolean - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: slug schema: type: string - in: query name: superuser_full_list schema: type: boolean tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedApplicationList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: core_applications_create description: Application Viewset tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/ApplicationRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/Application' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/applications/{slug}/: get: operationId: core_applications_retrieve description: Application Viewset parameters: - in: path name: slug schema: type: string description: Internal application name, used in URLs. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Application' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: core_applications_update description: Application Viewset parameters: - in: path name: slug schema: type: string description: Internal application name, used in URLs. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/ApplicationRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Application' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: core_applications_partial_update description: Application Viewset parameters: - in: path name: slug schema: type: string description: Internal application name, used in URLs. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedApplicationRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Application' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: core_applications_destroy description: Application Viewset parameters: - in: path name: slug schema: type: string description: Internal application name, used in URLs. required: true tags: - core security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/applications/{slug}/check_access/: get: operationId: core_applications_check_access_retrieve description: Check access to a single application by slug parameters: - in: query name: for_user schema: type: integer - in: path name: slug schema: type: string description: Internal application name, used in URLs. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PolicyTestResult' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/applications/{slug}/metrics/: get: operationId: core_applications_metrics_list description: Metrics for application logins parameters: - in: path name: slug schema: type: string description: Internal application name, used in URLs. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/Coordinate' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/applications/{slug}/set_icon/: post: operationId: core_applications_set_icon_create description: Set application icon parameters: - in: path name: slug schema: type: string description: Internal application name, used in URLs. required: true tags: - core requestBody: content: multipart/form-data: schema: $ref: '#/components/schemas/FileUploadRequest' security: - authentik: [] responses: '200': description: Success '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/applications/{slug}/set_icon_url/: post: operationId: core_applications_set_icon_url_create description: Set application icon (as URL) parameters: - in: path name: slug schema: type: string description: Internal application name, used in URLs. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/FilePathRequest' required: true security: - authentik: [] responses: '200': description: Success '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/applications/{slug}/used_by/: get: operationId: core_applications_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: slug schema: type: string description: Internal application name, used in URLs. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/authenticated_sessions/: get: operationId: core_authenticated_sessions_list description: AuthenticatedSession Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: session__last_ip schema: type: string - in: query name: session__last_user_agent schema: type: string - in: query name: user__username schema: type: string tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedAuthenticatedSessionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/authenticated_sessions/{uuid}/: get: operationId: core_authenticated_sessions_retrieve description: AuthenticatedSession Viewset parameters: - in: path name: uuid schema: type: string format: uuid required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatedSession' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: core_authenticated_sessions_destroy description: AuthenticatedSession Viewset parameters: - in: path name: uuid schema: type: string format: uuid required: true tags: - core security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/authenticated_sessions/{uuid}/used_by/: get: operationId: core_authenticated_sessions_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: uuid schema: type: string format: uuid required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/brands/: get: operationId: core_brands_list description: Brand Viewset parameters: - in: query name: brand_uuid schema: type: string format: uuid - in: query name: branding_default_flow_background schema: type: string - in: query name: branding_favicon schema: type: string - in: query name: branding_logo schema: type: string - in: query name: branding_title schema: type: string - in: query name: client_certificates schema: type: array items: type: string format: uuid explode: true style: form - in: query name: default schema: type: boolean - in: query name: domain schema: type: string - in: query name: flow_authentication schema: type: string format: uuid - in: query name: flow_device_code schema: type: string format: uuid - in: query name: flow_invalidation schema: type: string format: uuid - in: query name: flow_recovery schema: type: string format: uuid - in: query name: flow_unenrollment schema: type: string format: uuid - in: query name: flow_user_settings schema: type: string format: uuid - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: web_certificate schema: type: string format: uuid tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedBrandList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: core_brands_create description: Brand Viewset tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/BrandRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/Brand' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/brands/{brand_uuid}/: get: operationId: core_brands_retrieve description: Brand Viewset parameters: - in: path name: brand_uuid schema: type: string format: uuid description: A UUID string identifying this Brand. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Brand' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: core_brands_update description: Brand Viewset parameters: - in: path name: brand_uuid schema: type: string format: uuid description: A UUID string identifying this Brand. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/BrandRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Brand' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: core_brands_partial_update description: Brand Viewset parameters: - in: path name: brand_uuid schema: type: string format: uuid description: A UUID string identifying this Brand. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedBrandRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Brand' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: core_brands_destroy description: Brand Viewset parameters: - in: path name: brand_uuid schema: type: string format: uuid description: A UUID string identifying this Brand. required: true tags: - core security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/brands/{brand_uuid}/used_by/: get: operationId: core_brands_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: brand_uuid schema: type: string format: uuid description: A UUID string identifying this Brand. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/brands/current/: get: operationId: core_brands_current_retrieve description: Get current brand tags: - core security: - authentik: [] - {} responses: '200': content: application/json: schema: $ref: '#/components/schemas/CurrentBrand' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/groups/: get: operationId: core_groups_list description: Group Viewset parameters: - in: query name: attributes schema: type: string description: Attributes - in: query name: include_users schema: type: boolean default: true - in: query name: is_superuser schema: type: boolean - in: query name: members_by_pk schema: type: array items: type: integer explode: true style: form - in: query name: members_by_username schema: type: array items: type: string description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. explode: true style: form - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGroupList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: core_groups_create description: Group Viewset tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/Group' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/groups/{group_uuid}/: get: operationId: core_groups_retrieve description: Group Viewset parameters: - in: path name: group_uuid schema: type: string format: uuid description: A UUID string identifying this Group. required: true - in: query name: include_users schema: type: boolean default: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Group' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: core_groups_update description: Group Viewset parameters: - in: path name: group_uuid schema: type: string format: uuid description: A UUID string identifying this Group. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Group' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: core_groups_partial_update description: Group Viewset parameters: - in: path name: group_uuid schema: type: string format: uuid description: A UUID string identifying this Group. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedGroupRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Group' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: core_groups_destroy description: Group Viewset parameters: - in: path name: group_uuid schema: type: string format: uuid description: A UUID string identifying this Group. required: true tags: - core security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/groups/{group_uuid}/add_user/: post: operationId: core_groups_add_user_create description: Add user to group parameters: - in: path name: group_uuid schema: type: string format: uuid description: A UUID string identifying this Group. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/UserAccountRequest' required: true security: - authentik: [] responses: '204': description: User added '404': description: User not found '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/groups/{group_uuid}/remove_user/: post: operationId: core_groups_remove_user_create description: Add user to group parameters: - in: path name: group_uuid schema: type: string format: uuid description: A UUID string identifying this Group. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/UserAccountRequest' required: true security: - authentik: [] responses: '204': description: User added '404': description: User not found '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/groups/{group_uuid}/used_by/: get: operationId: core_groups_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: group_uuid schema: type: string format: uuid description: A UUID string identifying this Group. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/tokens/: get: operationId: core_tokens_list description: Token Viewset parameters: - in: query name: description schema: type: string - in: query name: expires schema: type: string format: date-time - in: query name: expiring schema: type: boolean - in: query name: identifier schema: type: string - in: query name: intent schema: type: string enum: - api - app_password - recovery - verification - in: query name: managed schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: user__username schema: type: string tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedTokenList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: core_tokens_create description: Token Viewset tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/TokenRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/Token' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/tokens/{identifier}/: get: operationId: core_tokens_retrieve description: Token Viewset parameters: - in: path name: identifier schema: type: string required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Token' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: core_tokens_update description: Token Viewset parameters: - in: path name: identifier schema: type: string required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/TokenRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Token' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: core_tokens_partial_update description: Token Viewset parameters: - in: path name: identifier schema: type: string required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedTokenRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Token' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: core_tokens_destroy description: Token Viewset parameters: - in: path name: identifier schema: type: string required: true tags: - core security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/tokens/{identifier}/set_key/: post: operationId: core_tokens_set_key_create description: |- Set token key. Action is logged as event. `authentik_core.set_token_key` permission is required. parameters: - in: path name: identifier schema: type: string required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/TokenSetKeyRequest' required: true security: - authentik: [] responses: '204': description: Successfully changed key '400': description: Missing key '404': description: Token not found or expired '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/tokens/{identifier}/used_by/: get: operationId: core_tokens_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: identifier schema: type: string required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/tokens/{identifier}/view_key/: get: operationId: core_tokens_view_key_retrieve description: Return token key and log access parameters: - in: path name: identifier schema: type: string required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/TokenView' description: '' '404': description: Token not found or expired '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/transactional/applications/: put: operationId: core_transactional_applications_update description: Convert data into a blueprint, validate it and apply it tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/TransactionApplicationRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/TransactionApplicationResponse' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/user_consent/: get: operationId: core_user_consent_list description: UserConsent Viewset parameters: - in: query name: application schema: type: string format: uuid - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: user schema: type: integer tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserConsentList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/user_consent/{id}/: get: operationId: core_user_consent_retrieve description: UserConsent Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Consent. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserConsent' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: core_user_consent_destroy description: UserConsent Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Consent. required: true tags: - core security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/user_consent/{id}/used_by/: get: operationId: core_user_consent_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Consent. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/: get: operationId: core_users_list description: User Viewset parameters: - in: query name: attributes schema: type: string description: Attributes - in: query name: email schema: type: string - in: query name: groups_by_name schema: type: array items: type: string explode: true style: form - in: query name: groups_by_pk schema: type: array items: type: string format: uuid explode: true style: form - in: query name: include_groups schema: type: boolean default: true - in: query name: is_active schema: type: boolean - in: query name: is_superuser schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: path schema: type: string - in: query name: path_startswith schema: type: string - name: search required: false in: query description: A search term. schema: type: string - in: query name: type schema: type: array items: type: string enum: - external - internal - internal_service_account - service_account explode: true style: form - in: query name: username schema: type: string - in: query name: uuid schema: type: string format: uuid tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: core_users_create description: User Viewset tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/UserRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/User' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/{id}/: get: operationId: core_users_retrieve description: User Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/User' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: core_users_update description: User Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/UserRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/User' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: core_users_partial_update description: User Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUserRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/User' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: core_users_destroy description: User Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - core security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/{id}/impersonate/: post: operationId: core_users_impersonate_create description: Impersonate a user parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/ImpersonationRequest' required: true security: - authentik: [] responses: '204': description: Successfully started impersonation '401': description: Access denied '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/{id}/metrics/: get: operationId: core_users_metrics_retrieve description: User metrics per 1h parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserMetrics' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/{id}/recovery/: post: operationId: core_users_recovery_create description: Create a temporary link that a user can use to recover their accounts parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Link' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/{id}/recovery_email/: post: operationId: core_users_recovery_email_create description: Create a temporary link that a user can use to recover their accounts parameters: - in: query name: email_stage schema: type: string required: true - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - core security: - authentik: [] responses: '204': description: Successfully sent recover email '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/{id}/set_password/: post: operationId: core_users_set_password_create description: Set password for user parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/UserPasswordSetRequest' required: true security: - authentik: [] responses: '204': description: Successfully changed password '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/{id}/used_by/: get: operationId: core_users_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - core security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/impersonate_end/: get: operationId: core_users_impersonate_end_retrieve description: End Impersonation a user tags: - core security: - authentik: [] responses: '204': description: Successfully started impersonation '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/me/: get: operationId: core_users_me_retrieve description: Get information about current user tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SessionUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/paths/: get: operationId: core_users_paths_retrieve description: Get all user paths parameters: - in: query name: search schema: type: string tags: - core security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserPath' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /core/users/service_account/: post: operationId: core_users_service_account_create description: Create a new user account that is marked as a service account tags: - core requestBody: content: application/json: schema: $ref: '#/components/schemas/UserServiceAccountRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserServiceAccountResponse' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /crypto/certificatekeypairs/: get: operationId: crypto_certificatekeypairs_list description: CertificateKeyPair Viewset parameters: - in: query name: has_key schema: type: boolean description: Only return certificate-key pairs with keys - in: query name: include_details schema: type: boolean default: true - in: query name: managed schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - crypto security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedCertificateKeyPairList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: crypto_certificatekeypairs_create description: CertificateKeyPair Viewset tags: - crypto requestBody: content: application/json: schema: $ref: '#/components/schemas/CertificateKeyPairRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/CertificateKeyPair' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /crypto/certificatekeypairs/{kp_uuid}/: get: operationId: crypto_certificatekeypairs_retrieve description: CertificateKeyPair Viewset parameters: - in: path name: kp_uuid schema: type: string format: uuid description: A UUID string identifying this Certificate-Key Pair. required: true tags: - crypto security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/CertificateKeyPair' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: crypto_certificatekeypairs_update description: CertificateKeyPair Viewset parameters: - in: path name: kp_uuid schema: type: string format: uuid description: A UUID string identifying this Certificate-Key Pair. required: true tags: - crypto requestBody: content: application/json: schema: $ref: '#/components/schemas/CertificateKeyPairRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/CertificateKeyPair' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: crypto_certificatekeypairs_partial_update description: CertificateKeyPair Viewset parameters: - in: path name: kp_uuid schema: type: string format: uuid description: A UUID string identifying this Certificate-Key Pair. required: true tags: - crypto requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedCertificateKeyPairRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/CertificateKeyPair' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: crypto_certificatekeypairs_destroy description: CertificateKeyPair Viewset parameters: - in: path name: kp_uuid schema: type: string format: uuid description: A UUID string identifying this Certificate-Key Pair. required: true tags: - crypto security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /crypto/certificatekeypairs/{kp_uuid}/used_by/: get: operationId: crypto_certificatekeypairs_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: kp_uuid schema: type: string format: uuid description: A UUID string identifying this Certificate-Key Pair. required: true tags: - crypto security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /crypto/certificatekeypairs/{kp_uuid}/view_certificate/: get: operationId: crypto_certificatekeypairs_view_certificate_retrieve description: Return certificate-key pairs certificate and log access parameters: - in: query name: download schema: type: boolean - in: path name: kp_uuid schema: type: string format: uuid description: A UUID string identifying this Certificate-Key Pair. required: true tags: - crypto security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/CertificateData' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /crypto/certificatekeypairs/{kp_uuid}/view_private_key/: get: operationId: crypto_certificatekeypairs_view_private_key_retrieve description: Return certificate-key pairs private key and log access parameters: - in: query name: download schema: type: boolean - in: path name: kp_uuid schema: type: string format: uuid description: A UUID string identifying this Certificate-Key Pair. required: true tags: - crypto security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/CertificateData' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /crypto/certificatekeypairs/generate/: post: operationId: crypto_certificatekeypairs_generate_create description: Generate a new, self-signed certificate-key pair tags: - crypto requestBody: content: application/json: schema: $ref: '#/components/schemas/CertificateGenerationRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/CertificateKeyPair' description: '' '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /enterprise/license/: get: operationId: enterprise_license_list description: License Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - enterprise security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedLicenseList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: enterprise_license_create description: License Viewset tags: - enterprise requestBody: content: application/json: schema: $ref: '#/components/schemas/LicenseRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/License' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /enterprise/license/{license_uuid}/: get: operationId: enterprise_license_retrieve description: License Viewset parameters: - in: path name: license_uuid schema: type: string format: uuid description: A UUID string identifying this License. required: true tags: - enterprise security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/License' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: enterprise_license_update description: License Viewset parameters: - in: path name: license_uuid schema: type: string format: uuid description: A UUID string identifying this License. required: true tags: - enterprise requestBody: content: application/json: schema: $ref: '#/components/schemas/LicenseRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/License' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: enterprise_license_partial_update description: License Viewset parameters: - in: path name: license_uuid schema: type: string format: uuid description: A UUID string identifying this License. required: true tags: - enterprise requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedLicenseRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/License' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: enterprise_license_destroy description: License Viewset parameters: - in: path name: license_uuid schema: type: string format: uuid description: A UUID string identifying this License. required: true tags: - enterprise security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /enterprise/license/{license_uuid}/used_by/: get: operationId: enterprise_license_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: license_uuid schema: type: string format: uuid description: A UUID string identifying this License. required: true tags: - enterprise security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /enterprise/license/forecast/: get: operationId: enterprise_license_forecast_retrieve description: Forecast how many users will be required in a year tags: - enterprise security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LicenseForecast' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /enterprise/license/install_id/: get: operationId: enterprise_license_install_id_retrieve description: Get install_id tags: - enterprise security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/InstallID' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /enterprise/license/summary/: get: operationId: enterprise_license_summary_retrieve description: Get the total license status parameters: - in: query name: cached schema: type: boolean default: true tags: - enterprise security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LicenseSummary' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/events/: get: operationId: events_events_list description: Event Read-Only Viewset parameters: - in: query name: action schema: type: string - in: query name: brand_name schema: type: string description: Brand name - in: query name: client_ip schema: type: string - in: query name: context_authorized_app schema: type: string description: Context Authorized application - in: query name: context_model_app schema: type: string description: Context Model App - in: query name: context_model_name schema: type: string description: Context Model Name - in: query name: context_model_pk schema: type: string description: Context Model Primary Key - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: username schema: type: string description: Username tags: - events security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedEventList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: events_events_create description: Event Read-Only Viewset tags: - events requestBody: content: application/json: schema: $ref: '#/components/schemas/EventRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/Event' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/events/{event_uuid}/: get: operationId: events_events_retrieve description: Event Read-Only Viewset parameters: - in: path name: event_uuid schema: type: string format: uuid description: A UUID string identifying this Event. required: true tags: - events security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Event' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: events_events_update description: Event Read-Only Viewset parameters: - in: path name: event_uuid schema: type: string format: uuid description: A UUID string identifying this Event. required: true tags: - events requestBody: content: application/json: schema: $ref: '#/components/schemas/EventRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Event' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: events_events_partial_update description: Event Read-Only Viewset parameters: - in: path name: event_uuid schema: type: string format: uuid description: A UUID string identifying this Event. required: true tags: - events requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedEventRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Event' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: events_events_destroy description: Event Read-Only Viewset parameters: - in: path name: event_uuid schema: type: string format: uuid description: A UUID string identifying this Event. required: true tags: - events security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/events/actions/: get: operationId: events_events_actions_list description: Get all actions tags: - events security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/TypeCreate' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/events/per_month/: get: operationId: events_events_per_month_list description: Get the count of events per month parameters: - in: query name: action schema: type: string - in: query name: query schema: type: string tags: - events security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/Coordinate' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/events/top_per_user/: get: operationId: events_events_top_per_user_list description: Get the top_n events grouped by user count parameters: - in: query name: action schema: type: string - in: query name: top_n schema: type: integer tags: - events security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/EventTopPerUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/events/volume/: get: operationId: events_events_volume_list description: Get event volume for specified filters and timeframe parameters: - in: query name: action schema: type: string - in: query name: brand_name schema: type: string description: Brand name - in: query name: client_ip schema: type: string - in: query name: context_authorized_app schema: type: string description: Context Authorized application - in: query name: context_model_app schema: type: string description: Context Model App - in: query name: context_model_name schema: type: string description: Context Model Name - in: query name: context_model_pk schema: type: string description: Context Model Primary Key - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: search required: false in: query description: A search term. schema: type: string - in: query name: username schema: type: string description: Username tags: - events security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/Coordinate' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/notifications/: get: operationId: events_notifications_list description: Notification Viewset parameters: - in: query name: body schema: type: string - in: query name: created schema: type: string format: date-time - in: query name: event schema: type: string format: uuid - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: seen schema: type: boolean - in: query name: severity schema: type: string enum: - alert - notice - warning - in: query name: user schema: type: integer tags: - events security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedNotificationList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/notifications/{uuid}/: get: operationId: events_notifications_retrieve description: Notification Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Notification. required: true tags: - events security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Notification' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: events_notifications_update description: Notification Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Notification. required: true tags: - events requestBody: content: application/json: schema: $ref: '#/components/schemas/NotificationRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Notification' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: events_notifications_partial_update description: Notification Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Notification. required: true tags: - events requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedNotificationRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Notification' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: events_notifications_destroy description: Notification Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Notification. required: true tags: - events security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/notifications/{uuid}/used_by/: get: operationId: events_notifications_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Notification. required: true tags: - events security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/notifications/mark_all_seen/: post: operationId: events_notifications_mark_all_seen_create description: Mark all the user's notifications as seen tags: - events security: - authentik: [] responses: '204': description: Marked tasks as read successfully. '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/rules/: get: operationId: events_rules_list description: NotificationRule Viewset parameters: - in: query name: group__name schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: severity schema: type: string enum: - alert - notice - warning description: |+ Controls which severity level the created notifications will have. tags: - events security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedNotificationRuleList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: events_rules_create description: NotificationRule Viewset tags: - events requestBody: content: application/json: schema: $ref: '#/components/schemas/NotificationRuleRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/NotificationRule' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/rules/{pbm_uuid}/: get: operationId: events_rules_retrieve description: NotificationRule Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this Notification Rule. required: true tags: - events security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationRule' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: events_rules_update description: NotificationRule Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this Notification Rule. required: true tags: - events requestBody: content: application/json: schema: $ref: '#/components/schemas/NotificationRuleRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationRule' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: events_rules_partial_update description: NotificationRule Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this Notification Rule. required: true tags: - events requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedNotificationRuleRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationRule' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: events_rules_destroy description: NotificationRule Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this Notification Rule. required: true tags: - events security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/rules/{pbm_uuid}/used_by/: get: operationId: events_rules_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this Notification Rule. required: true tags: - events security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/system_tasks/: get: operationId: events_system_tasks_list description: Read-only view set that returns all background tasks parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: status schema: type: string enum: - error - successful - unknown - warning - in: query name: uid schema: type: string tags: - events security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSystemTaskList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/system_tasks/{uuid}/: get: operationId: events_system_tasks_retrieve description: Read-only view set that returns all background tasks parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this System Task. required: true tags: - events security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SystemTask' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/system_tasks/{uuid}/run/: post: operationId: events_system_tasks_run_create description: Run task parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this System Task. required: true tags: - events security: - authentik: [] responses: '204': description: Task retried successfully '404': description: Task not found '500': description: Failed to retry task '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/transports/: get: operationId: events_transports_list description: NotificationTransport Viewset parameters: - in: query name: mode schema: type: string enum: - email - local - webhook - webhook_slack - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: send_once schema: type: boolean - in: query name: webhook_url schema: type: string tags: - events security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedNotificationTransportList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: events_transports_create description: NotificationTransport Viewset tags: - events requestBody: content: application/json: schema: $ref: '#/components/schemas/NotificationTransportRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/NotificationTransport' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/transports/{uuid}/: get: operationId: events_transports_retrieve description: NotificationTransport Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Notification Transport. required: true tags: - events security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationTransport' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: events_transports_update description: NotificationTransport Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Notification Transport. required: true tags: - events requestBody: content: application/json: schema: $ref: '#/components/schemas/NotificationTransportRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationTransport' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: events_transports_partial_update description: NotificationTransport Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Notification Transport. required: true tags: - events requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedNotificationTransportRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationTransport' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: events_transports_destroy description: NotificationTransport Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Notification Transport. required: true tags: - events security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/transports/{uuid}/test/: post: operationId: events_transports_test_create description: |- Send example notification using selected transport. Requires Modify permissions. parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Notification Transport. required: true tags: - events security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationTransportTest' description: '' '500': description: Failed to test transport '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /events/transports/{uuid}/used_by/: get: operationId: events_transports_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Notification Transport. required: true tags: - events security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/bindings/: get: operationId: flows_bindings_list description: FlowStageBinding Viewset parameters: - in: query name: evaluate_on_plan schema: type: boolean - in: query name: fsb_uuid schema: type: string format: uuid - in: query name: invalid_response_action schema: type: string enum: - restart - restart_with_context - retry description: |+ Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. - in: query name: order schema: type: integer - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: pbm_uuid schema: type: string format: uuid - in: query name: policies schema: type: array items: type: string format: uuid explode: true style: form - in: query name: policy_engine_mode schema: type: string enum: - all - any - in: query name: re_evaluate_policies schema: type: boolean - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage schema: type: string format: uuid - in: query name: target schema: type: string format: uuid tags: - flows security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedFlowStageBindingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: flows_bindings_create description: FlowStageBinding Viewset tags: - flows requestBody: content: application/json: schema: $ref: '#/components/schemas/FlowStageBindingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/FlowStageBinding' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/bindings/{fsb_uuid}/: get: operationId: flows_bindings_retrieve description: FlowStageBinding Viewset parameters: - in: path name: fsb_uuid schema: type: string format: uuid description: A UUID string identifying this Flow Stage Binding. required: true tags: - flows security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/FlowStageBinding' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: flows_bindings_update description: FlowStageBinding Viewset parameters: - in: path name: fsb_uuid schema: type: string format: uuid description: A UUID string identifying this Flow Stage Binding. required: true tags: - flows requestBody: content: application/json: schema: $ref: '#/components/schemas/FlowStageBindingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/FlowStageBinding' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: flows_bindings_partial_update description: FlowStageBinding Viewset parameters: - in: path name: fsb_uuid schema: type: string format: uuid description: A UUID string identifying this Flow Stage Binding. required: true tags: - flows requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedFlowStageBindingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/FlowStageBinding' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: flows_bindings_destroy description: FlowStageBinding Viewset parameters: - in: path name: fsb_uuid schema: type: string format: uuid description: A UUID string identifying this Flow Stage Binding. required: true tags: - flows security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/bindings/{fsb_uuid}/used_by/: get: operationId: flows_bindings_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: fsb_uuid schema: type: string format: uuid description: A UUID string identifying this Flow Stage Binding. required: true tags: - flows security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/executor/{flow_slug}/: get: operationId: flows_executor_get description: Get the next pending challenge from the currently active flow. parameters: - in: path name: flow_slug schema: type: string required: true - in: query name: query schema: type: string description: Querystring as received required: true tags: - flows security: - authentik: [] - {} responses: '200': content: application/json: schema: $ref: '#/components/schemas/ChallengeTypes' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: flows_executor_solve description: Solve the previously retrieved challenge and advanced to the next stage. parameters: - in: path name: flow_slug schema: type: string required: true - in: query name: query schema: type: string description: Querystring as received required: true tags: - flows requestBody: content: application/json: schema: $ref: '#/components/schemas/FlowChallengeResponseRequest' security: - authentik: [] - {} responses: '200': content: application/json: schema: $ref: '#/components/schemas/ChallengeTypes' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/inspector/{flow_slug}/: get: operationId: flows_inspector_get description: Get current flow state and record it parameters: - in: path name: flow_slug schema: type: string required: true tags: - flows security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/FlowInspection' description: '' '400': description: No flow plan in session. '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/instances/: get: operationId: flows_instances_list description: Flow Viewset parameters: - in: query name: denied_action schema: type: string enum: - continue - message - message_continue description: |+ Configure what should happen when a flow denies access to a user. - in: query name: designation schema: type: string enum: - authentication - authorization - enrollment - invalidation - recovery - stage_configuration - unenrollment description: |+ Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. - in: query name: flow_uuid schema: type: string format: uuid - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: slug schema: type: string tags: - flows security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedFlowList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: flows_instances_create description: Flow Viewset tags: - flows requestBody: content: application/json: schema: $ref: '#/components/schemas/FlowRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/Flow' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/instances/{slug}/: get: operationId: flows_instances_retrieve description: Flow Viewset parameters: - in: path name: slug schema: type: string description: Visible in the URL. required: true tags: - flows security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Flow' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: flows_instances_update description: Flow Viewset parameters: - in: path name: slug schema: type: string description: Visible in the URL. required: true tags: - flows requestBody: content: application/json: schema: $ref: '#/components/schemas/FlowRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Flow' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: flows_instances_partial_update description: Flow Viewset parameters: - in: path name: slug schema: type: string description: Visible in the URL. required: true tags: - flows requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedFlowRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Flow' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: flows_instances_destroy description: Flow Viewset parameters: - in: path name: slug schema: type: string description: Visible in the URL. required: true tags: - flows security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/instances/{slug}/diagram/: get: operationId: flows_instances_diagram_retrieve description: Return diagram for flow with slug `slug`, in the format used by flowchart.js parameters: - in: path name: slug schema: type: string description: Visible in the URL. required: true tags: - flows security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/FlowDiagram' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/instances/{slug}/execute/: get: operationId: flows_instances_execute_retrieve description: Execute flow for current user parameters: - in: path name: slug schema: type: string description: Visible in the URL. required: true tags: - flows security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Link' description: '' '400': description: Flow not applicable '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/instances/{slug}/export/: get: operationId: flows_instances_export_retrieve description: Export flow to .yaml file parameters: - in: path name: slug schema: type: string description: Visible in the URL. required: true tags: - flows security: - authentik: [] responses: '200': content: application/json: schema: type: string format: binary description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/instances/{slug}/set_background/: post: operationId: flows_instances_set_background_create description: Set Flow background parameters: - in: path name: slug schema: type: string description: Visible in the URL. required: true tags: - flows requestBody: content: multipart/form-data: schema: $ref: '#/components/schemas/FileUploadRequest' security: - authentik: [] responses: '200': description: Success '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/instances/{slug}/set_background_url/: post: operationId: flows_instances_set_background_url_create description: Set Flow background (as URL) parameters: - in: path name: slug schema: type: string description: Visible in the URL. required: true tags: - flows requestBody: content: application/json: schema: $ref: '#/components/schemas/FilePathRequest' required: true security: - authentik: [] responses: '200': description: Success '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/instances/{slug}/used_by/: get: operationId: flows_instances_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: slug schema: type: string description: Visible in the URL. required: true tags: - flows security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/instances/cache_clear/: post: operationId: flows_instances_cache_clear_create description: Clear flow cache tags: - flows security: - authentik: [] responses: '204': description: Successfully cleared cache '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/instances/cache_info/: get: operationId: flows_instances_cache_info_retrieve description: Info about cached flows tags: - flows security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Cache' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /flows/instances/import/: post: operationId: flows_instances_import_create description: Import flow from .yaml file tags: - flows requestBody: content: multipart/form-data: schema: $ref: '#/components/schemas/FileUploadRequest' security: - authentik: [] responses: '204': content: application/json: schema: $ref: '#/components/schemas/FlowImportResult' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/FlowImportResult' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /managed/blueprints/: get: operationId: managed_blueprints_list description: Blueprint instances parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: path schema: type: string - name: search required: false in: query description: A search term. schema: type: string tags: - managed security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedBlueprintInstanceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: managed_blueprints_create description: Blueprint instances tags: - managed requestBody: content: application/json: schema: $ref: '#/components/schemas/BlueprintInstanceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/BlueprintInstance' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /managed/blueprints/{instance_uuid}/: get: operationId: managed_blueprints_retrieve description: Blueprint instances parameters: - in: path name: instance_uuid schema: type: string format: uuid description: A UUID string identifying this Blueprint Instance. required: true tags: - managed security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/BlueprintInstance' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: managed_blueprints_update description: Blueprint instances parameters: - in: path name: instance_uuid schema: type: string format: uuid description: A UUID string identifying this Blueprint Instance. required: true tags: - managed requestBody: content: application/json: schema: $ref: '#/components/schemas/BlueprintInstanceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/BlueprintInstance' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: managed_blueprints_partial_update description: Blueprint instances parameters: - in: path name: instance_uuid schema: type: string format: uuid description: A UUID string identifying this Blueprint Instance. required: true tags: - managed requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedBlueprintInstanceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/BlueprintInstance' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: managed_blueprints_destroy description: Blueprint instances parameters: - in: path name: instance_uuid schema: type: string format: uuid description: A UUID string identifying this Blueprint Instance. required: true tags: - managed security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /managed/blueprints/{instance_uuid}/apply/: post: operationId: managed_blueprints_apply_create description: Apply a blueprint parameters: - in: path name: instance_uuid schema: type: string format: uuid description: A UUID string identifying this Blueprint Instance. required: true tags: - managed security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/BlueprintInstance' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /managed/blueprints/{instance_uuid}/used_by/: get: operationId: managed_blueprints_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: instance_uuid schema: type: string format: uuid description: A UUID string identifying this Blueprint Instance. required: true tags: - managed security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /managed/blueprints/available/: get: operationId: managed_blueprints_available_list description: Get blueprints tags: - managed security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/BlueprintFile' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /oauth2/access_tokens/: get: operationId: oauth2_access_tokens_list description: AccessToken Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: user schema: type: integer tags: - oauth2 security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedTokenModelList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /oauth2/access_tokens/{id}/: get: operationId: oauth2_access_tokens_retrieve description: AccessToken Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2 Access Token. required: true tags: - oauth2 security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/TokenModel' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: oauth2_access_tokens_destroy description: AccessToken Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2 Access Token. required: true tags: - oauth2 security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /oauth2/access_tokens/{id}/used_by/: get: operationId: oauth2_access_tokens_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2 Access Token. required: true tags: - oauth2 security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /oauth2/authorization_codes/: get: operationId: oauth2_authorization_codes_list description: AuthorizationCode Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: user schema: type: integer tags: - oauth2 security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /oauth2/authorization_codes/{id}/: get: operationId: oauth2_authorization_codes_retrieve description: AuthorizationCode Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Authorization Code. required: true tags: - oauth2 security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExpiringBaseGrantModel' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: oauth2_authorization_codes_destroy description: AuthorizationCode Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Authorization Code. required: true tags: - oauth2 security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /oauth2/authorization_codes/{id}/used_by/: get: operationId: oauth2_authorization_codes_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Authorization Code. required: true tags: - oauth2 security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /oauth2/refresh_tokens/: get: operationId: oauth2_refresh_tokens_list description: RefreshToken Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: user schema: type: integer tags: - oauth2 security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedTokenModelList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /oauth2/refresh_tokens/{id}/: get: operationId: oauth2_refresh_tokens_retrieve description: RefreshToken Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2 Refresh Token. required: true tags: - oauth2 security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/TokenModel' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: oauth2_refresh_tokens_destroy description: RefreshToken Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2 Refresh Token. required: true tags: - oauth2 security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /oauth2/refresh_tokens/{id}/used_by/: get: operationId: oauth2_refresh_tokens_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2 Refresh Token. required: true tags: - oauth2 security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/instances/: get: operationId: outposts_instances_list description: Outpost Viewset parameters: - in: query name: managed__icontains schema: type: string - in: query name: managed__iexact schema: type: string - in: query name: name__icontains schema: type: string - in: query name: name__iexact schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: providers__isnull schema: type: boolean - in: query name: providers_by_pk schema: type: array items: type: integer explode: true style: form - name: search required: false in: query description: A search term. schema: type: string - in: query name: service_connection__name__icontains schema: type: string - in: query name: service_connection__name__iexact schema: type: string tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedOutpostList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: outposts_instances_create description: Outpost Viewset tags: - outposts requestBody: content: application/json: schema: $ref: '#/components/schemas/OutpostRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/Outpost' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/instances/{uuid}/: get: operationId: outposts_instances_retrieve description: Outpost Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Outpost. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Outpost' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: outposts_instances_update description: Outpost Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Outpost. required: true tags: - outposts requestBody: content: application/json: schema: $ref: '#/components/schemas/OutpostRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Outpost' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: outposts_instances_partial_update description: Outpost Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Outpost. required: true tags: - outposts requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedOutpostRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Outpost' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: outposts_instances_destroy description: Outpost Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Outpost. required: true tags: - outposts security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/instances/{uuid}/health/: get: operationId: outposts_instances_health_list description: Get outposts current health parameters: - in: query name: managed__icontains schema: type: string - in: query name: managed__iexact schema: type: string - in: query name: name__icontains schema: type: string - in: query name: name__iexact schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - in: query name: providers__isnull schema: type: boolean - in: query name: providers_by_pk schema: type: array items: type: integer explode: true style: form - name: search required: false in: query description: A search term. schema: type: string - in: query name: service_connection__name__icontains schema: type: string - in: query name: service_connection__name__iexact schema: type: string - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Outpost. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/OutpostHealth' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/instances/{uuid}/used_by/: get: operationId: outposts_instances_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Outpost. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/instances/default_settings/: get: operationId: outposts_instances_default_settings_retrieve description: Global default outpost config tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/OutpostDefaultConfig' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/ldap/: get: operationId: outposts_ldap_list description: LDAPProvider Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedLDAPOutpostConfigList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/ldap/{id}/check_access/: get: operationId: outposts_ldap_access_check description: Check access to a single application by slug parameters: - in: query name: app_slug schema: type: string - in: path name: id schema: type: integer description: A unique integer value identifying this LDAP Provider. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LDAPCheckAccess' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/proxy/: get: operationId: outposts_proxy_list description: ProxyProvider Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedProxyOutpostConfigList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/radius/: get: operationId: outposts_radius_list description: RadiusProvider Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedRadiusOutpostConfigList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/radius/{id}/check_access/: get: operationId: outposts_radius_access_check description: Check access to a single application by slug parameters: - in: query name: app_slug schema: type: string - in: path name: id schema: type: integer description: A unique integer value identifying this Radius Provider. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RadiusCheckAccess' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/service_connections/all/: get: operationId: outposts_service_connections_all_list description: ServiceConnection Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedServiceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/service_connections/all/{uuid}/: get: operationId: outposts_service_connections_all_retrieve description: ServiceConnection Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Outpost Service-Connection. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ServiceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: outposts_service_connections_all_destroy description: ServiceConnection Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Outpost Service-Connection. required: true tags: - outposts security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/service_connections/all/{uuid}/state/: get: operationId: outposts_service_connections_all_state_retrieve description: Get the service connection's state parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Outpost Service-Connection. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ServiceConnectionState' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/service_connections/all/{uuid}/used_by/: get: operationId: outposts_service_connections_all_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Outpost Service-Connection. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/service_connections/all/types/: get: operationId: outposts_service_connections_all_types_list description: Get all creatable types tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/TypeCreate' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/service_connections/docker/: get: operationId: outposts_service_connections_docker_list description: DockerServiceConnection Viewset parameters: - in: query name: local schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: tls_authentication schema: type: string format: uuid - in: query name: tls_verification schema: type: string format: uuid - in: query name: url schema: type: string tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedDockerServiceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: outposts_service_connections_docker_create description: DockerServiceConnection Viewset tags: - outposts requestBody: content: application/json: schema: $ref: '#/components/schemas/DockerServiceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/DockerServiceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/service_connections/docker/{uuid}/: get: operationId: outposts_service_connections_docker_retrieve description: DockerServiceConnection Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Docker Service-Connection. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DockerServiceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: outposts_service_connections_docker_update description: DockerServiceConnection Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Docker Service-Connection. required: true tags: - outposts requestBody: content: application/json: schema: $ref: '#/components/schemas/DockerServiceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DockerServiceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: outposts_service_connections_docker_partial_update description: DockerServiceConnection Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Docker Service-Connection. required: true tags: - outposts requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DockerServiceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: outposts_service_connections_docker_destroy description: DockerServiceConnection Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Docker Service-Connection. required: true tags: - outposts security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/service_connections/docker/{uuid}/used_by/: get: operationId: outposts_service_connections_docker_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Docker Service-Connection. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/service_connections/kubernetes/: get: operationId: outposts_service_connections_kubernetes_list description: KubernetesServiceConnection Viewset parameters: - in: query name: local schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedKubernetesServiceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: outposts_service_connections_kubernetes_create description: KubernetesServiceConnection Viewset tags: - outposts requestBody: content: application/json: schema: $ref: '#/components/schemas/KubernetesServiceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/KubernetesServiceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/service_connections/kubernetes/{uuid}/: get: operationId: outposts_service_connections_kubernetes_retrieve description: KubernetesServiceConnection Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Kubernetes Service-Connection. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/KubernetesServiceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: outposts_service_connections_kubernetes_update description: KubernetesServiceConnection Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Kubernetes Service-Connection. required: true tags: - outposts requestBody: content: application/json: schema: $ref: '#/components/schemas/KubernetesServiceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/KubernetesServiceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: outposts_service_connections_kubernetes_partial_update description: KubernetesServiceConnection Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Kubernetes Service-Connection. required: true tags: - outposts requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/KubernetesServiceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: outposts_service_connections_kubernetes_destroy description: KubernetesServiceConnection Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Kubernetes Service-Connection. required: true tags: - outposts security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /outposts/service_connections/kubernetes/{uuid}/used_by/: get: operationId: outposts_service_connections_kubernetes_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Kubernetes Service-Connection. required: true tags: - outposts security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/all/: get: operationId: policies_all_list description: Policy Viewset parameters: - in: query name: bindings__isnull schema: type: boolean - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: promptstage__isnull schema: type: boolean - name: search required: false in: query description: A search term. schema: type: string tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedPolicyList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/all/{policy_uuid}/: get: operationId: policies_all_retrieve description: Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Policy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: policies_all_destroy description: Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Policy. required: true tags: - policies security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/all/{policy_uuid}/test/: post: operationId: policies_all_test_create description: Test policy parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PolicyTestRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PolicyTestResult' description: '' '400': description: Invalid parameters '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/all/{policy_uuid}/used_by/: get: operationId: policies_all_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/all/cache_clear/: post: operationId: policies_all_cache_clear_create description: Clear policy cache tags: - policies security: - authentik: [] responses: '204': description: Successfully cleared cache '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/all/cache_info/: get: operationId: policies_all_cache_info_retrieve description: Info about cached policies tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Cache' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/all/types/: get: operationId: policies_all_types_list description: Get all creatable types tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/TypeCreate' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/bindings/: get: operationId: policies_bindings_list description: PolicyBinding Viewset parameters: - in: query name: enabled schema: type: boolean - in: query name: order schema: type: integer - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: policy schema: type: string format: uuid - in: query name: policy__isnull schema: type: boolean - name: search required: false in: query description: A search term. schema: type: string - in: query name: target schema: type: string format: uuid - in: query name: target_in schema: type: array items: type: string format: uuid explode: true style: form - in: query name: timeout schema: type: integer tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedPolicyBindingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: policies_bindings_create description: PolicyBinding Viewset tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PolicyBindingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/PolicyBinding' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/bindings/{policy_binding_uuid}/: get: operationId: policies_bindings_retrieve description: PolicyBinding Viewset parameters: - in: path name: policy_binding_uuid schema: type: string format: uuid description: A UUID string identifying this Policy Binding. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PolicyBinding' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: policies_bindings_update description: PolicyBinding Viewset parameters: - in: path name: policy_binding_uuid schema: type: string format: uuid description: A UUID string identifying this Policy Binding. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PolicyBindingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PolicyBinding' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: policies_bindings_partial_update description: PolicyBinding Viewset parameters: - in: path name: policy_binding_uuid schema: type: string format: uuid description: A UUID string identifying this Policy Binding. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedPolicyBindingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PolicyBinding' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: policies_bindings_destroy description: PolicyBinding Viewset parameters: - in: path name: policy_binding_uuid schema: type: string format: uuid description: A UUID string identifying this Policy Binding. required: true tags: - policies security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/bindings/{policy_binding_uuid}/used_by/: get: operationId: policies_bindings_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: policy_binding_uuid schema: type: string format: uuid description: A UUID string identifying this Policy Binding. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/dummy/: get: operationId: policies_dummy_list description: Dummy Viewset parameters: - in: query name: created schema: type: string format: date-time - in: query name: execution_logging schema: type: boolean - in: query name: last_updated schema: type: string format: date-time - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: policy_uuid schema: type: string format: uuid - in: query name: result schema: type: boolean - name: search required: false in: query description: A search term. schema: type: string - in: query name: wait_max schema: type: integer - in: query name: wait_min schema: type: integer tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedDummyPolicyList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: policies_dummy_create description: Dummy Viewset tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/DummyPolicyRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/DummyPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/dummy/{policy_uuid}/: get: operationId: policies_dummy_retrieve description: Dummy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Dummy Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DummyPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: policies_dummy_update description: Dummy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Dummy Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/DummyPolicyRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DummyPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: policies_dummy_partial_update description: Dummy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Dummy Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedDummyPolicyRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DummyPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: policies_dummy_destroy description: Dummy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Dummy Policy. required: true tags: - policies security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/dummy/{policy_uuid}/used_by/: get: operationId: policies_dummy_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Dummy Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/event_matcher/: get: operationId: policies_event_matcher_list description: Event Matcher Policy Viewset parameters: - in: query name: action schema: type: string nullable: true enum: - authorize_application - configuration_error - custom_ - email_sent - flow_execution - impersonation_ended - impersonation_started - invitation_used - login - login_failed - logout - model_created - model_deleted - model_updated - password_set - policy_exception - policy_execution - property_mapping_exception - secret_rotate - secret_view - source_linked - suspicious_request - system_exception - system_task_exception - system_task_execution - update_available - user_write description: |+ Match created events with this action type. When left empty, all action types will be matched. - in: query name: app schema: type: string - in: query name: client_ip schema: type: string - in: query name: created schema: type: string format: date-time - in: query name: execution_logging schema: type: boolean - in: query name: last_updated schema: type: string format: date-time - in: query name: model schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: policy_uuid schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedEventMatcherPolicyList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: policies_event_matcher_create description: Event Matcher Policy Viewset tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/EventMatcherPolicyRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/EventMatcherPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/event_matcher/{policy_uuid}/: get: operationId: policies_event_matcher_retrieve description: Event Matcher Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Event Matcher Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EventMatcherPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: policies_event_matcher_update description: Event Matcher Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Event Matcher Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/EventMatcherPolicyRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EventMatcherPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: policies_event_matcher_partial_update description: Event Matcher Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Event Matcher Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EventMatcherPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: policies_event_matcher_destroy description: Event Matcher Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Event Matcher Policy. required: true tags: - policies security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/event_matcher/{policy_uuid}/used_by/: get: operationId: policies_event_matcher_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Event Matcher Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/expression/: get: operationId: policies_expression_list description: Source Viewset parameters: - in: query name: created schema: type: string format: date-time - in: query name: execution_logging schema: type: boolean - in: query name: expression schema: type: string - in: query name: last_updated schema: type: string format: date-time - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: policy_uuid schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedExpressionPolicyList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: policies_expression_create description: Source Viewset tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/ExpressionPolicyRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/ExpressionPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/expression/{policy_uuid}/: get: operationId: policies_expression_retrieve description: Source Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Expression Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExpressionPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: policies_expression_update description: Source Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Expression Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/ExpressionPolicyRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExpressionPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: policies_expression_partial_update description: Source Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Expression Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedExpressionPolicyRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExpressionPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: policies_expression_destroy description: Source Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Expression Policy. required: true tags: - policies security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/expression/{policy_uuid}/used_by/: get: operationId: policies_expression_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Expression Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/geoip/: get: operationId: policies_geoip_list description: GeoIP Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGeoIPPolicyList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: policies_geoip_create description: GeoIP Viewset tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/GeoIPPolicyRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/GeoIPPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/geoip/{policy_uuid}/: get: operationId: policies_geoip_retrieve description: GeoIP Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this GeoIP Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GeoIPPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: policies_geoip_update description: GeoIP Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this GeoIP Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/GeoIPPolicyRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GeoIPPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: policies_geoip_partial_update description: GeoIP Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this GeoIP Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedGeoIPPolicyRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GeoIPPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: policies_geoip_destroy description: GeoIP Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this GeoIP Policy. required: true tags: - policies security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/geoip/{policy_uuid}/used_by/: get: operationId: policies_geoip_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this GeoIP Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/geoip_iso3166/: get: operationId: policies_geoip_iso3166_list description: Get all countries in ISO-3166-1 tags: - policies security: - authentik: [] - {} responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/DetailedCountry' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/password/: get: operationId: policies_password_list description: Password Policy Viewset parameters: - in: query name: amount_digits schema: type: integer - in: query name: amount_lowercase schema: type: integer - in: query name: amount_symbols schema: type: integer - in: query name: amount_uppercase schema: type: integer - in: query name: check_have_i_been_pwned schema: type: boolean - in: query name: check_static_rules schema: type: boolean - in: query name: check_zxcvbn schema: type: boolean - in: query name: created schema: type: string format: date-time - in: query name: error_message schema: type: string - in: query name: execution_logging schema: type: boolean - in: query name: hibp_allowed_count schema: type: integer - in: query name: last_updated schema: type: string format: date-time - in: query name: length_min schema: type: integer - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: password_field schema: type: string - in: query name: policy_uuid schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string - in: query name: symbol_charset schema: type: string - in: query name: zxcvbn_score_threshold schema: type: integer tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedPasswordPolicyList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: policies_password_create description: Password Policy Viewset tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PasswordPolicyRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/PasswordPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/password/{policy_uuid}/: get: operationId: policies_password_retrieve description: Password Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PasswordPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: policies_password_update description: Password Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PasswordPolicyRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PasswordPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: policies_password_partial_update description: Password Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedPasswordPolicyRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PasswordPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: policies_password_destroy description: Password Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Policy. required: true tags: - policies security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/password/{policy_uuid}/used_by/: get: operationId: policies_password_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/password_expiry/: get: operationId: policies_password_expiry_list description: Password Expiry Viewset parameters: - in: query name: created schema: type: string format: date-time - in: query name: days schema: type: integer - in: query name: deny_only schema: type: boolean - in: query name: execution_logging schema: type: boolean - in: query name: last_updated schema: type: string format: date-time - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: policy_uuid schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedPasswordExpiryPolicyList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: policies_password_expiry_create description: Password Expiry Viewset tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PasswordExpiryPolicyRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/PasswordExpiryPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/password_expiry/{policy_uuid}/: get: operationId: policies_password_expiry_retrieve description: Password Expiry Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Expiry Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PasswordExpiryPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: policies_password_expiry_update description: Password Expiry Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Expiry Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PasswordExpiryPolicyRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PasswordExpiryPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: policies_password_expiry_partial_update description: Password Expiry Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Expiry Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PasswordExpiryPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: policies_password_expiry_destroy description: Password Expiry Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Expiry Policy. required: true tags: - policies security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/password_expiry/{policy_uuid}/used_by/: get: operationId: policies_password_expiry_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Expiry Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/reputation/: get: operationId: policies_reputation_list description: Reputation Policy Viewset parameters: - in: query name: check_ip schema: type: boolean - in: query name: check_username schema: type: boolean - in: query name: created schema: type: string format: date-time - in: query name: execution_logging schema: type: boolean - in: query name: last_updated schema: type: string format: date-time - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: policy_uuid schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string - in: query name: threshold schema: type: integer tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedReputationPolicyList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: policies_reputation_create description: Reputation Policy Viewset tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/ReputationPolicyRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/ReputationPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/reputation/{policy_uuid}/: get: operationId: policies_reputation_retrieve description: Reputation Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Reputation Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ReputationPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: policies_reputation_update description: Reputation Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Reputation Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/ReputationPolicyRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ReputationPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: policies_reputation_partial_update description: Reputation Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Reputation Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedReputationPolicyRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ReputationPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: policies_reputation_destroy description: Reputation Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Reputation Policy. required: true tags: - policies security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/reputation/{policy_uuid}/used_by/: get: operationId: policies_reputation_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Reputation Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/reputation/scores/: get: operationId: policies_reputation_scores_list description: Reputation Viewset parameters: - in: query name: identifier schema: type: string - in: query name: identifier_in schema: type: array items: type: string description: Multiple values may be separated by commas. explode: false style: form - in: query name: ip schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: score schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedReputationList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/reputation/scores/{reputation_uuid}/: get: operationId: policies_reputation_scores_retrieve description: Reputation Viewset parameters: - in: path name: reputation_uuid schema: type: string format: uuid description: A UUID string identifying this Reputation Score. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Reputation' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: policies_reputation_scores_destroy description: Reputation Viewset parameters: - in: path name: reputation_uuid schema: type: string format: uuid description: A UUID string identifying this Reputation Score. required: true tags: - policies security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/reputation/scores/{reputation_uuid}/used_by/: get: operationId: policies_reputation_scores_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: reputation_uuid schema: type: string format: uuid description: A UUID string identifying this Reputation Score. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/unique_password/: get: operationId: policies_unique_password_list description: Password Uniqueness Policy Viewset parameters: - in: query name: created schema: type: string format: date-time - in: query name: execution_logging schema: type: boolean - in: query name: last_updated schema: type: string format: date-time - in: query name: name schema: type: string - in: query name: num_historical_passwords schema: type: integer - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: password_field schema: type: string - in: query name: policy_uuid schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUniquePasswordPolicyList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: policies_unique_password_create description: Password Uniqueness Policy Viewset tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/UniquePasswordPolicyRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/UniquePasswordPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/unique_password/{policy_uuid}/: get: operationId: policies_unique_password_retrieve description: Password Uniqueness Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Uniqueness Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UniquePasswordPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: policies_unique_password_update description: Password Uniqueness Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Uniqueness Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/UniquePasswordPolicyRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UniquePasswordPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: policies_unique_password_partial_update description: Password Uniqueness Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Uniqueness Policy. required: true tags: - policies requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUniquePasswordPolicyRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UniquePasswordPolicy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: policies_unique_password_destroy description: Password Uniqueness Policy Viewset parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Uniqueness Policy. required: true tags: - policies security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /policies/unique_password/{policy_uuid}/used_by/: get: operationId: policies_unique_password_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: policy_uuid schema: type: string format: uuid description: A UUID string identifying this Password Uniqueness Policy. required: true tags: - policies security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/all/: get: operationId: propertymappings_all_list description: PropertyMapping Viewset parameters: - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: managed__isnull schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedPropertyMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/all/{pm_uuid}/: get: operationId: propertymappings_all_retrieve description: PropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_all_destroy description: PropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/all/{pm_uuid}/test/: post: operationId: propertymappings_all_test_create description: Test Property Mapping parameters: - in: query name: format_result schema: type: boolean - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PropertyMappingTestRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PropertyMappingTestResult' description: '' '400': description: Invalid parameters '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/all/{pm_uuid}/used_by/: get: operationId: propertymappings_all_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/all/types/: get: operationId: propertymappings_all_types_list description: Get all creatable types tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/TypeCreate' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/notification/: get: operationId: propertymappings_notification_list description: NotificationWebhookMapping Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedNotificationWebhookMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_notification_create description: NotificationWebhookMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/NotificationWebhookMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/NotificationWebhookMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/notification/{pm_uuid}/: get: operationId: propertymappings_notification_retrieve description: NotificationWebhookMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Webhook Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationWebhookMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_notification_update description: NotificationWebhookMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Webhook Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/NotificationWebhookMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationWebhookMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_notification_partial_update description: NotificationWebhookMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Webhook Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedNotificationWebhookMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationWebhookMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_notification_destroy description: NotificationWebhookMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Webhook Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/notification/{pm_uuid}/used_by/: get: operationId: propertymappings_notification_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Webhook Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/google_workspace/: get: operationId: propertymappings_provider_google_workspace_list description: GoogleWorkspaceProviderMapping Viewset parameters: - in: query name: expression schema: type: string - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: pm_uuid schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_provider_google_workspace_create description: GoogleWorkspaceProviderMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/google_workspace/{pm_uuid}/: get: operationId: propertymappings_provider_google_workspace_retrieve description: GoogleWorkspaceProviderMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Google Workspace Provider Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_provider_google_workspace_update description: GoogleWorkspaceProviderMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Google Workspace Provider Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_provider_google_workspace_partial_update description: GoogleWorkspaceProviderMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Google Workspace Provider Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedGoogleWorkspaceProviderMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_provider_google_workspace_destroy description: GoogleWorkspaceProviderMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Google Workspace Provider Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/google_workspace/{pm_uuid}/used_by/: get: operationId: propertymappings_provider_google_workspace_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Google Workspace Provider Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/microsoft_entra/: get: operationId: propertymappings_provider_microsoft_entra_list description: MicrosoftEntraProviderMapping Viewset parameters: - in: query name: expression schema: type: string - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: pm_uuid schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedMicrosoftEntraProviderMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_provider_microsoft_entra_create description: MicrosoftEntraProviderMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/microsoft_entra/{pm_uuid}/: get: operationId: propertymappings_provider_microsoft_entra_retrieve description: MicrosoftEntraProviderMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Microsoft Entra Provider Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_provider_microsoft_entra_update description: MicrosoftEntraProviderMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Microsoft Entra Provider Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_provider_microsoft_entra_partial_update description: MicrosoftEntraProviderMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Microsoft Entra Provider Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedMicrosoftEntraProviderMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_provider_microsoft_entra_destroy description: MicrosoftEntraProviderMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Microsoft Entra Provider Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/microsoft_entra/{pm_uuid}/used_by/: get: operationId: propertymappings_provider_microsoft_entra_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Microsoft Entra Provider Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/rac/: get: operationId: propertymappings_provider_rac_list description: RACPropertyMapping Viewset parameters: - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedRACPropertyMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_provider_rac_create description: RACPropertyMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/RACPropertyMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/RACPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/rac/{pm_uuid}/: get: operationId: propertymappings_provider_rac_retrieve description: RACPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Provider Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RACPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_provider_rac_update description: RACPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Provider Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/RACPropertyMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RACPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_provider_rac_partial_update description: RACPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Provider Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedRACPropertyMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RACPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_provider_rac_destroy description: RACPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Provider Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/rac/{pm_uuid}/used_by/: get: operationId: propertymappings_provider_rac_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Provider Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/radius/: get: operationId: propertymappings_provider_radius_list description: RadiusProviderPropertyMapping Viewset parameters: - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: managed__isnull schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedRadiusProviderPropertyMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_provider_radius_create description: RadiusProviderPropertyMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/RadiusProviderPropertyMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/RadiusProviderPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/radius/{pm_uuid}/: get: operationId: propertymappings_provider_radius_retrieve description: RadiusProviderPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Radius Provider Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RadiusProviderPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_provider_radius_update description: RadiusProviderPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Radius Provider Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/RadiusProviderPropertyMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RadiusProviderPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_provider_radius_partial_update description: RadiusProviderPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Radius Provider Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedRadiusProviderPropertyMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RadiusProviderPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_provider_radius_destroy description: RadiusProviderPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Radius Provider Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/radius/{pm_uuid}/used_by/: get: operationId: propertymappings_provider_radius_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Radius Provider Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/saml/: get: operationId: propertymappings_provider_saml_list description: SAMLPropertyMapping Viewset parameters: - in: query name: friendly_name schema: type: string - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: managed__isnull schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: saml_name schema: type: string - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSAMLPropertyMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_provider_saml_create description: SAMLPropertyMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/SAMLPropertyMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SAMLPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/saml/{pm_uuid}/: get: operationId: propertymappings_provider_saml_retrieve description: SAMLPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SAML Provider Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_provider_saml_update description: SAMLPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SAML Provider Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/SAMLPropertyMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_provider_saml_partial_update description: SAMLPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SAML Provider Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLPropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_provider_saml_destroy description: SAMLPropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SAML Provider Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/saml/{pm_uuid}/used_by/: get: operationId: propertymappings_provider_saml_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SAML Provider Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/scim/: get: operationId: propertymappings_provider_scim_list description: SCIMMapping Viewset parameters: - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: managed__isnull schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSCIMMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_provider_scim_create description: SCIMMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SCIMMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/scim/{pm_uuid}/: get: operationId: propertymappings_provider_scim_retrieve description: SCIMMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SCIM Provider Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_provider_scim_update description: SCIMMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SCIM Provider Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_provider_scim_partial_update description: SCIMMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SCIM Provider Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSCIMMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_provider_scim_destroy description: SCIMMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SCIM Provider Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/scim/{pm_uuid}/used_by/: get: operationId: propertymappings_provider_scim_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SCIM Provider Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/scope/: get: operationId: propertymappings_provider_scope_list description: ScopeMapping Viewset parameters: - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: managed__isnull schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: scope_name schema: type: string - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedScopeMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_provider_scope_create description: ScopeMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/ScopeMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/ScopeMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/scope/{pm_uuid}/: get: operationId: propertymappings_provider_scope_retrieve description: ScopeMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Scope Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ScopeMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_provider_scope_update description: ScopeMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Scope Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/ScopeMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ScopeMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_provider_scope_partial_update description: ScopeMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Scope Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedScopeMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ScopeMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_provider_scope_destroy description: ScopeMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Scope Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/provider/scope/{pm_uuid}/used_by/: get: operationId: propertymappings_provider_scope_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Scope Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/kerberos/: get: operationId: propertymappings_source_kerberos_list description: KerberosSource PropertyMapping Viewset parameters: - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: managed__isnull schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedKerberosSourcePropertyMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_source_kerberos_create description: KerberosSource PropertyMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/KerberosSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/KerberosSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/kerberos/{pm_uuid}/: get: operationId: propertymappings_source_kerberos_retrieve description: KerberosSource PropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Kerberos Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/KerberosSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_source_kerberos_update description: KerberosSource PropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Kerberos Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/KerberosSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/KerberosSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_source_kerberos_partial_update description: KerberosSource PropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Kerberos Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedKerberosSourcePropertyMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/KerberosSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_source_kerberos_destroy description: KerberosSource PropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Kerberos Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/kerberos/{pm_uuid}/used_by/: get: operationId: propertymappings_source_kerberos_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Kerberos Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/ldap/: get: operationId: propertymappings_source_ldap_list description: LDAP PropertyMapping Viewset parameters: - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: managed__isnull schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedLDAPSourcePropertyMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_source_ldap_create description: LDAP PropertyMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/LDAPSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/LDAPSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/ldap/{pm_uuid}/: get: operationId: propertymappings_source_ldap_retrieve description: LDAP PropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this LDAP Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LDAPSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_source_ldap_update description: LDAP PropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this LDAP Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/LDAPSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LDAPSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_source_ldap_partial_update description: LDAP PropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this LDAP Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedLDAPSourcePropertyMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LDAPSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_source_ldap_destroy description: LDAP PropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this LDAP Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/ldap/{pm_uuid}/used_by/: get: operationId: propertymappings_source_ldap_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this LDAP Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/oauth/: get: operationId: propertymappings_source_oauth_list description: OAuthSourcePropertyMapping Viewset parameters: - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: managed__isnull schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedOAuthSourcePropertyMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_source_oauth_create description: OAuthSourcePropertyMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/OAuthSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/OAuthSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/oauth/{pm_uuid}/: get: operationId: propertymappings_source_oauth_retrieve description: OAuthSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this OAuth Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/OAuthSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_source_oauth_update description: OAuthSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this OAuth Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/OAuthSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/OAuthSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_source_oauth_partial_update description: OAuthSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this OAuth Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedOAuthSourcePropertyMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/OAuthSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_source_oauth_destroy description: OAuthSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this OAuth Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/oauth/{pm_uuid}/used_by/: get: operationId: propertymappings_source_oauth_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this OAuth Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/plex/: get: operationId: propertymappings_source_plex_list description: PlexSourcePropertyMapping Viewset parameters: - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: managed__isnull schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedPlexSourcePropertyMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_source_plex_create description: PlexSourcePropertyMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PlexSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/PlexSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/plex/{pm_uuid}/: get: operationId: propertymappings_source_plex_retrieve description: PlexSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Plex Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PlexSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_source_plex_update description: PlexSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Plex Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PlexSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PlexSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_source_plex_partial_update description: PlexSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Plex Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedPlexSourcePropertyMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PlexSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_source_plex_destroy description: PlexSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Plex Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/plex/{pm_uuid}/used_by/: get: operationId: propertymappings_source_plex_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this Plex Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/saml/: get: operationId: propertymappings_source_saml_list description: SAMLSourcePropertyMapping Viewset parameters: - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: managed__isnull schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSAMLSourcePropertyMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_source_saml_create description: SAMLSourcePropertyMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/SAMLSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SAMLSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/saml/{pm_uuid}/: get: operationId: propertymappings_source_saml_retrieve description: SAMLSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SAML Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_source_saml_update description: SAMLSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SAML Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/SAMLSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_source_saml_partial_update description: SAMLSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SAML Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSAMLSourcePropertyMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_source_saml_destroy description: SAMLSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SAML Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/saml/{pm_uuid}/used_by/: get: operationId: propertymappings_source_saml_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SAML Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/scim/: get: operationId: propertymappings_source_scim_list description: SCIMSourcePropertyMapping Viewset parameters: - in: query name: managed schema: type: array items: type: string explode: true style: form - in: query name: managed__isnull schema: type: boolean - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSCIMSourcePropertyMappingList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: propertymappings_source_scim_create description: SCIMSourcePropertyMapping Viewset tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SCIMSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/scim/{pm_uuid}/: get: operationId: propertymappings_source_scim_retrieve description: SCIMSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SCIM Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: propertymappings_source_scim_update description: SCIMSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SCIM Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMSourcePropertyMappingRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: propertymappings_source_scim_partial_update description: SCIMSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SCIM Source Property Mapping. required: true tags: - propertymappings requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSCIMSourcePropertyMappingRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSourcePropertyMapping' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: propertymappings_source_scim_destroy description: SCIMSourcePropertyMapping Viewset parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SCIM Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /propertymappings/source/scim/{pm_uuid}/used_by/: get: operationId: propertymappings_source_scim_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pm_uuid schema: type: string format: uuid description: A UUID string identifying this SCIM Source Property Mapping. required: true tags: - propertymappings security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/all/: get: operationId: providers_all_list description: Provider Viewset parameters: - in: query name: application__isnull schema: type: boolean - in: query name: backchannel schema: type: boolean description: When not set all providers are returned. When set to true, only backchannel providers are returned. When set to false, backchannel providers are excluded - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedProviderList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/all/{id}/: get: operationId: providers_all_retrieve description: Provider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Provider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_all_destroy description: Provider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this provider. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/all/{id}/used_by/: get: operationId: providers_all_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/all/types/: get: operationId: providers_all_types_list description: Get all creatable types tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/TypeCreate' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/google_workspace/: get: operationId: providers_google_workspace_list description: GoogleWorkspaceProvider Viewset parameters: - in: query name: delegated_subject schema: type: string - in: query name: exclude_users_service_account schema: type: boolean - in: query name: filter_group schema: type: string format: uuid - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_google_workspace_create description: GoogleWorkspaceProvider Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/google_workspace/{id}/: get: operationId: providers_google_workspace_retrieve description: GoogleWorkspaceProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Google Workspace Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: providers_google_workspace_update description: GoogleWorkspaceProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Google Workspace Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: providers_google_workspace_partial_update description: GoogleWorkspaceProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Google Workspace Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedGoogleWorkspaceProviderRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_google_workspace_destroy description: GoogleWorkspaceProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Google Workspace Provider. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/google_workspace/{id}/sync/object/: post: operationId: providers_google_workspace_sync_object_create description: Sync/Re-sync a single user/group object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Google Workspace Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/SyncObjectRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SyncObjectResult' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/google_workspace/{id}/sync/status/: get: operationId: providers_google_workspace_sync_status_retrieve description: Get provider's sync status parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Google Workspace Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SyncStatus' description: '' '404': description: Task not found '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/google_workspace/{id}/used_by/: get: operationId: providers_google_workspace_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Google Workspace Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/google_workspace_groups/: get: operationId: providers_google_workspace_groups_list description: GoogleWorkspaceProviderGroup Viewset parameters: - in: query name: group__group_uuid schema: type: string format: uuid - in: query name: group__name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider__id schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderGroupList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_google_workspace_groups_create description: GoogleWorkspaceProviderGroup Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderGroupRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderGroup' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/google_workspace_groups/{id}/: get: operationId: providers_google_workspace_groups_retrieve description: GoogleWorkspaceProviderGroup Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Google Workspace Provider Group. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderGroup' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_google_workspace_groups_destroy description: GoogleWorkspaceProviderGroup Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Google Workspace Provider Group. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/google_workspace_groups/{id}/used_by/: get: operationId: providers_google_workspace_groups_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Google Workspace Provider Group. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/google_workspace_users/: get: operationId: providers_google_workspace_users_list description: GoogleWorkspaceProviderUser Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider__id schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: user__id schema: type: integer - in: query name: user__username schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderUserList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_google_workspace_users_create description: GoogleWorkspaceProviderUser Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderUserRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/google_workspace_users/{id}/: get: operationId: providers_google_workspace_users_retrieve description: GoogleWorkspaceProviderUser Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Google Workspace Provider User. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GoogleWorkspaceProviderUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_google_workspace_users_destroy description: GoogleWorkspaceProviderUser Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Google Workspace Provider User. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/google_workspace_users/{id}/used_by/: get: operationId: providers_google_workspace_users_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Google Workspace Provider User. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/ldap/: get: operationId: providers_ldap_list description: LDAPProvider Viewset parameters: - in: query name: application__isnull schema: type: boolean - in: query name: authorization_flow__slug__iexact schema: type: string - in: query name: base_dn__iexact schema: type: string - in: query name: certificate__kp_uuid__iexact schema: type: string format: uuid - in: query name: certificate__name__iexact schema: type: string - in: query name: gid_start_number__iexact schema: type: integer - in: query name: name__iexact schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: tls_server_name__iexact schema: type: string - in: query name: uid_start_number__iexact schema: type: integer tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedLDAPProviderList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_ldap_create description: LDAPProvider Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/LDAPProviderRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/LDAPProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/ldap/{id}/: get: operationId: providers_ldap_retrieve description: LDAPProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this LDAP Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LDAPProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: providers_ldap_update description: LDAPProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this LDAP Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/LDAPProviderRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LDAPProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: providers_ldap_partial_update description: LDAPProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this LDAP Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedLDAPProviderRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LDAPProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_ldap_destroy description: LDAPProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this LDAP Provider. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/ldap/{id}/used_by/: get: operationId: providers_ldap_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this LDAP Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/microsoft_entra/: get: operationId: providers_microsoft_entra_list description: MicrosoftEntraProvider Viewset parameters: - in: query name: exclude_users_service_account schema: type: boolean - in: query name: filter_group schema: type: string format: uuid - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedMicrosoftEntraProviderList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_microsoft_entra_create description: MicrosoftEntraProvider Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/microsoft_entra/{id}/: get: operationId: providers_microsoft_entra_retrieve description: MicrosoftEntraProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Microsoft Entra Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: providers_microsoft_entra_update description: MicrosoftEntraProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Microsoft Entra Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: providers_microsoft_entra_partial_update description: MicrosoftEntraProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Microsoft Entra Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedMicrosoftEntraProviderRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_microsoft_entra_destroy description: MicrosoftEntraProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Microsoft Entra Provider. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/microsoft_entra/{id}/sync/object/: post: operationId: providers_microsoft_entra_sync_object_create description: Sync/Re-sync a single user/group object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Microsoft Entra Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/SyncObjectRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SyncObjectResult' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/microsoft_entra/{id}/sync/status/: get: operationId: providers_microsoft_entra_sync_status_retrieve description: Get provider's sync status parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Microsoft Entra Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SyncStatus' description: '' '404': description: Task not found '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/microsoft_entra/{id}/used_by/: get: operationId: providers_microsoft_entra_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Microsoft Entra Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/microsoft_entra_groups/: get: operationId: providers_microsoft_entra_groups_list description: MicrosoftEntraProviderGroup Viewset parameters: - in: query name: group__group_uuid schema: type: string format: uuid - in: query name: group__name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider__id schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedMicrosoftEntraProviderGroupList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_microsoft_entra_groups_create description: MicrosoftEntraProviderGroup Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderGroupRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderGroup' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/microsoft_entra_groups/{id}/: get: operationId: providers_microsoft_entra_groups_retrieve description: MicrosoftEntraProviderGroup Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Microsoft Entra Provider Group. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderGroup' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_microsoft_entra_groups_destroy description: MicrosoftEntraProviderGroup Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Microsoft Entra Provider Group. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/microsoft_entra_groups/{id}/used_by/: get: operationId: providers_microsoft_entra_groups_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Microsoft Entra Provider Group. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/microsoft_entra_users/: get: operationId: providers_microsoft_entra_users_list description: MicrosoftEntraProviderUser Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider__id schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: user__id schema: type: integer - in: query name: user__username schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedMicrosoftEntraProviderUserList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_microsoft_entra_users_create description: MicrosoftEntraProviderUser Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderUserRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/microsoft_entra_users/{id}/: get: operationId: providers_microsoft_entra_users_retrieve description: MicrosoftEntraProviderUser Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Microsoft Entra Provider User. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftEntraProviderUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_microsoft_entra_users_destroy description: MicrosoftEntraProviderUser Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Microsoft Entra Provider User. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/microsoft_entra_users/{id}/used_by/: get: operationId: providers_microsoft_entra_users_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this Microsoft Entra Provider User. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/oauth2/: get: operationId: providers_oauth2_list description: OAuth2Provider Viewset parameters: - in: query name: access_code_validity schema: type: string - in: query name: access_token_validity schema: type: string - in: query name: application schema: type: string format: uuid - in: query name: authorization_flow schema: type: string format: uuid - in: query name: client_id schema: type: string - in: query name: client_type schema: type: string enum: - confidential - public description: |+ Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable - in: query name: include_claims_in_id_token schema: type: boolean - in: query name: issuer_mode schema: type: string enum: - global - per_provider description: |+ Configure how the issuer field of the ID Token should be filled. - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: property_mappings schema: type: array items: type: string format: uuid explode: true style: form - in: query name: refresh_token_validity schema: type: string - name: search required: false in: query description: A search term. schema: type: string - in: query name: signing_key schema: type: string format: uuid - in: query name: sub_mode schema: type: string enum: - hashed_user_id - user_email - user_id - user_upn - user_username - user_uuid description: |+ Configure what data should be used as unique User Identifier. For most cases, the default should be fine. tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedOAuth2ProviderList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_oauth2_create description: OAuth2Provider Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/OAuth2ProviderRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/OAuth2Provider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/oauth2/{id}/: get: operationId: providers_oauth2_retrieve description: OAuth2Provider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2/OpenID Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/OAuth2Provider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: providers_oauth2_update description: OAuth2Provider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2/OpenID Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/OAuth2ProviderRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/OAuth2Provider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: providers_oauth2_partial_update description: OAuth2Provider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2/OpenID Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedOAuth2ProviderRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/OAuth2Provider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_oauth2_destroy description: OAuth2Provider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2/OpenID Provider. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/oauth2/{id}/preview_user/: get: operationId: providers_oauth2_preview_user_retrieve description: Preview user data for provider parameters: - in: query name: for_user schema: type: integer - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2/OpenID Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PropertyMappingPreview' description: '' '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/oauth2/{id}/setup_urls/: get: operationId: providers_oauth2_setup_urls_retrieve description: Get Providers setup URLs parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2/OpenID Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/OAuth2ProviderSetupURLs' description: '' '404': description: Provider has no application assigned '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/oauth2/{id}/used_by/: get: operationId: providers_oauth2_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this OAuth2/OpenID Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/proxy/: get: operationId: providers_proxy_list description: ProxyProvider Viewset parameters: - in: query name: application__isnull schema: type: boolean - in: query name: authorization_flow__slug__iexact schema: type: string - in: query name: basic_auth_enabled__iexact schema: type: boolean - in: query name: basic_auth_password_attribute__iexact schema: type: string - in: query name: basic_auth_user_attribute__iexact schema: type: string - in: query name: certificate__kp_uuid__iexact schema: type: string format: uuid - in: query name: certificate__name__iexact schema: type: string - in: query name: cookie_domain__iexact schema: type: string - in: query name: external_host__iexact schema: type: string - in: query name: internal_host__iexact schema: type: string - in: query name: internal_host_ssl_validation__iexact schema: type: boolean - in: query name: mode__iexact schema: type: string - in: query name: name__iexact schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: property_mappings__iexact schema: type: array items: type: string format: uuid explode: true style: form - name: search required: false in: query description: A search term. schema: type: string - in: query name: skip_path_regex__iexact schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedProxyProviderList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_proxy_create description: ProxyProvider Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/ProxyProviderRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/ProxyProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/proxy/{id}/: get: operationId: providers_proxy_retrieve description: ProxyProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Proxy Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ProxyProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: providers_proxy_update description: ProxyProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Proxy Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/ProxyProviderRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ProxyProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: providers_proxy_partial_update description: ProxyProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Proxy Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedProxyProviderRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ProxyProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_proxy_destroy description: ProxyProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Proxy Provider. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/proxy/{id}/used_by/: get: operationId: providers_proxy_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Proxy Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/rac/: get: operationId: providers_rac_list description: RACProvider Viewset parameters: - in: query name: application__isnull schema: type: boolean - in: query name: name__iexact schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedRACProviderList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_rac_create description: RACProvider Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/RACProviderRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/RACProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/rac/{id}/: get: operationId: providers_rac_retrieve description: RACProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this RAC Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RACProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: providers_rac_update description: RACProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this RAC Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/RACProviderRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RACProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: providers_rac_partial_update description: RACProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this RAC Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedRACProviderRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RACProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_rac_destroy description: RACProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this RAC Provider. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/rac/{id}/used_by/: get: operationId: providers_rac_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this RAC Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/radius/: get: operationId: providers_radius_list description: RadiusProvider Viewset parameters: - in: query name: application__isnull schema: type: boolean - in: query name: authorization_flow__slug__iexact schema: type: string - in: query name: client_networks__iexact schema: type: string - in: query name: name__iexact schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedRadiusProviderList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_radius_create description: RadiusProvider Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/RadiusProviderRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/RadiusProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/radius/{id}/: get: operationId: providers_radius_retrieve description: RadiusProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Radius Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RadiusProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: providers_radius_update description: RadiusProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Radius Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/RadiusProviderRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RadiusProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: providers_radius_partial_update description: RadiusProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Radius Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedRadiusProviderRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RadiusProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_radius_destroy description: RadiusProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Radius Provider. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/radius/{id}/used_by/: get: operationId: providers_radius_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Radius Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/saml/: get: operationId: providers_saml_list description: SAMLProvider Viewset parameters: - in: query name: acs_url schema: type: string - in: query name: assertion_valid_not_before schema: type: string - in: query name: assertion_valid_not_on_or_after schema: type: string - in: query name: audience schema: type: string - in: query name: authentication_flow schema: type: string format: uuid - in: query name: authn_context_class_ref_mapping schema: type: string format: uuid - in: query name: authorization_flow schema: type: string format: uuid - in: query name: backchannel_application schema: type: string format: uuid - in: query name: default_relay_state schema: type: string - in: query name: digest_algorithm schema: type: string enum: - http://www.w3.org/2000/09/xmldsig#sha1 - http://www.w3.org/2001/04/xmldsig-more#sha384 - http://www.w3.org/2001/04/xmlenc#sha256 - http://www.w3.org/2001/04/xmlenc#sha512 - in: query name: encryption_kp schema: type: string format: uuid - in: query name: invalidation_flow schema: type: string format: uuid - in: query name: is_backchannel schema: type: boolean - in: query name: issuer schema: type: string - in: query name: name schema: type: string - in: query name: name_id_mapping schema: type: string format: uuid - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: property_mappings schema: type: array items: type: string format: uuid explode: true style: form - name: search required: false in: query description: A search term. schema: type: string - in: query name: session_valid_not_on_or_after schema: type: string - in: query name: sign_assertion schema: type: boolean - in: query name: sign_response schema: type: boolean - in: query name: signature_algorithm schema: type: string enum: - http://www.w3.org/2000/09/xmldsig#dsa-sha1 - http://www.w3.org/2000/09/xmldsig#rsa-sha1 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512 - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 - in: query name: signing_kp schema: type: string format: uuid - in: query name: sp_binding schema: type: string title: Service Provider Binding enum: - post - redirect description: |+ This determines how authentik sends the response back to the Service Provider. - in: query name: verification_kp schema: type: string format: uuid tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSAMLProviderList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_saml_create description: SAMLProvider Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/SAMLProviderRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SAMLProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/saml/{id}/: get: operationId: providers_saml_retrieve description: SAMLProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SAML Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: providers_saml_update description: SAMLProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SAML Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/SAMLProviderRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: providers_saml_partial_update description: SAMLProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SAML Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSAMLProviderRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_saml_destroy description: SAMLProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SAML Provider. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/saml/{id}/metadata/: get: operationId: providers_saml_metadata_retrieve description: Return metadata as XML string parameters: - in: query name: download schema: type: boolean - in: query name: force_binding schema: type: string enum: - urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST - urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect description: Optionally force the metadata to only include one binding. - in: path name: id schema: type: integer description: A unique integer value identifying this SAML Provider. required: true tags: - providers security: - authentik: [] - {} responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLMetadata' application/xml: schema: $ref: '#/components/schemas/SAMLMetadata' description: '' '404': description: Provider has no application assigned '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/saml/{id}/preview_user/: get: operationId: providers_saml_preview_user_retrieve description: Preview user data for provider parameters: - in: query name: for_user schema: type: integer - in: path name: id schema: type: integer description: A unique integer value identifying this SAML Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PropertyMappingPreview' description: '' '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/saml/{id}/used_by/: get: operationId: providers_saml_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SAML Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/saml/import_metadata/: post: operationId: providers_saml_import_metadata_create description: Create provider from SAML Metadata tags: - providers requestBody: content: multipart/form-data: schema: $ref: '#/components/schemas/SAMLProviderImportRequest' required: true security: - authentik: [] responses: '204': description: Successfully imported provider '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/scim/: get: operationId: providers_scim_list description: SCIMProvider Viewset parameters: - in: query name: exclude_users_service_account schema: type: boolean - in: query name: filter_group schema: type: string format: uuid - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: url schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSCIMProviderList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_scim_create description: SCIMProvider Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMProviderRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SCIMProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/scim/{id}/: get: operationId: providers_scim_retrieve description: SCIMProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SCIM Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: providers_scim_update description: SCIMProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SCIM Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMProviderRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: providers_scim_partial_update description: SCIMProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SCIM Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSCIMProviderRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_scim_destroy description: SCIMProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SCIM Provider. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/scim/{id}/sync/object/: post: operationId: providers_scim_sync_object_create description: Sync/Re-sync a single user/group object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SCIM Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/SyncObjectRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SyncObjectResult' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/scim/{id}/sync/status/: get: operationId: providers_scim_sync_status_retrieve description: Get provider's sync status parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SCIM Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SyncStatus' description: '' '404': description: Task not found '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/scim/{id}/used_by/: get: operationId: providers_scim_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this SCIM Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/scim_groups/: get: operationId: providers_scim_groups_list description: SCIMProviderGroup Viewset parameters: - in: query name: group__group_uuid schema: type: string format: uuid - in: query name: group__name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider__id schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSCIMProviderGroupList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_scim_groups_create description: SCIMProviderGroup Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMProviderGroupRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SCIMProviderGroup' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/scim_groups/{id}/: get: operationId: providers_scim_groups_retrieve description: SCIMProviderGroup Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this scim provider group. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMProviderGroup' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_scim_groups_destroy description: SCIMProviderGroup Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this scim provider group. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/scim_groups/{id}/used_by/: get: operationId: providers_scim_groups_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this scim provider group. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/scim_users/: get: operationId: providers_scim_users_list description: SCIMProviderUser Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider__id schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: user__id schema: type: integer - in: query name: user__username schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSCIMProviderUserList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_scim_users_create description: SCIMProviderUser Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMProviderUserRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SCIMProviderUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/scim_users/{id}/: get: operationId: providers_scim_users_retrieve description: SCIMProviderUser Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this scim provider user. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMProviderUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_scim_users_destroy description: SCIMProviderUser Viewset parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this scim provider user. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/scim_users/{id}/used_by/: get: operationId: providers_scim_users_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: string format: uuid description: A UUID string identifying this scim provider user. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/ssf/: get: operationId: providers_ssf_list description: SSFProvider Viewset parameters: - in: query name: application__isnull schema: type: boolean - in: query name: name__iexact schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSSFProviderList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: providers_ssf_create description: SSFProvider Viewset tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/SSFProviderRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SSFProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/ssf/{id}/: get: operationId: providers_ssf_retrieve description: SSFProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Shared Signals Framework Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SSFProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: providers_ssf_update description: SSFProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Shared Signals Framework Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/SSFProviderRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SSFProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: providers_ssf_partial_update description: SSFProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Shared Signals Framework Provider. required: true tags: - providers requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSSFProviderRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SSFProvider' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: providers_ssf_destroy description: SSFProvider Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Shared Signals Framework Provider. required: true tags: - providers security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /providers/ssf/{id}/used_by/: get: operationId: providers_ssf_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Shared Signals Framework Provider. required: true tags: - providers security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rac/connection_tokens/: get: operationId: rac_connection_tokens_list description: ConnectionToken Viewset parameters: - in: query name: endpoint schema: type: string format: uuid - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: session__user schema: type: integer tags: - rac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedConnectionTokenList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rac/connection_tokens/{connection_token_uuid}/: get: operationId: rac_connection_tokens_retrieve description: ConnectionToken Viewset parameters: - in: path name: connection_token_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Connection token. required: true tags: - rac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConnectionToken' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: rac_connection_tokens_update description: ConnectionToken Viewset parameters: - in: path name: connection_token_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Connection token. required: true tags: - rac requestBody: content: application/json: schema: $ref: '#/components/schemas/ConnectionTokenRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConnectionToken' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: rac_connection_tokens_partial_update description: ConnectionToken Viewset parameters: - in: path name: connection_token_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Connection token. required: true tags: - rac requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedConnectionTokenRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConnectionToken' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: rac_connection_tokens_destroy description: ConnectionToken Viewset parameters: - in: path name: connection_token_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Connection token. required: true tags: - rac security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rac/connection_tokens/{connection_token_uuid}/used_by/: get: operationId: rac_connection_tokens_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: connection_token_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Connection token. required: true tags: - rac security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rac/endpoints/: get: operationId: rac_endpoints_list description: List accessible endpoints parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider schema: type: integer - in: query name: search schema: type: string - in: query name: superuser_full_list schema: type: boolean tags: - rac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedEndpointList' description: '' '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: rac_endpoints_create description: Endpoint Viewset tags: - rac requestBody: content: application/json: schema: $ref: '#/components/schemas/EndpointRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/Endpoint' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rac/endpoints/{pbm_uuid}/: get: operationId: rac_endpoints_retrieve description: Endpoint Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Endpoint. required: true tags: - rac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Endpoint' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: rac_endpoints_update description: Endpoint Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Endpoint. required: true tags: - rac requestBody: content: application/json: schema: $ref: '#/components/schemas/EndpointRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Endpoint' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: rac_endpoints_partial_update description: Endpoint Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Endpoint. required: true tags: - rac requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedEndpointRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Endpoint' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: rac_endpoints_destroy description: Endpoint Viewset parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Endpoint. required: true tags: - rac security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rac/endpoints/{pbm_uuid}/used_by/: get: operationId: rac_endpoints_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: pbm_uuid schema: type: string format: uuid description: A UUID string identifying this RAC Endpoint. required: true tags: - rac security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/initial_permissions/: get: operationId: rbac_initial_permissions_list description: InitialPermissions viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedInitialPermissionsList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: rbac_initial_permissions_create description: InitialPermissions viewset tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/InitialPermissionsRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/InitialPermissions' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/initial_permissions/{id}/: get: operationId: rbac_initial_permissions_retrieve description: InitialPermissions viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Initial Permissions. required: true tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/InitialPermissions' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: rbac_initial_permissions_update description: InitialPermissions viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Initial Permissions. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/InitialPermissionsRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/InitialPermissions' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: rbac_initial_permissions_partial_update description: InitialPermissions viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Initial Permissions. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedInitialPermissionsRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/InitialPermissions' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: rbac_initial_permissions_destroy description: InitialPermissions viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Initial Permissions. required: true tags: - rbac security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/initial_permissions/{id}/used_by/: get: operationId: rbac_initial_permissions_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Initial Permissions. required: true tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/: get: operationId: rbac_permissions_list description: Read-only list of all permissions, filterable by model and app parameters: - in: query name: codename schema: type: string - in: query name: content_type__app_label schema: type: string - in: query name: content_type__model schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: role schema: type: string - name: search required: false in: query description: A search term. schema: type: string - in: query name: user schema: type: integer tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedPermissionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/{id}/: get: operationId: rbac_permissions_retrieve description: Read-only list of all permissions, filterable by model and app parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this permission. required: true tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Permission' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/assigned_by_roles/: get: operationId: rbac_permissions_assigned_by_roles_list description: Get assigned object permissions for a single object parameters: - in: query name: model schema: type: string enum: - authentik_blueprints.blueprintinstance - authentik_brands.brand - authentik_core.application - authentik_core.applicationentitlement - authentik_core.group - authentik_core.token - authentik_core.user - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationtransport - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies.policybinding - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_ldap.ldapprovider - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_oauth2.oauth2provider - authentik_providers_oauth2.scopemapping - authentik_providers_proxy.proxyprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_rac.racprovider - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_scim.scimmapping - authentik_providers_scim.scimprovider - authentik_providers_ssf.ssfprovider - authentik_rbac.initialpermissions - authentik_rbac.role - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitation - authentik_stages_invitation.invitationstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt - authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_source.sourcestage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tenants.domain required: true - in: query name: object_pk schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedRoleAssignedObjectPermissionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/assigned_by_roles/{uuid}/assign/: post: operationId: rbac_permissions_assigned_by_roles_assign description: |- Assign permission(s) to role. When `object_pk` is set, the permissions are only assigned to the specific object, otherwise they are assigned globally. parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Role. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/PermissionAssignRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/PermissionAssignResult' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/assigned_by_roles/{uuid}/unassign/: patch: operationId: rbac_permissions_assigned_by_roles_unassign_partial_update description: |- Unassign permission(s) to role. When `object_pk` is set, the permissions are only assigned to the specific object, otherwise they are assigned globally. parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Role. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedPermissionAssignRequest' security: - authentik: [] responses: '204': description: Successfully unassigned '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/assigned_by_users/: get: operationId: rbac_permissions_assigned_by_users_list description: Get assigned object permissions for a single object parameters: - in: query name: model schema: type: string enum: - authentik_blueprints.blueprintinstance - authentik_brands.brand - authentik_core.application - authentik_core.applicationentitlement - authentik_core.group - authentik_core.token - authentik_core.user - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationtransport - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies.policybinding - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_ldap.ldapprovider - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_oauth2.oauth2provider - authentik_providers_oauth2.scopemapping - authentik_providers_proxy.proxyprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_rac.racprovider - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_scim.scimmapping - authentik_providers_scim.scimprovider - authentik_providers_ssf.ssfprovider - authentik_rbac.initialpermissions - authentik_rbac.role - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitation - authentik_stages_invitation.invitationstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt - authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_source.sourcestage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tenants.domain required: true - in: query name: object_pk schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserAssignedObjectPermissionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/assigned_by_users/{id}/assign/: post: operationId: rbac_permissions_assigned_by_users_assign description: Assign permission(s) to user parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/PermissionAssignRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/PermissionAssignResult' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/assigned_by_users/{id}/unassign/: patch: operationId: rbac_permissions_assigned_by_users_unassign_partial_update description: |- Unassign permission(s) to user. When `object_pk` is set, the permissions are only assigned to the specific object, otherwise they are assigned globally. parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedPermissionAssignRequest' security: - authentik: [] responses: '204': description: Successfully unassigned '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/roles/: get: operationId: rbac_permissions_roles_list description: Get a role's assigned object permissions parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: uuid schema: type: string format: uuid tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedExtraRoleObjectPermissionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/roles/{id}/: get: operationId: rbac_permissions_roles_retrieve description: Get a role's assigned object permissions parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this group object permission. required: true tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExtraRoleObjectPermission' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: rbac_permissions_roles_update description: Get a role's assigned object permissions parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this group object permission. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/ExtraRoleObjectPermissionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExtraRoleObjectPermission' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: rbac_permissions_roles_partial_update description: Get a role's assigned object permissions parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this group object permission. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedExtraRoleObjectPermissionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExtraRoleObjectPermission' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: rbac_permissions_roles_destroy description: Get a role's assigned object permissions parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this group object permission. required: true tags: - rbac security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/users/: get: operationId: rbac_permissions_users_list description: Get a users's assigned object permissions parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: user_id schema: type: integer tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedExtraUserObjectPermissionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/permissions/users/{id}/: get: operationId: rbac_permissions_users_retrieve description: Get a users's assigned object permissions parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this user object permission. required: true tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExtraUserObjectPermission' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: rbac_permissions_users_update description: Get a users's assigned object permissions parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this user object permission. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/ExtraUserObjectPermissionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExtraUserObjectPermission' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: rbac_permissions_users_partial_update description: Get a users's assigned object permissions parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this user object permission. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedExtraUserObjectPermissionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExtraUserObjectPermission' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: rbac_permissions_users_destroy description: Get a users's assigned object permissions parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this user object permission. required: true tags: - rbac security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/roles/: get: operationId: rbac_roles_list description: Role viewset parameters: - in: query name: group__name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedRoleList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: rbac_roles_create description: Role viewset tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/RoleRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/Role' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/roles/{uuid}/: get: operationId: rbac_roles_retrieve description: Role viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Role. required: true tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Role' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: rbac_roles_update description: Role viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Role. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/RoleRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Role' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: rbac_roles_partial_update description: Role viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Role. required: true tags: - rbac requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedRoleRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Role' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: rbac_roles_destroy description: Role viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Role. required: true tags: - rbac security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /rbac/roles/{uuid}/used_by/: get: operationId: rbac_roles_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this Role. required: true tags: - rbac security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /root/config/: get: operationId: root_config_retrieve description: Retrieve public configuration options tags: - root security: - authentik: [] - {} responses: '200': content: application/json: schema: $ref: '#/components/schemas/Config' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /schema/: get: operationId: schema_retrieve description: |- OpenApi3 schema for this API. Format can be selected via content negotiation. - YAML: application/vnd.oai.openapi - JSON: application/vnd.oai.openapi+json parameters: - in: query name: format schema: type: string enum: - json - yaml - in: query name: lang schema: type: string enum: - af - ar - ar-dz - ast - az - be - bg - bn - br - bs - ca - ckb - cs - cy - da - de - dsb - el - en - en-au - en-gb - eo - es - es-ar - es-co - es-mx - es-ni - es-ve - et - eu - fa - fi - fr - fy - ga - gd - gl - he - hi - hr - hsb - hu - hy - ia - id - ig - io - is - it - ja - ka - kab - kk - km - kn - ko - ky - lb - lt - lv - mk - ml - mn - mr - ms - my - nb - ne - nl - nn - os - pa - pl - pt - pt-br - ro - ru - sk - sl - sq - sr - sr-latn - sv - sw - ta - te - tg - th - tk - tr - tt - udm - ug - uk - ur - uz - vi - zh-hans - zh-hant tags: - schema security: - authentik: [] - {} responses: '200': content: application/vnd.oai.openapi: schema: type: object additionalProperties: {} application/yaml: schema: type: object additionalProperties: {} application/vnd.oai.openapi+json: schema: type: object additionalProperties: {} application/json: schema: type: object additionalProperties: {} description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/all/: get: operationId: sources_all_list description: Source Viewset parameters: - in: query name: managed schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: pbm_uuid schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string - in: query name: slug schema: type: string tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSourceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/all/{slug}/: get: operationId: sources_all_retrieve description: Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Source' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_all_destroy description: Prevent deletion of built-in sources parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/all/{slug}/set_icon/: post: operationId: sources_all_set_icon_create description: Set source icon parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: multipart/form-data: schema: $ref: '#/components/schemas/FileUploadRequest' security: - authentik: [] responses: '200': description: Success '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/all/{slug}/set_icon_url/: post: operationId: sources_all_set_icon_url_create description: Set source icon (as URL) parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/FilePathRequest' required: true security: - authentik: [] responses: '200': description: Success '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/all/{slug}/used_by/: get: operationId: sources_all_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/all/types/: get: operationId: sources_all_types_list description: Get all creatable types tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/TypeCreate' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/all/user_settings/: get: operationId: sources_all_user_settings_list description: Get all sources the user can configure tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UserSetting' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/all/: get: operationId: sources_group_connections_all_list description: Group-source connection Viewset parameters: - in: query name: group schema: type: string format: uuid - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGroupSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/all/{id}/: get: operationId: sources_group_connections_all_retrieve description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this group source connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_group_connections_all_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this group source connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_group_connections_all_partial_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this group source connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedGroupSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_group_connections_all_destroy description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this group source connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/all/{id}/used_by/: get: operationId: sources_group_connections_all_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this group source connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/kerberos/: get: operationId: sources_group_connections_kerberos_list description: Group-source connection Viewset parameters: - in: query name: group schema: type: string format: uuid - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGroupKerberosSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_group_connections_kerberos_create description: Group-source connection Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupKerberosSourceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/GroupKerberosSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/kerberos/{id}/: get: operationId: sources_group_connections_kerberos_retrieve description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group Kerberos Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupKerberosSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_group_connections_kerberos_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group Kerberos Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupKerberosSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupKerberosSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_group_connections_kerberos_partial_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group Kerberos Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedGroupKerberosSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupKerberosSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_group_connections_kerberos_destroy description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group Kerberos Source Connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/kerberos/{id}/used_by/: get: operationId: sources_group_connections_kerberos_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group Kerberos Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/ldap/: get: operationId: sources_group_connections_ldap_list description: Group-source connection Viewset parameters: - in: query name: group schema: type: string format: uuid - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGroupLDAPSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_group_connections_ldap_create description: Group-source connection Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupLDAPSourceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/GroupLDAPSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/ldap/{id}/: get: operationId: sources_group_connections_ldap_retrieve description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group LDAP Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupLDAPSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_group_connections_ldap_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group LDAP Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupLDAPSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupLDAPSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_group_connections_ldap_partial_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group LDAP Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedGroupLDAPSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupLDAPSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_group_connections_ldap_destroy description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group LDAP Source Connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/ldap/{id}/used_by/: get: operationId: sources_group_connections_ldap_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group LDAP Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/oauth/: get: operationId: sources_group_connections_oauth_list description: Group-source connection Viewset parameters: - in: query name: group schema: type: string format: uuid - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGroupOAuthSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_group_connections_oauth_create description: Group-source connection Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupOAuthSourceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/GroupOAuthSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/oauth/{id}/: get: operationId: sources_group_connections_oauth_retrieve description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group OAuth Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupOAuthSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_group_connections_oauth_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group OAuth Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupOAuthSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupOAuthSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_group_connections_oauth_partial_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group OAuth Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedGroupOAuthSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupOAuthSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_group_connections_oauth_destroy description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group OAuth Source Connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/oauth/{id}/used_by/: get: operationId: sources_group_connections_oauth_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group OAuth Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/plex/: get: operationId: sources_group_connections_plex_list description: Group-source connection Viewset parameters: - in: query name: group schema: type: string format: uuid - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGroupPlexSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_group_connections_plex_create description: Group-source connection Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupPlexSourceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/GroupPlexSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/plex/{id}/: get: operationId: sources_group_connections_plex_retrieve description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group Plex Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupPlexSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_group_connections_plex_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group Plex Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupPlexSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupPlexSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_group_connections_plex_partial_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group Plex Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedGroupPlexSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupPlexSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_group_connections_plex_destroy description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group Plex Source Connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/plex/{id}/used_by/: get: operationId: sources_group_connections_plex_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group Plex Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/saml/: get: operationId: sources_group_connections_saml_list description: Group-source connection Viewset parameters: - in: query name: group schema: type: string format: uuid - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedGroupSAMLSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_group_connections_saml_create description: Group-source connection Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupSAMLSourceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/GroupSAMLSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/saml/{id}/: get: operationId: sources_group_connections_saml_retrieve description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group SAML Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupSAMLSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_group_connections_saml_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group SAML Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/GroupSAMLSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupSAMLSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_group_connections_saml_partial_update description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group SAML Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedGroupSAMLSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/GroupSAMLSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_group_connections_saml_destroy description: Group-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group SAML Source Connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/group_connections/saml/{id}/used_by/: get: operationId: sources_group_connections_saml_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Group SAML Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/kerberos/: get: operationId: sources_kerberos_list description: Kerberos Source Viewset parameters: - in: query name: enabled schema: type: boolean - in: query name: kadmin_type schema: type: string enum: - Heimdal - MIT - other description: |+ KAdmin server type - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: password_login_update_internal_password schema: type: boolean - in: query name: pbm_uuid schema: type: string format: uuid - in: query name: realm schema: type: string - name: search required: false in: query description: A search term. schema: type: string - in: query name: slug schema: type: string - in: query name: spnego_server_name schema: type: string - in: query name: sync_principal schema: type: string - in: query name: sync_users schema: type: boolean - in: query name: sync_users_password schema: type: boolean tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedKerberosSourceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_kerberos_create description: Kerberos Source Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/KerberosSourceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/KerberosSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/kerberos/{slug}/: get: operationId: sources_kerberos_retrieve description: Kerberos Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/KerberosSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_kerberos_update description: Kerberos Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/KerberosSourceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/KerberosSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_kerberos_partial_update description: Kerberos Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedKerberosSourceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/KerberosSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_kerberos_destroy description: Kerberos Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/kerberos/{slug}/sync/status/: get: operationId: sources_kerberos_sync_status_retrieve description: Get source's sync status parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/KerberosSyncStatus' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/kerberos/{slug}/used_by/: get: operationId: sources_kerberos_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/ldap/: get: operationId: sources_ldap_list description: LDAP Source Viewset parameters: - in: query name: additional_group_dn schema: type: string - in: query name: additional_user_dn schema: type: string - in: query name: base_dn schema: type: string - in: query name: bind_cn schema: type: string - in: query name: client_certificate schema: type: string format: uuid - in: query name: delete_not_found_objects schema: type: boolean - in: query name: enabled schema: type: boolean - in: query name: group_membership_field schema: type: string - in: query name: group_object_filter schema: type: string - in: query name: group_property_mappings schema: type: array items: type: string format: uuid explode: true style: form - in: query name: lookup_groups_from_user schema: type: boolean - in: query name: name schema: type: string - in: query name: object_uniqueness_field schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: password_login_update_internal_password schema: type: boolean - in: query name: pbm_uuid schema: type: string format: uuid - in: query name: peer_certificate schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string - in: query name: server_uri schema: type: string - in: query name: slug schema: type: string - in: query name: sni schema: type: boolean - in: query name: start_tls schema: type: boolean - in: query name: sync_groups schema: type: boolean - in: query name: sync_parent_group schema: type: string format: uuid - in: query name: sync_users schema: type: boolean - in: query name: sync_users_password schema: type: boolean - in: query name: user_membership_attribute schema: type: string - in: query name: user_object_filter schema: type: string - in: query name: user_property_mappings schema: type: array items: type: string format: uuid explode: true style: form tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedLDAPSourceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_ldap_create description: LDAP Source Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/LDAPSourceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/LDAPSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/ldap/{slug}/: get: operationId: sources_ldap_retrieve description: LDAP Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LDAPSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_ldap_update description: LDAP Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/LDAPSourceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LDAPSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_ldap_partial_update description: LDAP Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedLDAPSourceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LDAPSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_ldap_destroy description: LDAP Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/ldap/{slug}/debug/: get: operationId: sources_ldap_debug_retrieve description: Get raw LDAP data to debug parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/LDAPDebug' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/ldap/{slug}/sync/status/: get: operationId: sources_ldap_sync_status_retrieve description: Get source's sync status parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SyncStatus' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/ldap/{slug}/used_by/: get: operationId: sources_ldap_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/oauth/: get: operationId: sources_oauth_list description: Source Viewset parameters: - in: query name: access_token_url schema: type: string - in: query name: additional_scopes schema: type: string - in: query name: authentication_flow schema: type: string format: uuid - in: query name: authorization_url schema: type: string - in: query name: consumer_key schema: type: string - in: query name: enabled schema: type: boolean - in: query name: enrollment_flow schema: type: string format: uuid - in: query name: group_matching_mode schema: type: string enum: - identifier - name_deny - name_link description: |+ How the source determines if an existing group should be used or a new group created. - in: query name: has_jwks schema: type: boolean description: Only return sources with JWKS data - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: pbm_uuid schema: type: string format: uuid - in: query name: policy_engine_mode schema: type: string enum: - all - any - in: query name: profile_url schema: type: string - in: query name: provider_type schema: type: string - in: query name: request_token_url schema: type: string - name: search required: false in: query description: A search term. schema: type: string - in: query name: slug schema: type: string - in: query name: user_matching_mode schema: type: string enum: - email_deny - email_link - identifier - username_deny - username_link description: |+ How the source determines if an existing user should be authenticated or a new user enrolled. tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedOAuthSourceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_oauth_create description: Source Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/OAuthSourceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/OAuthSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/oauth/{slug}/: get: operationId: sources_oauth_retrieve description: Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/OAuthSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_oauth_update description: Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/OAuthSourceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/OAuthSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_oauth_partial_update description: Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedOAuthSourceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/OAuthSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_oauth_destroy description: Source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/oauth/{slug}/used_by/: get: operationId: sources_oauth_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/oauth/source_types/: get: operationId: sources_oauth_source_types_list description: |- Get all creatable source types. If ?name is set, only returns the type for . If isn't found, returns the default type. parameters: - in: query name: name schema: type: string tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/SourceType' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/plex/: get: operationId: sources_plex_list description: Plex source Viewset parameters: - in: query name: allow_friends schema: type: boolean - in: query name: authentication_flow schema: type: string format: uuid - in: query name: client_id schema: type: string - in: query name: enabled schema: type: boolean - in: query name: enrollment_flow schema: type: string format: uuid - in: query name: group_matching_mode schema: type: string enum: - identifier - name_deny - name_link description: |+ How the source determines if an existing group should be used or a new group created. - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: pbm_uuid schema: type: string format: uuid - in: query name: policy_engine_mode schema: type: string enum: - all - any - name: search required: false in: query description: A search term. schema: type: string - in: query name: slug schema: type: string - in: query name: user_matching_mode schema: type: string enum: - email_deny - email_link - identifier - username_deny - username_link description: |+ How the source determines if an existing user should be authenticated or a new user enrolled. tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedPlexSourceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_plex_create description: Plex source Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PlexSourceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/PlexSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/plex/{slug}/: get: operationId: sources_plex_retrieve description: Plex source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PlexSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_plex_update description: Plex source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PlexSourceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PlexSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_plex_partial_update description: Plex source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedPlexSourceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PlexSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_plex_destroy description: Plex source Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/plex/{slug}/used_by/: get: operationId: sources_plex_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/plex/redeem_token/: post: operationId: sources_plex_redeem_token_create description: |- Redeem a plex token, check it's access to resources against what's allowed for the source, and redirect to an authentication/enrollment flow. parameters: - in: query name: slug schema: type: string tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PlexTokenRedeemRequest' required: true security: - authentik: [] - {} responses: '200': content: application/json: schema: $ref: '#/components/schemas/RedirectChallenge' description: '' '400': description: Token not found '403': description: Access denied /sources/plex/redeem_token_authenticated/: post: operationId: sources_plex_redeem_token_authenticated_create description: Redeem a plex token for an authenticated user, creating a connection parameters: - in: query name: slug schema: type: string tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PlexTokenRedeemRequest' required: true security: - authentik: [] responses: '204': description: No response body '400': description: Token not found '403': description: Access denied /sources/saml/: get: operationId: sources_saml_list description: SAMLSource Viewset parameters: - in: query name: allow_idp_initiated schema: type: boolean - in: query name: authentication_flow schema: type: string format: uuid - in: query name: binding_type schema: type: string enum: - POST - POST_AUTO - REDIRECT - in: query name: digest_algorithm schema: type: string enum: - http://www.w3.org/2000/09/xmldsig#sha1 - http://www.w3.org/2001/04/xmldsig-more#sha384 - http://www.w3.org/2001/04/xmlenc#sha256 - http://www.w3.org/2001/04/xmlenc#sha512 - in: query name: enabled schema: type: boolean - in: query name: enrollment_flow schema: type: string format: uuid - in: query name: issuer schema: type: string - in: query name: managed schema: type: string - in: query name: name schema: type: string - in: query name: name_id_policy schema: type: string enum: - urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent - urn:oasis:names:tc:SAML:2.0:nameid-format:transient description: |+ NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: pbm_uuid schema: type: string format: uuid - in: query name: policy_engine_mode schema: type: string enum: - all - any - in: query name: pre_authentication_flow schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string - in: query name: signature_algorithm schema: type: string enum: - http://www.w3.org/2000/09/xmldsig#dsa-sha1 - http://www.w3.org/2000/09/xmldsig#rsa-sha1 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512 - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 - in: query name: signing_kp schema: type: string format: uuid - in: query name: slo_url schema: type: string - in: query name: slug schema: type: string - in: query name: sso_url schema: type: string - in: query name: temporary_user_delete_after schema: type: string - in: query name: user_matching_mode schema: type: string enum: - email_deny - email_link - identifier - username_deny - username_link description: |+ How the source determines if an existing user should be authenticated or a new user enrolled. - in: query name: verification_kp schema: type: string format: uuid tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSAMLSourceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_saml_create description: SAMLSource Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/SAMLSourceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SAMLSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/saml/{slug}/: get: operationId: sources_saml_retrieve description: SAMLSource Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_saml_update description: SAMLSource Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/SAMLSourceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_saml_partial_update description: SAMLSource Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSAMLSourceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_saml_destroy description: SAMLSource Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/saml/{slug}/metadata/: get: operationId: sources_saml_metadata_retrieve description: Return metadata as XML string parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SAMLMetadata' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/saml/{slug}/used_by/: get: operationId: sources_saml_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/scim/: get: operationId: sources_scim_list description: SCIMSource Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: pbm_uuid schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string - in: query name: slug schema: type: string tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSCIMSourceList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_scim_create description: SCIMSource Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMSourceRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SCIMSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/scim/{slug}/: get: operationId: sources_scim_retrieve description: SCIMSource Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_scim_update description: SCIMSource Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMSourceRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_scim_partial_update description: SCIMSource Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSCIMSourceRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSource' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_scim_destroy description: SCIMSource Viewset parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/scim/{slug}/used_by/: get: operationId: sources_scim_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: slug schema: type: string description: Internal source name, used in URLs. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/scim_groups/: get: operationId: sources_scim_groups_list description: SCIMSourceGroup Viewset parameters: - in: query name: group__group_uuid schema: type: string format: uuid - in: query name: group__name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSCIMSourceGroupList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_scim_groups_create description: SCIMSourceGroup Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMSourceGroupRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SCIMSourceGroup' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/scim_groups/{id}/: get: operationId: sources_scim_groups_retrieve description: SCIMSourceGroup Viewset parameters: - in: path name: id schema: type: string description: A unique value identifying this scim source group. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSourceGroup' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_scim_groups_update description: SCIMSourceGroup Viewset parameters: - in: path name: id schema: type: string description: A unique value identifying this scim source group. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMSourceGroupRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSourceGroup' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_scim_groups_partial_update description: SCIMSourceGroup Viewset parameters: - in: path name: id schema: type: string description: A unique value identifying this scim source group. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSCIMSourceGroupRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSourceGroup' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_scim_groups_destroy description: SCIMSourceGroup Viewset parameters: - in: path name: id schema: type: string description: A unique value identifying this scim source group. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/scim_groups/{id}/used_by/: get: operationId: sources_scim_groups_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: string description: A unique value identifying this scim source group. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/scim_users/: get: operationId: sources_scim_users_list description: SCIMSourceUser Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string - in: query name: user__id schema: type: integer - in: query name: user__username schema: type: string tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSCIMSourceUserList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_scim_users_create description: SCIMSourceUser Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMSourceUserRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SCIMSourceUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/scim_users/{id}/: get: operationId: sources_scim_users_retrieve description: SCIMSourceUser Viewset parameters: - in: path name: id schema: type: string description: A unique value identifying this scim source user. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSourceUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_scim_users_update description: SCIMSourceUser Viewset parameters: - in: path name: id schema: type: string description: A unique value identifying this scim source user. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/SCIMSourceUserRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSourceUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_scim_users_partial_update description: SCIMSourceUser Viewset parameters: - in: path name: id schema: type: string description: A unique value identifying this scim source user. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSCIMSourceUserRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SCIMSourceUser' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_scim_users_destroy description: SCIMSourceUser Viewset parameters: - in: path name: id schema: type: string description: A unique value identifying this scim source user. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/scim_users/{id}/used_by/: get: operationId: sources_scim_users_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: string description: A unique value identifying this scim source user. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/all/: get: operationId: sources_user_connections_all_list description: User-source connection Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string - in: query name: user schema: type: integer tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/all/{id}/: get: operationId: sources_user_connections_all_retrieve description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this user source connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_user_connections_all_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this user source connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/UserSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_user_connections_all_partial_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this user source connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUserSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_user_connections_all_destroy description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this user source connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/all/{id}/used_by/: get: operationId: sources_user_connections_all_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this user source connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/kerberos/: get: operationId: sources_user_connections_kerberos_list description: User-source connection Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string - in: query name: user schema: type: integer tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserKerberosSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_user_connections_kerberos_create description: User-source connection Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/UserKerberosSourceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserKerberosSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/kerberos/{id}/: get: operationId: sources_user_connections_kerberos_retrieve description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Kerberos Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserKerberosSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_user_connections_kerberos_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Kerberos Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/UserKerberosSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserKerberosSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_user_connections_kerberos_partial_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Kerberos Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUserKerberosSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserKerberosSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_user_connections_kerberos_destroy description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Kerberos Source Connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/kerberos/{id}/used_by/: get: operationId: sources_user_connections_kerberos_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Kerberos Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/ldap/: get: operationId: sources_user_connections_ldap_list description: User-source connection Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string - in: query name: user schema: type: integer tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserLDAPSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_user_connections_ldap_create description: User-source connection Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/UserLDAPSourceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserLDAPSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/ldap/{id}/: get: operationId: sources_user_connections_ldap_retrieve description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User LDAP Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserLDAPSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_user_connections_ldap_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User LDAP Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/UserLDAPSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserLDAPSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_user_connections_ldap_partial_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User LDAP Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUserLDAPSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserLDAPSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_user_connections_ldap_destroy description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User LDAP Source Connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/ldap/{id}/used_by/: get: operationId: sources_user_connections_ldap_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User LDAP Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/oauth/: get: operationId: sources_user_connections_oauth_list description: User-source connection Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string - in: query name: user schema: type: integer tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserOAuthSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_user_connections_oauth_create description: User-source connection Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserOAuthSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/oauth/{id}/: get: operationId: sources_user_connections_oauth_retrieve description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User OAuth Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserOAuthSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_user_connections_oauth_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User OAuth Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserOAuthSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_user_connections_oauth_partial_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User OAuth Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserOAuthSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_user_connections_oauth_destroy description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User OAuth Source Connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/oauth/{id}/used_by/: get: operationId: sources_user_connections_oauth_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User OAuth Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/plex/: get: operationId: sources_user_connections_plex_list description: User-source connection Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string - in: query name: user schema: type: integer tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserPlexSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_user_connections_plex_create description: User-source connection Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/UserPlexSourceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserPlexSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/plex/{id}/: get: operationId: sources_user_connections_plex_retrieve description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Plex Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserPlexSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_user_connections_plex_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Plex Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/UserPlexSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserPlexSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_user_connections_plex_partial_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Plex Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUserPlexSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserPlexSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_user_connections_plex_destroy description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Plex Source Connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/plex/{id}/used_by/: get: operationId: sources_user_connections_plex_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User Plex Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/saml/: get: operationId: sources_user_connections_saml_list description: User-source connection Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: source__slug schema: type: string - in: query name: user schema: type: integer tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserSAMLSourceConnectionList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: sources_user_connections_saml_create description: User-source connection Viewset tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/UserSAMLSourceConnectionRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserSAMLSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/saml/{id}/: get: operationId: sources_user_connections_saml_retrieve description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User SAML Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserSAMLSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: sources_user_connections_saml_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User SAML Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/UserSAMLSourceConnectionRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserSAMLSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: sources_user_connections_saml_partial_update description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User SAML Source Connection. required: true tags: - sources requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUserSAMLSourceConnectionRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserSAMLSourceConnection' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: sources_user_connections_saml_destroy description: User-source connection Viewset parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User SAML Source Connection. required: true tags: - sources security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /sources/user_connections/saml/{id}/used_by/: get: operationId: sources_user_connections_saml_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this User SAML Source Connection. required: true tags: - sources security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /ssf/streams/: get: operationId: ssf_streams_list description: SSFStream Viewset parameters: - in: query name: delivery_method schema: type: string enum: - https://schemas.openid.net/secevent/risc/delivery-method/poll - https://schemas.openid.net/secevent/risc/delivery-method/push - in: query name: endpoint_url schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - ssf security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSSFStreamList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /ssf/streams/{uuid}/: get: operationId: ssf_streams_retrieve description: SSFStream Viewset parameters: - in: path name: uuid schema: type: string format: uuid description: A UUID string identifying this SSF Stream. required: true tags: - ssf security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SSFStream' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/all/: get: operationId: stages_all_list description: Stage Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/all/{stage_uuid}/: get: operationId: stages_all_retrieve description: Stage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Stage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_all_destroy description: Stage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/all/{stage_uuid}/used_by/: get: operationId: stages_all_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/all/types/: get: operationId: stages_all_types_list description: Get all creatable types tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/TypeCreate' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/all/user_settings/: get: operationId: stages_all_user_settings_list description: Get all stages the user can configure tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UserSetting' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/duo/: get: operationId: stages_authenticator_duo_list description: AuthenticatorDuoStage Viewset parameters: - in: query name: api_hostname schema: type: string - in: query name: client_id schema: type: string - in: query name: configure_flow schema: type: string format: uuid - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedAuthenticatorDuoStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_authenticator_duo_create description: AuthenticatorDuoStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorDuoStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorDuoStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/duo/{stage_uuid}/: get: operationId: stages_authenticator_duo_retrieve description: AuthenticatorDuoStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Duo Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorDuoStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_authenticator_duo_update description: AuthenticatorDuoStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Duo Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorDuoStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorDuoStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_authenticator_duo_partial_update description: AuthenticatorDuoStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Duo Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedAuthenticatorDuoStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorDuoStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_authenticator_duo_destroy description: AuthenticatorDuoStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Duo Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/duo/{stage_uuid}/enrollment_status/: post: operationId: stages_authenticator_duo_enrollment_status_create description: Check enrollment status of user details in current session parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Duo Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DuoDeviceEnrollmentStatus' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/duo/{stage_uuid}/import_device_manual/: post: operationId: stages_authenticator_duo_import_device_manual_create description: Import duo devices into authentik parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Duo Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorDuoStageManualDeviceImportRequest' required: true security: - authentik: [] responses: '204': description: Enrollment successful '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/duo/{stage_uuid}/import_devices_automatic/: post: operationId: stages_authenticator_duo_import_devices_automatic_create description: Import duo devices into authentik parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Duo Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorDuoStageDeviceImportResponse' description: '' '400': description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/duo/{stage_uuid}/used_by/: get: operationId: stages_authenticator_duo_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Duo Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/email/: get: operationId: stages_authenticator_email_list description: AuthenticatorEmailStage Viewset parameters: - in: query name: configure_flow schema: type: string format: uuid - in: query name: friendly_name schema: type: string - in: query name: from_address schema: type: string - in: query name: host schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: password schema: type: string - in: query name: port schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid - in: query name: subject schema: type: string - in: query name: template schema: type: string - in: query name: timeout schema: type: integer - in: query name: token_expiry schema: type: string - in: query name: use_global_settings schema: type: boolean - in: query name: use_ssl schema: type: boolean - in: query name: use_tls schema: type: boolean - in: query name: username schema: type: string tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedAuthenticatorEmailStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_authenticator_email_create description: AuthenticatorEmailStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEmailStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEmailStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/email/{stage_uuid}/: get: operationId: stages_authenticator_email_retrieve description: AuthenticatorEmailStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Email Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEmailStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_authenticator_email_update description: AuthenticatorEmailStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Email Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEmailStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEmailStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_authenticator_email_partial_update description: AuthenticatorEmailStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Email Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedAuthenticatorEmailStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEmailStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_authenticator_email_destroy description: AuthenticatorEmailStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Email Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/email/{stage_uuid}/used_by/: get: operationId: stages_authenticator_email_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Email Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/endpoint_gdtc/: get: operationId: stages_authenticator_endpoint_gdtc_list description: AuthenticatorEndpointGDTCStage Viewset parameters: - in: query name: configure_flow schema: type: string format: uuid - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedAuthenticatorEndpointGDTCStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_authenticator_endpoint_gdtc_create description: AuthenticatorEndpointGDTCStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEndpointGDTCStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEndpointGDTCStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/endpoint_gdtc/{stage_uuid}/: get: operationId: stages_authenticator_endpoint_gdtc_retrieve description: AuthenticatorEndpointGDTCStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Endpoint Authenticator Google Device Trust Connector Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEndpointGDTCStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_authenticator_endpoint_gdtc_update description: AuthenticatorEndpointGDTCStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Endpoint Authenticator Google Device Trust Connector Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEndpointGDTCStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEndpointGDTCStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_authenticator_endpoint_gdtc_partial_update description: AuthenticatorEndpointGDTCStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Endpoint Authenticator Google Device Trust Connector Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedAuthenticatorEndpointGDTCStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorEndpointGDTCStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_authenticator_endpoint_gdtc_destroy description: AuthenticatorEndpointGDTCStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Endpoint Authenticator Google Device Trust Connector Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/endpoint_gdtc/{stage_uuid}/used_by/: get: operationId: stages_authenticator_endpoint_gdtc_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Endpoint Authenticator Google Device Trust Connector Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/sms/: get: operationId: stages_authenticator_sms_list description: AuthenticatorSMSStage Viewset parameters: - in: query name: account_sid schema: type: string - in: query name: auth schema: type: string - in: query name: auth_password schema: type: string - in: query name: auth_type schema: type: string enum: - basic - bearer - in: query name: configure_flow schema: type: string format: uuid - in: query name: friendly_name schema: type: string - in: query name: from_number schema: type: string - in: query name: mapping schema: type: string format: uuid - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: provider schema: type: string enum: - generic - twilio - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid - in: query name: verify_only schema: type: boolean tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedAuthenticatorSMSStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_authenticator_sms_create description: AuthenticatorSMSStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorSMSStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorSMSStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/sms/{stage_uuid}/: get: operationId: stages_authenticator_sms_retrieve description: AuthenticatorSMSStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this SMS Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorSMSStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_authenticator_sms_update description: AuthenticatorSMSStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this SMS Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorSMSStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorSMSStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_authenticator_sms_partial_update description: AuthenticatorSMSStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this SMS Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedAuthenticatorSMSStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorSMSStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_authenticator_sms_destroy description: AuthenticatorSMSStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this SMS Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/sms/{stage_uuid}/used_by/: get: operationId: stages_authenticator_sms_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this SMS Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/static/: get: operationId: stages_authenticator_static_list description: AuthenticatorStaticStage Viewset parameters: - in: query name: configure_flow schema: type: string format: uuid - in: query name: friendly_name schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid - in: query name: token_count schema: type: integer - in: query name: token_length schema: type: integer tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedAuthenticatorStaticStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_authenticator_static_create description: AuthenticatorStaticStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorStaticStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorStaticStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/static/{stage_uuid}/: get: operationId: stages_authenticator_static_retrieve description: AuthenticatorStaticStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Static Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorStaticStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_authenticator_static_update description: AuthenticatorStaticStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Static Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorStaticStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorStaticStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_authenticator_static_partial_update description: AuthenticatorStaticStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Static Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorStaticStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_authenticator_static_destroy description: AuthenticatorStaticStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Static Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/static/{stage_uuid}/used_by/: get: operationId: stages_authenticator_static_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Static Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/totp/: get: operationId: stages_authenticator_totp_list description: AuthenticatorTOTPStage Viewset parameters: - in: query name: configure_flow schema: type: string format: uuid - in: query name: digits schema: type: string enum: - '6' - '8' - in: query name: friendly_name schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_authenticator_totp_create description: AuthenticatorTOTPStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorTOTPStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/totp/{stage_uuid}/: get: operationId: stages_authenticator_totp_retrieve description: AuthenticatorTOTPStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this TOTP Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorTOTPStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_authenticator_totp_update description: AuthenticatorTOTPStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this TOTP Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorTOTPStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_authenticator_totp_partial_update description: AuthenticatorTOTPStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this TOTP Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorTOTPStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_authenticator_totp_destroy description: AuthenticatorTOTPStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this TOTP Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/totp/{stage_uuid}/used_by/: get: operationId: stages_authenticator_totp_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this TOTP Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/validate/: get: operationId: stages_authenticator_validate_list description: AuthenticatorValidateStage Viewset parameters: - in: query name: configuration_stages schema: type: array items: type: string format: uuid explode: true style: form - in: query name: name schema: type: string - in: query name: not_configured_action schema: type: string enum: - configure - deny - skip - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_authenticator_validate_create description: AuthenticatorValidateStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorValidateStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorValidateStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/validate/{stage_uuid}/: get: operationId: stages_authenticator_validate_retrieve description: AuthenticatorValidateStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Authenticator Validation Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorValidateStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_authenticator_validate_update description: AuthenticatorValidateStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Authenticator Validation Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorValidateStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorValidateStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_authenticator_validate_partial_update description: AuthenticatorValidateStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Authenticator Validation Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorValidateStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_authenticator_validate_destroy description: AuthenticatorValidateStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Authenticator Validation Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/validate/{stage_uuid}/used_by/: get: operationId: stages_authenticator_validate_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Authenticator Validation Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/webauthn/: get: operationId: stages_authenticator_webauthn_list description: AuthenticatorWebAuthnStage Viewset parameters: - in: query name: authenticator_attachment schema: type: string nullable: true enum: - cross-platform - platform - in: query name: configure_flow schema: type: string format: uuid - in: query name: device_type_restrictions schema: type: array items: type: string format: uuid explode: true style: form - in: query name: friendly_name schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: resident_key_requirement schema: type: string enum: - discouraged - preferred - required - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid - in: query name: user_verification schema: type: string enum: - discouraged - preferred - required tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedAuthenticatorWebAuthnStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_authenticator_webauthn_create description: AuthenticatorWebAuthnStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorWebAuthnStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorWebAuthnStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/webauthn/{stage_uuid}/: get: operationId: stages_authenticator_webauthn_retrieve description: AuthenticatorWebAuthnStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this WebAuthn Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorWebAuthnStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_authenticator_webauthn_update description: AuthenticatorWebAuthnStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this WebAuthn Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticatorWebAuthnStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorWebAuthnStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_authenticator_webauthn_partial_update description: AuthenticatorWebAuthnStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this WebAuthn Authenticator Setup Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedAuthenticatorWebAuthnStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthenticatorWebAuthnStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_authenticator_webauthn_destroy description: AuthenticatorWebAuthnStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this WebAuthn Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/webauthn/{stage_uuid}/used_by/: get: operationId: stages_authenticator_webauthn_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this WebAuthn Authenticator Setup Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/webauthn_device_types/: get: operationId: stages_authenticator_webauthn_device_types_list description: WebAuthnDeviceType Viewset parameters: - in: query name: aaguid schema: type: string format: uuid - in: query name: description schema: type: string - in: query name: icon schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedWebAuthnDeviceTypeList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/authenticator/webauthn_device_types/{aaguid}/: get: operationId: stages_authenticator_webauthn_device_types_retrieve description: WebAuthnDeviceType Viewset parameters: - in: path name: aaguid schema: type: string format: uuid description: A UUID string identifying this WebAuthn Device type. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/WebAuthnDeviceType' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/captcha/: get: operationId: stages_captcha_list description: CaptchaStage Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: public_key schema: type: string - name: search required: false in: query description: A search term. schema: type: string tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedCaptchaStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_captcha_create description: CaptchaStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/CaptchaStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/CaptchaStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/captcha/{stage_uuid}/: get: operationId: stages_captcha_retrieve description: CaptchaStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Captcha Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/CaptchaStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_captcha_update description: CaptchaStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Captcha Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/CaptchaStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/CaptchaStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_captcha_partial_update description: CaptchaStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Captcha Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedCaptchaStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/CaptchaStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_captcha_destroy description: CaptchaStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Captcha Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/captcha/{stage_uuid}/used_by/: get: operationId: stages_captcha_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Captcha Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/consent/: get: operationId: stages_consent_list description: ConsentStage Viewset parameters: - in: query name: consent_expire_in schema: type: string - in: query name: mode schema: type: string enum: - always_require - expiring - permanent - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedConsentStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_consent_create description: ConsentStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/ConsentStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/ConsentStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/consent/{stage_uuid}/: get: operationId: stages_consent_retrieve description: ConsentStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Consent Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConsentStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_consent_update description: ConsentStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Consent Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/ConsentStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConsentStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_consent_partial_update description: ConsentStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Consent Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedConsentStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConsentStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_consent_destroy description: ConsentStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Consent Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/consent/{stage_uuid}/used_by/: get: operationId: stages_consent_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Consent Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/deny/: get: operationId: stages_deny_list description: DenyStage Viewset parameters: - in: query name: deny_message schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedDenyStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_deny_create description: DenyStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/DenyStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/DenyStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/deny/{stage_uuid}/: get: operationId: stages_deny_retrieve description: DenyStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Deny Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DenyStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_deny_update description: DenyStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Deny Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/DenyStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DenyStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_deny_partial_update description: DenyStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Deny Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedDenyStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DenyStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_deny_destroy description: DenyStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Deny Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/deny/{stage_uuid}/used_by/: get: operationId: stages_deny_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Deny Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/dummy/: get: operationId: stages_dummy_list description: DummyStage Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid - in: query name: throw_error schema: type: boolean tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedDummyStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_dummy_create description: DummyStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/DummyStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/DummyStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/dummy/{stage_uuid}/: get: operationId: stages_dummy_retrieve description: DummyStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Dummy Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DummyStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_dummy_update description: DummyStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Dummy Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/DummyStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DummyStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_dummy_partial_update description: DummyStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Dummy Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedDummyStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/DummyStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_dummy_destroy description: DummyStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Dummy Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/dummy/{stage_uuid}/used_by/: get: operationId: stages_dummy_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Dummy Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/email/: get: operationId: stages_email_list description: EmailStage Viewset parameters: - in: query name: activate_user_on_success schema: type: boolean - in: query name: from_address schema: type: string - in: query name: host schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: port schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: subject schema: type: string - in: query name: template schema: type: string - in: query name: timeout schema: type: integer - in: query name: token_expiry schema: type: string - in: query name: use_global_settings schema: type: boolean - in: query name: use_ssl schema: type: boolean - in: query name: use_tls schema: type: boolean - in: query name: username schema: type: string tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedEmailStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_email_create description: EmailStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/EmailStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/EmailStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/email/{stage_uuid}/: get: operationId: stages_email_retrieve description: EmailStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Email Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EmailStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_email_update description: EmailStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Email Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/EmailStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EmailStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_email_partial_update description: EmailStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Email Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedEmailStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/EmailStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_email_destroy description: EmailStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Email Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/email/{stage_uuid}/used_by/: get: operationId: stages_email_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Email Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/email/templates/: get: operationId: stages_email_templates_list description: Get all available templates, including custom templates tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/TypeCreate' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/identification/: get: operationId: stages_identification_list description: IdentificationStage Viewset parameters: - in: query name: captcha_stage schema: type: string format: uuid - in: query name: case_insensitive_matching schema: type: boolean - in: query name: enrollment_flow schema: type: string format: uuid - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: password_stage schema: type: string format: uuid - in: query name: passwordless_flow schema: type: string format: uuid - in: query name: recovery_flow schema: type: string format: uuid - name: search required: false in: query description: A search term. schema: type: string - in: query name: show_matched_user schema: type: boolean - in: query name: show_source_labels schema: type: boolean tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedIdentificationStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_identification_create description: IdentificationStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/IdentificationStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/IdentificationStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/identification/{stage_uuid}/: get: operationId: stages_identification_retrieve description: IdentificationStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Identification Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/IdentificationStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_identification_update description: IdentificationStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Identification Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/IdentificationStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/IdentificationStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_identification_partial_update description: IdentificationStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Identification Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedIdentificationStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/IdentificationStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_identification_destroy description: IdentificationStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Identification Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/identification/{stage_uuid}/used_by/: get: operationId: stages_identification_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Identification Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/invitation/invitations/: get: operationId: stages_invitation_invitations_list description: Invitation Viewset parameters: - in: query name: created_by__username schema: type: string - in: query name: expires schema: type: string format: date-time - in: query name: flow__slug schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedInvitationList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_invitation_invitations_create description: Invitation Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/InvitationRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/Invitation' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/invitation/invitations/{invite_uuid}/: get: operationId: stages_invitation_invitations_retrieve description: Invitation Viewset parameters: - in: path name: invite_uuid schema: type: string format: uuid description: A UUID string identifying this Invitation. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Invitation' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_invitation_invitations_update description: Invitation Viewset parameters: - in: path name: invite_uuid schema: type: string format: uuid description: A UUID string identifying this Invitation. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/InvitationRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Invitation' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_invitation_invitations_partial_update description: Invitation Viewset parameters: - in: path name: invite_uuid schema: type: string format: uuid description: A UUID string identifying this Invitation. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedInvitationRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Invitation' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_invitation_invitations_destroy description: Invitation Viewset parameters: - in: path name: invite_uuid schema: type: string format: uuid description: A UUID string identifying this Invitation. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/invitation/invitations/{invite_uuid}/used_by/: get: operationId: stages_invitation_invitations_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: invite_uuid schema: type: string format: uuid description: A UUID string identifying this Invitation. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/invitation/stages/: get: operationId: stages_invitation_stages_list description: InvitationStage Viewset parameters: - in: query name: continue_flow_without_invitation schema: type: boolean - in: query name: name schema: type: string - in: query name: no_flows schema: type: boolean - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedInvitationStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_invitation_stages_create description: InvitationStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/InvitationStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/InvitationStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/invitation/stages/{stage_uuid}/: get: operationId: stages_invitation_stages_retrieve description: InvitationStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Invitation Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/InvitationStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_invitation_stages_update description: InvitationStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Invitation Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/InvitationStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/InvitationStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_invitation_stages_partial_update description: InvitationStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Invitation Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedInvitationStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/InvitationStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_invitation_stages_destroy description: InvitationStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Invitation Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/invitation/stages/{stage_uuid}/used_by/: get: operationId: stages_invitation_stages_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Invitation Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/mtls/: get: operationId: stages_mtls_list description: MutualTLSStage Viewset parameters: - in: query name: cert_attribute schema: type: string enum: - common_name - email - subject - in: query name: certificate_authorities schema: type: array items: type: string format: uuid explode: true style: form - in: query name: mode schema: type: string enum: - optional - required - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid - in: query name: user_attribute schema: type: string enum: - email - username tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedMutualTLSStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_mtls_create description: MutualTLSStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/MutualTLSStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/MutualTLSStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/mtls/{stage_uuid}/: get: operationId: stages_mtls_retrieve description: MutualTLSStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Mutual TLS Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/MutualTLSStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_mtls_update description: MutualTLSStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Mutual TLS Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/MutualTLSStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/MutualTLSStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_mtls_partial_update description: MutualTLSStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Mutual TLS Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedMutualTLSStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/MutualTLSStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_mtls_destroy description: MutualTLSStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Mutual TLS Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/mtls/{stage_uuid}/used_by/: get: operationId: stages_mtls_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Mutual TLS Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/password/: get: operationId: stages_password_list description: PasswordStage Viewset parameters: - in: query name: allow_show_password schema: type: boolean - in: query name: configure_flow schema: type: string format: uuid - in: query name: failed_attempts_before_cancel schema: type: integer - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedPasswordStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_password_create description: PasswordStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PasswordStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/PasswordStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/password/{stage_uuid}/: get: operationId: stages_password_retrieve description: PasswordStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Password Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PasswordStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_password_update description: PasswordStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Password Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PasswordStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PasswordStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_password_partial_update description: PasswordStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Password Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedPasswordStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PasswordStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_password_destroy description: PasswordStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Password Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/password/{stage_uuid}/used_by/: get: operationId: stages_password_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Password Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/prompt/prompts/: get: operationId: stages_prompt_prompts_list description: Prompt Viewset parameters: - in: query name: field_key schema: type: string - in: query name: label schema: type: string - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: placeholder schema: type: string - name: search required: false in: query description: A search term. schema: type: string - in: query name: type schema: type: string enum: - ak-locale - checkbox - date - date-time - dropdown - email - file - hidden - number - password - radio-button-group - separator - static - text - text_area - text_area_read_only - text_read_only - username tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedPromptList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_prompt_prompts_create description: Prompt Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PromptRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/Prompt' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/prompt/prompts/{prompt_uuid}/: get: operationId: stages_prompt_prompts_retrieve description: Prompt Viewset parameters: - in: path name: prompt_uuid schema: type: string format: uuid description: A UUID string identifying this Prompt. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Prompt' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_prompt_prompts_update description: Prompt Viewset parameters: - in: path name: prompt_uuid schema: type: string format: uuid description: A UUID string identifying this Prompt. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PromptRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Prompt' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_prompt_prompts_partial_update description: Prompt Viewset parameters: - in: path name: prompt_uuid schema: type: string format: uuid description: A UUID string identifying this Prompt. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedPromptRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/Prompt' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_prompt_prompts_destroy description: Prompt Viewset parameters: - in: path name: prompt_uuid schema: type: string format: uuid description: A UUID string identifying this Prompt. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/prompt/prompts/{prompt_uuid}/used_by/: get: operationId: stages_prompt_prompts_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: prompt_uuid schema: type: string format: uuid description: A UUID string identifying this Prompt. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/prompt/prompts/preview/: post: operationId: stages_prompt_prompts_preview_create description: Preview a prompt as a challenge, just like a flow would receive tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PromptRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PromptChallenge' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/prompt/stages/: get: operationId: stages_prompt_stages_list description: PromptStage Viewset parameters: - in: query name: fields schema: type: array items: type: string format: uuid explode: true style: form - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid - in: query name: validation_policies schema: type: array items: type: string format: uuid explode: true style: form tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedPromptStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_prompt_stages_create description: PromptStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PromptStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/PromptStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/prompt/stages/{stage_uuid}/: get: operationId: stages_prompt_stages_retrieve description: PromptStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Prompt Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PromptStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_prompt_stages_update description: PromptStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Prompt Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PromptStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PromptStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_prompt_stages_partial_update description: PromptStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Prompt Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedPromptStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PromptStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_prompt_stages_destroy description: PromptStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Prompt Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/prompt/stages/{stage_uuid}/used_by/: get: operationId: stages_prompt_stages_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Prompt Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/redirect/: get: operationId: stages_redirect_list description: RedirectStage Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedRedirectStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_redirect_create description: RedirectStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/RedirectStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/RedirectStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/redirect/{stage_uuid}/: get: operationId: stages_redirect_retrieve description: RedirectStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Redirect Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RedirectStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_redirect_update description: RedirectStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Redirect Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/RedirectStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RedirectStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_redirect_partial_update description: RedirectStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Redirect Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedRedirectStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/RedirectStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_redirect_destroy description: RedirectStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Redirect Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/redirect/{stage_uuid}/used_by/: get: operationId: stages_redirect_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Redirect Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/source/: get: operationId: stages_source_list description: SourceStage Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: resume_timeout schema: type: string - name: search required: false in: query description: A search term. schema: type: string - in: query name: source schema: type: string format: uuid - in: query name: stage_uuid schema: type: string format: uuid tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedSourceStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_source_create description: SourceStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/SourceStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/SourceStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/source/{stage_uuid}/: get: operationId: stages_source_retrieve description: SourceStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Source Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SourceStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_source_update description: SourceStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Source Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/SourceStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SourceStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_source_partial_update description: SourceStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Source Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedSourceStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/SourceStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_source_destroy description: SourceStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Source Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/source/{stage_uuid}/used_by/: get: operationId: stages_source_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this Source Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_delete/: get: operationId: stages_user_delete_list description: UserDeleteStage Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserDeleteStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_user_delete_create description: UserDeleteStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/UserDeleteStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserDeleteStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_delete/{stage_uuid}/: get: operationId: stages_user_delete_retrieve description: UserDeleteStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Delete Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserDeleteStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_user_delete_update description: UserDeleteStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Delete Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/UserDeleteStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserDeleteStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_user_delete_partial_update description: UserDeleteStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Delete Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUserDeleteStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserDeleteStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_user_delete_destroy description: UserDeleteStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Delete Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_delete/{stage_uuid}/used_by/: get: operationId: stages_user_delete_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Delete Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_login/: get: operationId: stages_user_login_list description: UserLoginStage Viewset parameters: - in: query name: geoip_binding schema: type: string enum: - bind_continent - bind_continent_country - bind_continent_country_city - no_binding description: |+ Bind sessions created by this stage to the configured GeoIP location - in: query name: name schema: type: string - in: query name: network_binding schema: type: string enum: - bind_asn - bind_asn_network - bind_asn_network_ip - no_binding description: |+ Bind sessions created by this stage to the configured network - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - in: query name: remember_me_offset schema: type: string - name: search required: false in: query description: A search term. schema: type: string - in: query name: session_duration schema: type: string - in: query name: stage_uuid schema: type: string format: uuid - in: query name: terminate_other_sessions schema: type: boolean tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserLoginStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_user_login_create description: UserLoginStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/UserLoginStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserLoginStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_login/{stage_uuid}/: get: operationId: stages_user_login_retrieve description: UserLoginStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Login Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserLoginStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_user_login_update description: UserLoginStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Login Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/UserLoginStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserLoginStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_user_login_partial_update description: UserLoginStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Login Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUserLoginStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserLoginStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_user_login_destroy description: UserLoginStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Login Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_login/{stage_uuid}/used_by/: get: operationId: stages_user_login_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Login Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_logout/: get: operationId: stages_user_logout_list description: UserLogoutStage Viewset parameters: - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserLogoutStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_user_logout_create description: UserLogoutStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/UserLogoutStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserLogoutStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_logout/{stage_uuid}/: get: operationId: stages_user_logout_retrieve description: UserLogoutStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Logout Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserLogoutStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_user_logout_update description: UserLogoutStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Logout Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/UserLogoutStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserLogoutStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_user_logout_partial_update description: UserLogoutStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Logout Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUserLogoutStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserLogoutStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_user_logout_destroy description: UserLogoutStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Logout Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_logout/{stage_uuid}/used_by/: get: operationId: stages_user_logout_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Logout Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_write/: get: operationId: stages_user_write_list description: UserWriteStage Viewset parameters: - in: query name: create_users_as_inactive schema: type: boolean - in: query name: create_users_group schema: type: string format: uuid - in: query name: name schema: type: string - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string - in: query name: stage_uuid schema: type: string format: uuid - in: query name: user_creation_mode schema: type: string enum: - always_create - create_when_required - never_create - in: query name: user_path_template schema: type: string - in: query name: user_type schema: type: string enum: - external - internal - internal_service_account - service_account tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedUserWriteStageList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: stages_user_write_create description: UserWriteStage Viewset tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/UserWriteStageRequest' required: true security: - authentik: [] responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserWriteStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_write/{stage_uuid}/: get: operationId: stages_user_write_retrieve description: UserWriteStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Write Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserWriteStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: stages_user_write_update description: UserWriteStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Write Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/UserWriteStageRequest' required: true security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserWriteStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: stages_user_write_partial_update description: UserWriteStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Write Stage. required: true tags: - stages requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedUserWriteStageRequest' security: - authentik: [] responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserWriteStage' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: stages_user_write_destroy description: UserWriteStage Viewset parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Write Stage. required: true tags: - stages security: - authentik: [] responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /stages/user_write/{stage_uuid}/used_by/: get: operationId: stages_user_write_used_by_list description: Get a list of all objects that use this object parameters: - in: path name: stage_uuid schema: type: string format: uuid description: A UUID string identifying this User Write Stage. required: true tags: - stages security: - authentik: [] responses: '200': content: application/json: schema: type: array items: $ref: '#/components/schemas/UsedBy' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /tenants/domains/: get: operationId: tenants_domains_list description: Domain ViewSet parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - tenants responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedDomainList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: tenants_domains_create description: Domain ViewSet tags: - tenants requestBody: content: application/json: schema: $ref: '#/components/schemas/DomainRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/Domain' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /tenants/domains/{id}/: get: operationId: tenants_domains_retrieve description: Domain ViewSet parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Domain. required: true tags: - tenants responses: '200': content: application/json: schema: $ref: '#/components/schemas/Domain' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: tenants_domains_update description: Domain ViewSet parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Domain. required: true tags: - tenants requestBody: content: application/json: schema: $ref: '#/components/schemas/DomainRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/Domain' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: tenants_domains_partial_update description: Domain ViewSet parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Domain. required: true tags: - tenants requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedDomainRequest' responses: '200': content: application/json: schema: $ref: '#/components/schemas/Domain' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: tenants_domains_destroy description: Domain ViewSet parameters: - in: path name: id schema: type: integer description: A unique integer value identifying this Domain. required: true tags: - tenants responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /tenants/tenants/: get: operationId: tenants_tenants_list description: Tenant Viewset parameters: - name: ordering required: false in: query description: Which field to use when ordering the results. schema: type: string - name: page required: false in: query description: A page number within the paginated result set. schema: type: integer - name: page_size required: false in: query description: Number of results to return per page. schema: type: integer - name: search required: false in: query description: A search term. schema: type: string tags: - tenants responses: '200': content: application/json: schema: $ref: '#/components/schemas/PaginatedTenantList' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' post: operationId: tenants_tenants_create description: Tenant Viewset tags: - tenants requestBody: content: application/json: schema: $ref: '#/components/schemas/TenantRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/Tenant' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /tenants/tenants/{tenant_uuid}/: get: operationId: tenants_tenants_retrieve description: Tenant Viewset parameters: - in: path name: tenant_uuid schema: type: string format: uuid description: A UUID string identifying this Tenant. required: true tags: - tenants responses: '200': content: application/json: schema: $ref: '#/components/schemas/Tenant' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' put: operationId: tenants_tenants_update description: Tenant Viewset parameters: - in: path name: tenant_uuid schema: type: string format: uuid description: A UUID string identifying this Tenant. required: true tags: - tenants requestBody: content: application/json: schema: $ref: '#/components/schemas/TenantRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/Tenant' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' patch: operationId: tenants_tenants_partial_update description: Tenant Viewset parameters: - in: path name: tenant_uuid schema: type: string format: uuid description: A UUID string identifying this Tenant. required: true tags: - tenants requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchedTenantRequest' responses: '200': content: application/json: schema: $ref: '#/components/schemas/Tenant' description: '' '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' delete: operationId: tenants_tenants_destroy description: Tenant Viewset parameters: - in: path name: tenant_uuid schema: type: string format: uuid description: A UUID string identifying this Tenant. required: true tags: - tenants responses: '204': description: No response body '400': content: application/json: schema: $ref: '#/components/schemas/ValidationError' description: '' '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /tenants/tenants/{tenant_uuid}/create_admin_group/: post: operationId: tenants_tenants_create_admin_group_create description: Create admin group and add user to it. parameters: - in: path name: tenant_uuid schema: type: string format: uuid description: A UUID string identifying this Tenant. required: true tags: - tenants requestBody: content: application/json: schema: $ref: '#/components/schemas/TenantAdminGroupRequestRequest' required: true responses: '204': description: Group created successfully. '400': description: Bad request '404': description: User not found '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' /tenants/tenants/{tenant_uuid}/create_recovery_key/: post: operationId: tenants_tenants_create_recovery_key_create description: Create recovery key for user. parameters: - in: path name: tenant_uuid schema: type: string format: uuid description: A UUID string identifying this Tenant. required: true tags: - tenants requestBody: content: application/json: schema: $ref: '#/components/schemas/TenantRecoveryKeyRequestRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/TenantRecoveryKeyResponse' description: '' '400': description: Bad request '404': description: User not found '403': content: application/json: schema: $ref: '#/components/schemas/GenericError' description: '' components: schemas: AccessDeniedChallenge: type: object description: Challenge when a flow's active stage calls `stage_invalid()`. properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-access-denied response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string error_message: type: string required: - pending_user - pending_user_avatar AlgEnum: enum: - rsa - ecdsa type: string App: type: object description: Serialize Application info properties: name: type: string label: type: string required: - label - name AppEnum: enum: - authentik.tenants - authentik.admin - authentik.api - authentik.crypto - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static - authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.brands - authentik.blueprints - authentik.core - authentik.enterprise - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source - authentik.events type: string AppleChallengeResponseRequest: type: object description: Pseudo class for apple response properties: component: type: string minLength: 1 default: ak-source-oauth-apple AppleLoginChallenge: type: object description: Special challenge for apple-native authentication flow, which happens on the client. properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-source-oauth-apple response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' client_id: type: string scope: type: string redirect_uri: type: string state: type: string required: - client_id - redirect_uri - scope - state Application: type: object description: Application Serializer properties: pk: type: string format: uuid readOnly: true title: Pbm uuid name: type: string description: Application's display Name. slug: type: string description: Internal application name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ provider: type: integer nullable: true provider_obj: allOf: - $ref: '#/components/schemas/Provider' readOnly: true backchannel_providers: type: array items: type: integer backchannel_providers_obj: type: array items: $ref: '#/components/schemas/Provider' readOnly: true launch_url: type: string nullable: true description: Allow formatting of launch URL readOnly: true open_in_new_tab: type: boolean description: Open launch URL in a new browser tab or window. meta_launch_url: type: string format: uri meta_icon: type: string nullable: true description: |- Get the URL to the App Icon image. If the name is /static or starts with http it is returned as-is readOnly: true meta_description: type: string meta_publisher: type: string policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' group: type: string required: - backchannel_providers_obj - launch_url - meta_icon - name - pk - provider_obj - slug ApplicationEntitlement: type: object description: ApplicationEntitlement Serializer properties: pbm_uuid: type: string format: uuid readOnly: true name: type: string app: type: string format: uuid attributes: {} required: - app - name - pbm_uuid ApplicationEntitlementRequest: type: object description: ApplicationEntitlement Serializer properties: name: type: string minLength: 1 app: type: string format: uuid attributes: {} required: - app - name ApplicationRequest: type: object description: Application Serializer properties: name: type: string minLength: 1 description: Application's display Name. slug: type: string minLength: 1 description: Internal application name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ provider: type: integer nullable: true backchannel_providers: type: array items: type: integer open_in_new_tab: type: boolean description: Open launch URL in a new browser tab or window. meta_launch_url: type: string format: uri meta_description: type: string meta_publisher: type: string policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' group: type: string required: - name - slug AuthModeEnum: enum: - static - prompt type: string AuthTypeEnum: enum: - basic - bearer type: string AuthenticatedSession: type: object description: AuthenticatedSession Serializer properties: uuid: type: string format: uuid current: type: boolean description: Check if session is currently active session readOnly: true user_agent: type: object description: Get parsed user agent properties: device: type: object description: User agent device properties: brand: type: string family: type: string model: type: string required: - brand - family - model os: type: object description: User agent os properties: family: type: string major: type: string minor: type: string patch: type: string patch_minor: type: string required: - family - major - minor - patch - patch_minor user_agent: type: object description: User agent browser properties: family: type: string major: type: string minor: type: string patch: type: string required: - family - major - minor - patch string: type: string required: - device - os - string - user_agent readOnly: true geo_ip: type: object description: Get GeoIP Data properties: continent: type: string country: type: string lat: type: number format: double long: type: number format: double city: type: string required: - city - continent - country - lat - long nullable: true readOnly: true asn: type: object description: Get ASN Data properties: asn: type: integer as_org: type: string nullable: true network: type: string nullable: true required: - as_org - asn - network nullable: true readOnly: true user: type: integer last_ip: type: string readOnly: true last_user_agent: type: string readOnly: true last_used: type: string format: date-time readOnly: true expires: type: string format: date-time readOnly: true required: - asn - current - expires - geo_ip - last_ip - last_used - last_user_agent - user - user_agent AuthenticationEnum: enum: - none - require_authenticated - require_unauthenticated - require_superuser - require_redirect - require_outpost type: string AuthenticatorAttachmentEnum: enum: - platform - cross-platform type: string AuthenticatorDuoChallenge: type: object description: Duo Challenge properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-authenticator-duo response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string activation_barcode: type: string activation_code: type: string stage_uuid: type: string required: - activation_barcode - activation_code - pending_user - pending_user_avatar - stage_uuid AuthenticatorDuoChallengeResponseRequest: type: object description: Pseudo class for duo response properties: component: type: string minLength: 1 default: ak-stage-authenticator-duo AuthenticatorDuoStage: type: object description: AuthenticatorDuoStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true client_id: type: string api_hostname: type: string admin_integration_key: type: string required: - api_hostname - client_id - component - meta_model_name - name - pk - verbose_name - verbose_name_plural AuthenticatorDuoStageDeviceImportResponse: type: object properties: count: type: integer readOnly: true error: type: string readOnly: true required: - count - error AuthenticatorDuoStageManualDeviceImportRequest: type: object properties: duo_user_id: type: string minLength: 1 username: type: string minLength: 1 required: - duo_user_id - username AuthenticatorDuoStageRequest: type: object description: AuthenticatorDuoStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 client_id: type: string minLength: 1 client_secret: type: string writeOnly: true minLength: 1 api_hostname: type: string minLength: 1 admin_integration_key: type: string admin_secret_key: type: string writeOnly: true required: - api_hostname - client_id - client_secret - name AuthenticatorEmailChallenge: type: object description: Authenticator Email Setup challenge properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-authenticator-email response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string email: type: string nullable: true email_required: type: boolean default: true required: - pending_user - pending_user_avatar AuthenticatorEmailChallengeResponseRequest: type: object description: Authenticator Email Challenge response, device is set by get_response_instance properties: component: type: string minLength: 1 default: ak-stage-authenticator-email code: type: integer email: type: string minLength: 1 AuthenticatorEmailStage: type: object description: AuthenticatorEmailStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true use_global_settings: type: boolean description: When enabled, global Email connection settings will be used and connection settings below will be ignored. host: type: string port: type: integer maximum: 2147483647 minimum: -2147483648 username: type: string password: type: string use_tls: type: boolean use_ssl: type: boolean timeout: type: integer maximum: 2147483647 minimum: -2147483648 from_address: type: string format: email maxLength: 254 subject: type: string token_expiry: type: string description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).' template: type: string required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural AuthenticatorEmailStageRequest: type: object description: AuthenticatorEmailStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 use_global_settings: type: boolean description: When enabled, global Email connection settings will be used and connection settings below will be ignored. host: type: string minLength: 1 port: type: integer maximum: 2147483647 minimum: -2147483648 username: type: string password: type: string use_tls: type: boolean use_ssl: type: boolean timeout: type: integer maximum: 2147483647 minimum: -2147483648 from_address: type: string format: email minLength: 1 maxLength: 254 subject: type: string minLength: 1 token_expiry: type: string minLength: 1 description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).' template: type: string minLength: 1 required: - name AuthenticatorEndpointGDTCStage: type: object description: AuthenticatorEndpointGDTCStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true credentials: {} required: - component - credentials - meta_model_name - name - pk - verbose_name - verbose_name_plural AuthenticatorEndpointGDTCStageRequest: type: object description: AuthenticatorEndpointGDTCStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 credentials: {} required: - credentials - name AuthenticatorSMSChallenge: type: object description: SMS Setup challenge properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-authenticator-sms response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string phone_number_required: type: boolean default: true required: - pending_user - pending_user_avatar AuthenticatorSMSChallengeResponseRequest: type: object description: SMS Challenge response, device is set by get_response_instance properties: component: type: string minLength: 1 default: ak-stage-authenticator-sms code: type: integer phone_number: type: string minLength: 1 AuthenticatorSMSStage: type: object description: AuthenticatorSMSStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true provider: $ref: '#/components/schemas/ProviderEnum' from_number: type: string account_sid: type: string auth: type: string auth_password: type: string auth_type: $ref: '#/components/schemas/AuthTypeEnum' verify_only: type: boolean description: When enabled, the Phone number is only used during enrollment to verify the users authenticity. Only a hash of the phone number is saved to ensure it is not reused in the future. mapping: type: string format: uuid nullable: true description: Optionally modify the payload being sent to custom providers. required: - account_sid - auth - component - from_number - meta_model_name - name - pk - provider - verbose_name - verbose_name_plural AuthenticatorSMSStageRequest: type: object description: AuthenticatorSMSStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 provider: $ref: '#/components/schemas/ProviderEnum' from_number: type: string minLength: 1 account_sid: type: string minLength: 1 auth: type: string minLength: 1 auth_password: type: string auth_type: $ref: '#/components/schemas/AuthTypeEnum' verify_only: type: boolean description: When enabled, the Phone number is only used during enrollment to verify the users authenticity. Only a hash of the phone number is saved to ensure it is not reused in the future. mapping: type: string format: uuid nullable: true description: Optionally modify the payload being sent to custom providers. required: - account_sid - auth - from_number - name - provider AuthenticatorStaticChallenge: type: object description: Static authenticator challenge properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-authenticator-static response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string codes: type: array items: type: string required: - codes - pending_user - pending_user_avatar AuthenticatorStaticChallengeResponseRequest: type: object description: Pseudo class for static response properties: component: type: string minLength: 1 default: ak-stage-authenticator-static AuthenticatorStaticStage: type: object description: AuthenticatorStaticStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true token_count: type: integer maximum: 2147483647 minimum: 0 token_length: type: integer maximum: 2147483647 minimum: 0 required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural AuthenticatorStaticStageRequest: type: object description: AuthenticatorStaticStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 token_count: type: integer maximum: 2147483647 minimum: 0 token_length: type: integer maximum: 2147483647 minimum: 0 required: - name AuthenticatorTOTPChallenge: type: object description: TOTP Setup challenge properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-authenticator-totp response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string config_url: type: string required: - config_url - pending_user - pending_user_avatar AuthenticatorTOTPChallengeResponseRequest: type: object description: TOTP Challenge response, device is set by get_response_instance properties: component: type: string minLength: 1 default: ak-stage-authenticator-totp code: type: integer required: - code AuthenticatorTOTPStage: type: object description: AuthenticatorTOTPStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true digits: $ref: '#/components/schemas/DigitsEnum' required: - component - digits - meta_model_name - name - pk - verbose_name - verbose_name_plural AuthenticatorTOTPStageRequest: type: object description: AuthenticatorTOTPStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 digits: $ref: '#/components/schemas/DigitsEnum' required: - digits - name AuthenticatorValidateStage: type: object description: AuthenticatorValidateStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' not_configured_action: $ref: '#/components/schemas/NotConfiguredActionEnum' device_classes: type: array items: $ref: '#/components/schemas/DeviceClassesEnum' description: Device classes which can be used to authenticate configuration_stages: type: array items: type: string format: uuid description: Stages used to configure Authenticator when user doesn't have any compatible devices. After this configuration Stage passes, the user is not prompted again. last_auth_threshold: type: string description: If any of the user's device has been used within this threshold, this stage will be skipped webauthn_user_verification: allOf: - $ref: '#/components/schemas/UserVerificationEnum' description: Enforce user verification for WebAuthn devices. webauthn_allowed_device_types: type: array items: type: string format: uuid webauthn_allowed_device_types_obj: type: array items: $ref: '#/components/schemas/WebAuthnDeviceType' readOnly: true required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural - webauthn_allowed_device_types_obj AuthenticatorValidateStageRequest: type: object description: AuthenticatorValidateStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' not_configured_action: $ref: '#/components/schemas/NotConfiguredActionEnum' device_classes: type: array items: $ref: '#/components/schemas/DeviceClassesEnum' description: Device classes which can be used to authenticate configuration_stages: type: array items: type: string format: uuid description: Stages used to configure Authenticator when user doesn't have any compatible devices. After this configuration Stage passes, the user is not prompted again. last_auth_threshold: type: string minLength: 1 description: If any of the user's device has been used within this threshold, this stage will be skipped webauthn_user_verification: allOf: - $ref: '#/components/schemas/UserVerificationEnum' description: Enforce user verification for WebAuthn devices. webauthn_allowed_device_types: type: array items: type: string format: uuid required: - name AuthenticatorValidationChallenge: type: object description: Authenticator challenge properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-authenticator-validate response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string device_challenges: type: array items: $ref: '#/components/schemas/DeviceChallenge' configuration_stages: type: array items: $ref: '#/components/schemas/SelectableStage' required: - configuration_stages - device_challenges - pending_user - pending_user_avatar AuthenticatorValidationChallengeResponseRequest: type: object description: Challenge used for Code-based and WebAuthn authenticators properties: component: type: string minLength: 1 default: ak-stage-authenticator-validate selected_challenge: $ref: '#/components/schemas/DeviceChallengeRequest' selected_stage: type: string minLength: 1 code: type: string minLength: 1 webauthn: type: object additionalProperties: {} duo: type: integer AuthenticatorWebAuthnChallenge: type: object description: WebAuthn Challenge properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-authenticator-webauthn response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string registration: type: object additionalProperties: {} required: - pending_user - pending_user_avatar - registration AuthenticatorWebAuthnChallengeResponseRequest: type: object description: WebAuthn Challenge response properties: component: type: string minLength: 1 default: ak-stage-authenticator-webauthn response: type: object additionalProperties: {} required: - response AuthenticatorWebAuthnStage: type: object description: AuthenticatorWebAuthnStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true user_verification: $ref: '#/components/schemas/UserVerificationEnum' authenticator_attachment: allOf: - $ref: '#/components/schemas/AuthenticatorAttachmentEnum' nullable: true resident_key_requirement: $ref: '#/components/schemas/ResidentKeyRequirementEnum' device_type_restrictions: type: array items: type: string format: uuid device_type_restrictions_obj: type: array items: $ref: '#/components/schemas/WebAuthnDeviceType' readOnly: true required: - component - device_type_restrictions_obj - meta_model_name - name - pk - verbose_name - verbose_name_plural AuthenticatorWebAuthnStageRequest: type: object description: AuthenticatorWebAuthnStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 user_verification: $ref: '#/components/schemas/UserVerificationEnum' authenticator_attachment: allOf: - $ref: '#/components/schemas/AuthenticatorAttachmentEnum' nullable: true resident_key_requirement: $ref: '#/components/schemas/ResidentKeyRequirementEnum' device_type_restrictions: type: array items: type: string format: uuid required: - name AuthorizationCodeAuthMethodEnum: enum: - basic_auth - post_body type: string AutoSubmitChallengeResponseRequest: type: object description: Pseudo class for autosubmit response properties: component: type: string minLength: 1 default: ak-stage-autosubmit AutosubmitChallenge: type: object description: Autosubmit challenge used to send and navigate a POST request properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-autosubmit response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' url: type: string attrs: type: object additionalProperties: type: string title: type: string required: - attrs - url BackendsEnum: enum: - authentik.core.auth.InbuiltBackend - authentik.core.auth.TokenBackend - authentik.sources.ldap.auth.LDAPBackend - authentik.sources.kerberos.auth.KerberosBackend type: string BindingTypeEnum: enum: - REDIRECT - POST - POST_AUTO type: string BlueprintFile: type: object properties: path: type: string last_m: type: string format: date-time hash: type: string meta: allOf: - $ref: '#/components/schemas/Metadata' readOnly: true required: - hash - last_m - meta - path BlueprintInstance: type: object description: Info about a single blueprint instance file properties: pk: type: string format: uuid readOnly: true title: Instance uuid name: type: string path: type: string default: '' context: {} last_applied: type: string format: date-time readOnly: true last_applied_hash: type: string readOnly: true status: allOf: - $ref: '#/components/schemas/BlueprintInstanceStatusEnum' readOnly: true enabled: type: boolean managed_models: type: array items: type: string readOnly: true metadata: readOnly: true content: type: string required: - last_applied - last_applied_hash - managed_models - metadata - name - pk - status BlueprintInstanceRequest: type: object description: Info about a single blueprint instance file properties: name: type: string minLength: 1 path: type: string default: '' context: {} enabled: type: boolean content: type: string required: - name BlueprintInstanceStatusEnum: enum: - successful - warning - error - orphaned - unknown type: string Brand: type: object description: Brand Serializer properties: brand_uuid: type: string format: uuid readOnly: true domain: type: string description: Domain that activates this brand. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b` default: type: boolean branding_title: type: string branding_logo: type: string branding_favicon: type: string branding_custom_css: type: string branding_default_flow_background: type: string flow_authentication: type: string format: uuid nullable: true flow_invalidation: type: string format: uuid nullable: true flow_recovery: type: string format: uuid nullable: true flow_unenrollment: type: string format: uuid nullable: true flow_user_settings: type: string format: uuid nullable: true flow_device_code: type: string format: uuid nullable: true default_application: type: string format: uuid nullable: true description: When set, external users will be redirected to this application after authenticating. web_certificate: type: string format: uuid nullable: true description: Web Certificate used by the authentik Core webserver. client_certificates: type: array items: type: string format: uuid description: Certificates used for client authentication. attributes: {} required: - brand_uuid - domain BrandRequest: type: object description: Brand Serializer properties: domain: type: string minLength: 1 description: Domain that activates this brand. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b` default: type: boolean branding_title: type: string minLength: 1 branding_logo: type: string minLength: 1 branding_favicon: type: string minLength: 1 branding_custom_css: type: string branding_default_flow_background: type: string minLength: 1 flow_authentication: type: string format: uuid nullable: true flow_invalidation: type: string format: uuid nullable: true flow_recovery: type: string format: uuid nullable: true flow_unenrollment: type: string format: uuid nullable: true flow_user_settings: type: string format: uuid nullable: true flow_device_code: type: string format: uuid nullable: true default_application: type: string format: uuid nullable: true description: When set, external users will be redirected to this application after authenticating. web_certificate: type: string format: uuid nullable: true description: Web Certificate used by the authentik Core webserver. client_certificates: type: array items: type: string format: uuid description: Certificates used for client authentication. attributes: {} required: - domain Cache: type: object description: Generic cache stats for an object properties: count: type: integer readOnly: true required: - count CapabilitiesEnum: enum: - can_save_media - can_geo_ip - can_asn - can_impersonate - can_debug - is_enterprise type: string CaptchaChallenge: type: object description: Site public key properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-captcha response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string site_key: type: string js_url: type: string interactive: type: boolean required: - interactive - js_url - pending_user - pending_user_avatar - site_key CaptchaChallengeResponseRequest: type: object description: Validate captcha token properties: component: type: string minLength: 1 default: ak-stage-captcha token: type: string minLength: 1 required: - token CaptchaStage: type: object description: CaptchaStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' public_key: type: string description: Public key, acquired your captcha Provider. js_url: type: string api_url: type: string interactive: type: boolean score_min_threshold: type: number format: double score_max_threshold: type: number format: double error_on_invalid_score: type: boolean description: When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions required: - component - meta_model_name - name - pk - public_key - verbose_name - verbose_name_plural CaptchaStageRequest: type: object description: CaptchaStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' public_key: type: string minLength: 1 description: Public key, acquired your captcha Provider. private_key: type: string writeOnly: true minLength: 1 description: Private key, acquired your captcha Provider. js_url: type: string minLength: 1 api_url: type: string minLength: 1 interactive: type: boolean score_min_threshold: type: number format: double score_max_threshold: type: number format: double error_on_invalid_score: type: boolean description: When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions required: - name - private_key - public_key CertAttributeEnum: enum: - subject - common_name - email type: string CertificateData: type: object description: Get CertificateKeyPair's data properties: data: type: string readOnly: true required: - data CertificateGenerationRequest: type: object description: Certificate generation parameters properties: common_name: type: string minLength: 1 subject_alt_name: type: string validity_days: type: integer alg: allOf: - $ref: '#/components/schemas/AlgEnum' default: rsa required: - common_name - validity_days CertificateKeyPair: type: object description: CertificateKeyPair Serializer properties: pk: type: string format: uuid readOnly: true title: Kp uuid name: type: string fingerprint_sha256: type: string nullable: true description: Get certificate Hash (SHA256) readOnly: true fingerprint_sha1: type: string nullable: true description: Get certificate Hash (SHA1) readOnly: true cert_expiry: type: string format: date-time nullable: true description: Get certificate expiry readOnly: true cert_subject: type: string nullable: true description: Get certificate subject as full rfc4514 readOnly: true private_key_available: type: boolean description: Show if this keypair has a private key configured or not readOnly: true private_key_type: type: string nullable: true description: Get the private key's type, if set readOnly: true certificate_download_url: type: string description: Get URL to download certificate readOnly: true private_key_download_url: type: string description: Get URL to download private key readOnly: true managed: type: string readOnly: true nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. required: - cert_expiry - cert_subject - certificate_download_url - fingerprint_sha1 - fingerprint_sha256 - managed - name - pk - private_key_available - private_key_download_url - private_key_type CertificateKeyPairRequest: type: object description: CertificateKeyPair Serializer properties: name: type: string minLength: 1 certificate_data: type: string writeOnly: true minLength: 1 description: PEM-encoded Certificate data key_data: type: string writeOnly: true description: Optional Private Key. If this is set, you can use this keypair for encryption. required: - certificate_data - name ChallengeTypes: oneOf: - $ref: '#/components/schemas/AccessDeniedChallenge' - $ref: '#/components/schemas/AppleLoginChallenge' - $ref: '#/components/schemas/AuthenticatorDuoChallenge' - $ref: '#/components/schemas/AuthenticatorEmailChallenge' - $ref: '#/components/schemas/AuthenticatorSMSChallenge' - $ref: '#/components/schemas/AuthenticatorStaticChallenge' - $ref: '#/components/schemas/AuthenticatorTOTPChallenge' - $ref: '#/components/schemas/AuthenticatorValidationChallenge' - $ref: '#/components/schemas/AuthenticatorWebAuthnChallenge' - $ref: '#/components/schemas/AutosubmitChallenge' - $ref: '#/components/schemas/CaptchaChallenge' - $ref: '#/components/schemas/ConsentChallenge' - $ref: '#/components/schemas/DummyChallenge' - $ref: '#/components/schemas/EmailChallenge' - $ref: '#/components/schemas/FlowErrorChallenge' - $ref: '#/components/schemas/FrameChallenge' - $ref: '#/components/schemas/IdentificationChallenge' - $ref: '#/components/schemas/OAuthDeviceCodeChallenge' - $ref: '#/components/schemas/OAuthDeviceCodeFinishChallenge' - $ref: '#/components/schemas/PasswordChallenge' - $ref: '#/components/schemas/PlexAuthenticationChallenge' - $ref: '#/components/schemas/PromptChallenge' - $ref: '#/components/schemas/RedirectChallenge' - $ref: '#/components/schemas/SessionEndChallenge' - $ref: '#/components/schemas/ShellChallenge' - $ref: '#/components/schemas/UserLoginChallenge' discriminator: propertyName: component mapping: ak-stage-access-denied: '#/components/schemas/AccessDeniedChallenge' ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge' ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallenge' ak-stage-authenticator-email: '#/components/schemas/AuthenticatorEmailChallenge' ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallenge' ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallenge' ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallenge' ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallenge' ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallenge' ak-stage-autosubmit: '#/components/schemas/AutosubmitChallenge' ak-stage-captcha: '#/components/schemas/CaptchaChallenge' ak-stage-consent: '#/components/schemas/ConsentChallenge' ak-stage-dummy: '#/components/schemas/DummyChallenge' ak-stage-email: '#/components/schemas/EmailChallenge' ak-stage-flow-error: '#/components/schemas/FlowErrorChallenge' xak-flow-frame: '#/components/schemas/FrameChallenge' ak-stage-identification: '#/components/schemas/IdentificationChallenge' ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallenge' ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallenge' ak-stage-password: '#/components/schemas/PasswordChallenge' ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge' ak-stage-prompt: '#/components/schemas/PromptChallenge' xak-flow-redirect: '#/components/schemas/RedirectChallenge' ak-stage-session-end: '#/components/schemas/SessionEndChallenge' xak-flow-shell: '#/components/schemas/ShellChallenge' ak-stage-user-login: '#/components/schemas/UserLoginChallenge' ClientTypeEnum: enum: - confidential - public type: string CompatibilityModeEnum: enum: - default - aws - slack type: string Config: type: object description: Serialize authentik Config into DRF Object properties: error_reporting: $ref: '#/components/schemas/ErrorReportingConfig' capabilities: type: array items: $ref: '#/components/schemas/CapabilitiesEnum' cache_timeout: type: integer cache_timeout_flows: type: integer cache_timeout_policies: type: integer cache_timeout_reputation: type: integer required: - cache_timeout - cache_timeout_flows - cache_timeout_policies - cache_timeout_reputation - capabilities - error_reporting ConnectionToken: type: object description: ConnectionToken Serializer properties: pk: type: string format: uuid title: Connection token uuid provider: type: integer provider_obj: allOf: - $ref: '#/components/schemas/RACProvider' readOnly: true endpoint: type: string format: uuid endpoint_obj: allOf: - $ref: '#/components/schemas/Endpoint' readOnly: true user: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true required: - endpoint - endpoint_obj - provider - provider_obj - user ConnectionTokenRequest: type: object description: ConnectionToken Serializer properties: pk: type: string format: uuid title: Connection token uuid provider: type: integer endpoint: type: string format: uuid required: - endpoint - provider ConsentChallenge: type: object description: Challenge info for consent screens properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-consent response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string header_text: type: string permissions: type: array items: $ref: '#/components/schemas/ConsentPermission' additional_permissions: type: array items: $ref: '#/components/schemas/ConsentPermission' token: type: string required: - additional_permissions - pending_user - pending_user_avatar - permissions - token ConsentChallengeResponseRequest: type: object description: Consent challenge response, any valid response request is valid properties: component: type: string minLength: 1 default: ak-stage-consent token: type: string minLength: 1 required: - token ConsentPermission: type: object description: Permission used for consent properties: name: type: string id: type: string required: - id - name ConsentStage: type: object description: ConsentStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' mode: $ref: '#/components/schemas/ConsentStageModeEnum' consent_expire_in: type: string title: Consent expires in description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural ConsentStageModeEnum: enum: - always_require - permanent - expiring type: string ConsentStageRequest: type: object description: ConsentStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' mode: $ref: '#/components/schemas/ConsentStageModeEnum' consent_expire_in: type: string minLength: 1 title: Consent expires in description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' required: - name ContextualFlowInfo: type: object description: Contextual flow information for a challenge properties: title: type: string background: type: string cancel_url: type: string layout: $ref: '#/components/schemas/ContextualFlowInfoLayoutEnum' required: - cancel_url - layout ContextualFlowInfoLayoutEnum: enum: - stacked - content_left - content_right - sidebar_left - sidebar_right type: string Coordinate: type: object description: Coordinates for diagrams properties: x_cord: type: integer readOnly: true y_cord: type: integer readOnly: true required: - x_cord - y_cord CountryCodeEnum: enum: - AF - AX - AL - DZ - AS - AD - AO - AI - AQ - AG - AR - AM - AW - AU - AT - AZ - BS - BH - BD - BB - BY - BE - BZ - BJ - BM - BT - BO - BQ - BA - BW - BV - BR - IO - BN - BG - BF - BI - CV - KH - CM - CA - KY - CF - TD - CL - CN - CX - CC - CO - KM - CG - CD - CK - CR - CI - HR - CU - CW - CY - CZ - DK - DJ - DM - DO - EC - EG - SV - GQ - ER - EE - SZ - ET - FK - FO - FJ - FI - FR - GF - PF - TF - GA - GM - GE - DE - GH - GI - GR - GL - GD - GP - GU - GT - GG - GN - GW - GY - HT - HM - VA - HN - HK - HU - IS - IN - ID - IR - IQ - IE - IM - IL - IT - JM - JP - JE - JO - KZ - KE - KI - KW - KG - LA - LV - LB - LS - LR - LY - LI - LT - LU - MO - MG - MW - MY - MV - ML - MT - MH - MQ - MR - MU - YT - MX - FM - MD - MC - MN - ME - MS - MA - MZ - MM - NA - NR - NP - NL - NC - NZ - NI - NE - NG - NU - NF - KP - MK - MP - 'NO' - OM - PK - PW - PS - PA - PG - PY - PE - PH - PN - PL - PT - PR - QA - RE - RO - RU - RW - BL - SH - KN - LC - MF - PM - VC - WS - SM - ST - SA - SN - RS - SC - SL - SG - SX - SK - SI - SB - SO - ZA - GS - KR - SS - ES - LK - SD - SR - SJ - SE - CH - SY - TW - TJ - TZ - TH - TL - TG - TK - TO - TT - TN - TR - TM - TC - TV - UG - UA - AE - GB - UM - US - UY - UZ - VU - VE - VN - VG - VI - WF - EH - YE - ZM - ZW type: string CurrentBrand: type: object description: Partial brand information for styling properties: matched_domain: type: string branding_title: type: string branding_logo: type: string branding_favicon: type: string branding_custom_css: type: string ui_footer_links: type: array items: $ref: '#/components/schemas/FooterLink' readOnly: true ui_theme: allOf: - $ref: '#/components/schemas/UiThemeEnum' readOnly: true default: automatic flow_authentication: type: string flow_invalidation: type: string flow_recovery: type: string flow_unenrollment: type: string flow_user_settings: type: string flow_device_code: type: string default_locale: type: string readOnly: true required: - branding_custom_css - branding_favicon - branding_logo - branding_title - default_locale - matched_domain - ui_footer_links - ui_theme DeliveryMethodEnum: enum: - https://schemas.openid.net/secevent/risc/delivery-method/push - https://schemas.openid.net/secevent/risc/delivery-method/poll type: string DeniedActionEnum: enum: - message_continue - message - continue type: string DenyStage: type: object description: DenyStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' deny_message: type: string required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural DenyStageRequest: type: object description: DenyStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' deny_message: type: string required: - name DetailedCountry: type: object properties: code: $ref: '#/components/schemas/CountryCodeEnum' name: type: string required: - code - name DetailedCountryField: type: object properties: code: $ref: '#/components/schemas/CountryCodeEnum' name: type: string required: - code - name DetailedCountryFieldRequest: type: object properties: code: $ref: '#/components/schemas/CountryCodeEnum' name: type: string minLength: 1 required: - code - name Device: type: object description: Serializer for Duo authenticator devices properties: verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true pk: type: string name: type: string type: type: string description: Get type of device readOnly: true confirmed: type: boolean created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true last_used: type: string format: date-time readOnly: true nullable: true extra_description: type: string description: Get extra description readOnly: true required: - confirmed - created - extra_description - last_updated - last_used - meta_model_name - name - pk - type - verbose_name - verbose_name_plural DeviceChallenge: type: object description: Single device challenge properties: device_class: type: string device_uid: type: string challenge: type: object additionalProperties: {} last_used: type: string format: date-time nullable: true required: - challenge - device_class - device_uid - last_used DeviceChallengeRequest: type: object description: Single device challenge properties: device_class: type: string minLength: 1 device_uid: type: string minLength: 1 challenge: type: object additionalProperties: {} last_used: type: string format: date-time nullable: true required: - challenge - device_class - device_uid - last_used DeviceClassesEnum: enum: - static - totp - webauthn - duo - sms - email type: string DigestAlgorithmEnum: enum: - http://www.w3.org/2000/09/xmldsig#sha1 - http://www.w3.org/2001/04/xmlenc#sha256 - http://www.w3.org/2001/04/xmldsig-more#sha384 - http://www.w3.org/2001/04/xmlenc#sha512 type: string DigitsEnum: enum: - '6' - '8' type: string DockerServiceConnection: type: object description: DockerServiceConnection Serializer properties: pk: type: string format: uuid readOnly: true title: Uuid name: type: string local: type: boolean description: If enabled, use the local connection. Required Docker socket/Kubernetes Integration component: type: string readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true url: type: string description: Can be in the format of 'unix://' when connecting to a local docker daemon, or 'https://:2376' when connecting to a remote system. tls_verification: type: string format: uuid nullable: true description: CA which the endpoint's Certificate is verified against. Can be left empty for no validation. tls_authentication: type: string format: uuid nullable: true description: Certificate/Key used for authentication. Can be left empty for no authentication. required: - component - meta_model_name - name - pk - url - verbose_name - verbose_name_plural DockerServiceConnectionRequest: type: object description: DockerServiceConnection Serializer properties: name: type: string minLength: 1 local: type: boolean description: If enabled, use the local connection. Required Docker socket/Kubernetes Integration url: type: string minLength: 1 description: Can be in the format of 'unix://' when connecting to a local docker daemon, or 'https://:2376' when connecting to a remote system. tls_verification: type: string format: uuid nullable: true description: CA which the endpoint's Certificate is verified against. Can be left empty for no validation. tls_authentication: type: string format: uuid nullable: true description: Certificate/Key used for authentication. Can be left empty for no authentication. required: - name - url Domain: type: object description: Domain Serializer properties: id: type: integer readOnly: true domain: type: string maxLength: 253 is_primary: type: boolean tenant: type: string format: uuid required: - domain - id - tenant DomainRequest: type: object description: Domain Serializer properties: domain: type: string minLength: 1 maxLength: 253 is_primary: type: boolean tenant: type: string format: uuid required: - domain - tenant DummyChallenge: type: object description: Dummy challenge properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-dummy response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' name: type: string required: - name DummyChallengeResponseRequest: type: object description: Dummy challenge response properties: component: type: string minLength: 1 default: ak-stage-dummy DummyPolicy: type: object description: Dummy Policy Serializer properties: pk: type: string format: uuid readOnly: true title: Policy uuid name: type: string execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true bound_to: type: integer description: Return objects policy is bound to readOnly: true result: type: boolean wait_min: type: integer maximum: 2147483647 minimum: -2147483648 wait_max: type: integer maximum: 2147483647 minimum: -2147483648 required: - bound_to - component - meta_model_name - name - pk - verbose_name - verbose_name_plural DummyPolicyRequest: type: object description: Dummy Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. result: type: boolean wait_min: type: integer maximum: 2147483647 minimum: -2147483648 wait_max: type: integer maximum: 2147483647 minimum: -2147483648 required: - name DummyStage: type: object description: DummyStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' throw_error: type: boolean required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural DummyStageRequest: type: object description: DummyStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' throw_error: type: boolean required: - name DuoDevice: type: object description: Serializer for Duo authenticator devices properties: pk: type: integer readOnly: true title: ID name: type: string description: The human-readable name of this device. maxLength: 64 user: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true required: - name - pk - user DuoDeviceEnrollmentStatus: type: object properties: duo_response: $ref: '#/components/schemas/DuoResponseEnum' required: - duo_response DuoDeviceRequest: type: object description: Serializer for Duo authenticator devices properties: name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 required: - name DuoResponseEnum: enum: - success - waiting - invalid type: string EmailChallenge: type: object description: Email challenge properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-email response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' EmailChallengeResponseRequest: type: object description: |- Email challenge resposen. No fields. This challenge is always declared invalid to give the user a chance to retry properties: component: type: string minLength: 1 default: ak-stage-email EmailDevice: type: object description: Serializer for email authenticator devices properties: name: type: string description: The human-readable name of this device. maxLength: 64 pk: type: integer readOnly: true title: ID email: type: string format: email readOnly: true user: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true required: - email - name - pk - user EmailDeviceRequest: type: object description: Serializer for email authenticator devices properties: name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 required: - name EmailStage: type: object description: EmailStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' use_global_settings: type: boolean description: When enabled, global Email connection settings will be used and connection settings below will be ignored. host: type: string port: type: integer maximum: 2147483647 minimum: -2147483648 username: type: string use_tls: type: boolean use_ssl: type: boolean timeout: type: integer maximum: 2147483647 minimum: -2147483648 from_address: type: string format: email maxLength: 254 token_expiry: type: string description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).' subject: type: string template: type: string activate_user_on_success: type: boolean description: Activate users upon completion of stage. required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural EmailStageRequest: type: object description: EmailStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' use_global_settings: type: boolean description: When enabled, global Email connection settings will be used and connection settings below will be ignored. host: type: string minLength: 1 port: type: integer maximum: 2147483647 minimum: -2147483648 username: type: string password: type: string writeOnly: true use_tls: type: boolean use_ssl: type: boolean timeout: type: integer maximum: 2147483647 minimum: -2147483648 from_address: type: string format: email minLength: 1 maxLength: 254 token_expiry: type: string minLength: 1 description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).' subject: type: string minLength: 1 template: type: string minLength: 1 activate_user_on_success: type: boolean description: Activate users upon completion of stage. required: - name Endpoint: type: object description: Endpoint Serializer properties: pk: type: string format: uuid readOnly: true title: Pbm uuid name: type: string provider: type: integer provider_obj: allOf: - $ref: '#/components/schemas/RACProvider' readOnly: true protocol: $ref: '#/components/schemas/ProtocolEnum' host: type: string settings: {} property_mappings: type: array items: type: string format: uuid auth_mode: $ref: '#/components/schemas/AuthModeEnum' launch_url: type: string nullable: true description: |- Build actual launch URL (the provider itself does not have one, just individual endpoints) readOnly: true maximum_connections: type: integer maximum: 2147483647 minimum: -2147483648 required: - auth_mode - host - launch_url - name - pk - protocol - provider - provider_obj EndpointDevice: type: object description: Serializer for Endpoint authenticator devices properties: pk: type: string format: uuid title: Uuid name: type: string description: The human-readable name of this device. maxLength: 64 required: - name EndpointDeviceRequest: type: object description: Serializer for Endpoint authenticator devices properties: pk: type: string format: uuid title: Uuid name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 required: - name EndpointRequest: type: object description: Endpoint Serializer properties: name: type: string minLength: 1 provider: type: integer protocol: $ref: '#/components/schemas/ProtocolEnum' host: type: string minLength: 1 settings: {} property_mappings: type: array items: type: string format: uuid auth_mode: $ref: '#/components/schemas/AuthModeEnum' maximum_connections: type: integer maximum: 2147483647 minimum: -2147483648 required: - auth_mode - host - name - protocol - provider ErrorDetail: type: object description: Serializer for rest_framework's error messages properties: string: type: string code: type: string required: - code - string ErrorReportingConfig: type: object description: Config for error reporting properties: enabled: type: boolean readOnly: true sentry_dsn: type: string readOnly: true environment: type: string readOnly: true send_pii: type: boolean readOnly: true traces_sample_rate: type: number format: double readOnly: true required: - enabled - environment - send_pii - sentry_dsn - traces_sample_rate Event: type: object description: Event Serializer properties: pk: type: string format: uuid readOnly: true title: Event uuid user: {} action: $ref: '#/components/schemas/EventActions' app: type: string context: {} client_ip: type: string nullable: true created: type: string format: date-time readOnly: true expires: type: string format: date-time brand: {} required: - action - app - created - pk EventActions: enum: - login - login_failed - logout - user_write - suspicious_request - password_set - secret_view - secret_rotate - invitation_used - authorize_application - source_linked - impersonation_started - impersonation_ended - flow_execution - policy_execution - policy_exception - property_mapping_exception - system_task_execution - system_task_exception - system_exception - configuration_error - model_created - model_updated - model_deleted - email_sent - update_available - custom_ type: string EventMatcherPolicy: type: object description: Event Matcher Policy Serializer properties: pk: type: string format: uuid readOnly: true title: Policy uuid name: type: string execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true bound_to: type: integer description: Return objects policy is bound to readOnly: true action: allOf: - $ref: '#/components/schemas/EventActions' nullable: true description: Match created events with this action type. When left empty, all action types will be matched. client_ip: type: string nullable: true description: Matches Event's Client IP (strict matching, for network matching use an Expression Policy) app: allOf: - $ref: '#/components/schemas/AppEnum' nullable: true description: Match events created by selected application. When left empty, all applications are matched. model: allOf: - $ref: '#/components/schemas/ModelEnum' nullable: true description: Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. required: - bound_to - component - meta_model_name - name - pk - verbose_name - verbose_name_plural EventMatcherPolicyRequest: type: object description: Event Matcher Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. action: allOf: - $ref: '#/components/schemas/EventActions' nullable: true description: Match created events with this action type. When left empty, all action types will be matched. client_ip: type: string nullable: true minLength: 1 description: Matches Event's Client IP (strict matching, for network matching use an Expression Policy) app: allOf: - $ref: '#/components/schemas/AppEnum' nullable: true description: Match events created by selected application. When left empty, all applications are matched. model: allOf: - $ref: '#/components/schemas/ModelEnum' nullable: true description: Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. required: - name EventRequest: type: object description: Event Serializer properties: user: {} action: $ref: '#/components/schemas/EventActions' app: type: string minLength: 1 context: {} client_ip: type: string nullable: true minLength: 1 expires: type: string format: date-time brand: {} required: - action - app EventTopPerUser: type: object description: Response object of Event's top_per_user properties: application: type: object additionalProperties: {} counted_events: type: integer unique_users: type: integer required: - application - counted_events - unique_users EventsRequestedEnum: enum: - https://schemas.openid.net/secevent/caep/event-type/session-revoked - https://schemas.openid.net/secevent/caep/event-type/credential-change - https://schemas.openid.net/secevent/ssf/event-type/verification type: string ExpiringBaseGrantModel: type: object description: Serializer for BaseGrantModel and ExpiringBaseGrant properties: pk: type: integer readOnly: true title: ID provider: $ref: '#/components/schemas/OAuth2Provider' user: $ref: '#/components/schemas/User' is_expired: type: boolean description: Check if token is expired yet. readOnly: true expires: type: string format: date-time nullable: true scope: type: array items: type: string required: - is_expired - pk - provider - scope - user ExpressionPolicy: type: object description: Group Membership Policy Serializer properties: pk: type: string format: uuid readOnly: true title: Policy uuid name: type: string execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true bound_to: type: integer description: Return objects policy is bound to readOnly: true expression: type: string required: - bound_to - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural ExpressionPolicyRequest: type: object description: Group Membership Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. expression: type: string minLength: 1 required: - expression - name ExtraRoleObjectPermission: type: object description: User permission with additional object-related data properties: id: type: integer readOnly: true codename: type: string readOnly: true model: type: string title: Python model class name readOnly: true app_label: type: string readOnly: true object_pk: type: string name: type: string readOnly: true app_label_verbose: type: string description: Get app label from permission's model readOnly: true model_verbose: type: string description: Get model label from permission's model readOnly: true object_description: type: string nullable: true description: |- Get model description from attached model. This operation takes at least one additional query, and the description is only shown if the user/role has the view_ permission on the object readOnly: true required: - app_label - app_label_verbose - codename - id - model - model_verbose - name - object_description - object_pk ExtraRoleObjectPermissionRequest: type: object description: User permission with additional object-related data properties: object_pk: type: string minLength: 1 required: - object_pk ExtraUserObjectPermission: type: object description: User permission with additional object-related data properties: id: type: integer readOnly: true codename: type: string readOnly: true model: type: string title: Python model class name readOnly: true app_label: type: string readOnly: true object_pk: type: string name: type: string readOnly: true app_label_verbose: type: string description: Get app label from permission's model readOnly: true model_verbose: type: string description: Get model label from permission's model readOnly: true object_description: type: string nullable: true description: |- Get model description from attached model. This operation takes at least one additional query, and the description is only shown if the user/role has the view_ permission on the object readOnly: true required: - app_label - app_label_verbose - codename - id - model - model_verbose - name - object_description - object_pk ExtraUserObjectPermissionRequest: type: object description: User permission with additional object-related data properties: object_pk: type: string minLength: 1 required: - object_pk FilePathRequest: type: object description: Serializer to upload file properties: url: type: string minLength: 1 required: - url FileUploadRequest: type: object description: Serializer to upload file properties: file: type: string format: binary clear: type: boolean default: false Flow: type: object description: Flow Serializer properties: pk: type: string format: uuid readOnly: true title: Flow uuid policybindingmodel_ptr_id: type: string format: uuid readOnly: true name: type: string slug: type: string description: Visible in the URL. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ title: type: string description: Shown as the Title in Flow pages. designation: allOf: - $ref: '#/components/schemas/FlowDesignationEnum' description: Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. background: type: string description: |- Get the URL to the background image. If the name is /static or starts with http it is returned as-is readOnly: true stages: type: array items: type: string format: uuid readOnly: true policies: type: array items: type: string format: uuid readOnly: true cache_count: type: integer description: Get count of cached flows readOnly: true policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' compatibility_mode: type: boolean description: Enable compatibility mode, increases compatibility with password managers on mobile devices. export_url: type: string description: Get export URL for flow readOnly: true layout: $ref: '#/components/schemas/FlowLayoutEnum' denied_action: allOf: - $ref: '#/components/schemas/DeniedActionEnum' description: Configure what should happen when a flow denies access to a user. authentication: allOf: - $ref: '#/components/schemas/AuthenticationEnum' description: Required level of authentication and authorization to access a flow. required: - background - cache_count - designation - export_url - name - pk - policies - policybindingmodel_ptr_id - slug - stages - title FlowChallengeResponseRequest: oneOf: - $ref: '#/components/schemas/AppleChallengeResponseRequest' - $ref: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest' - $ref: '#/components/schemas/AuthenticatorEmailChallengeResponseRequest' - $ref: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest' - $ref: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest' - $ref: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest' - $ref: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest' - $ref: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest' - $ref: '#/components/schemas/AutoSubmitChallengeResponseRequest' - $ref: '#/components/schemas/CaptchaChallengeResponseRequest' - $ref: '#/components/schemas/ConsentChallengeResponseRequest' - $ref: '#/components/schemas/DummyChallengeResponseRequest' - $ref: '#/components/schemas/EmailChallengeResponseRequest' - $ref: '#/components/schemas/FrameChallengeResponseRequest' - $ref: '#/components/schemas/IdentificationChallengeResponseRequest' - $ref: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest' - $ref: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest' - $ref: '#/components/schemas/PasswordChallengeResponseRequest' - $ref: '#/components/schemas/PlexAuthenticationChallengeResponseRequest' - $ref: '#/components/schemas/PromptChallengeResponseRequest' - $ref: '#/components/schemas/RedirectChallengeResponseRequest' - $ref: '#/components/schemas/UserLoginChallengeResponseRequest' discriminator: propertyName: component mapping: ak-source-oauth-apple: '#/components/schemas/AppleChallengeResponseRequest' ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest' ak-stage-authenticator-email: '#/components/schemas/AuthenticatorEmailChallengeResponseRequest' ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest' ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest' ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest' ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest' ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest' ak-stage-autosubmit: '#/components/schemas/AutoSubmitChallengeResponseRequest' ak-stage-captcha: '#/components/schemas/CaptchaChallengeResponseRequest' ak-stage-consent: '#/components/schemas/ConsentChallengeResponseRequest' ak-stage-dummy: '#/components/schemas/DummyChallengeResponseRequest' ak-stage-email: '#/components/schemas/EmailChallengeResponseRequest' xak-flow-frame: '#/components/schemas/FrameChallengeResponseRequest' ak-stage-identification: '#/components/schemas/IdentificationChallengeResponseRequest' ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest' ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest' ak-stage-password: '#/components/schemas/PasswordChallengeResponseRequest' ak-source-plex: '#/components/schemas/PlexAuthenticationChallengeResponseRequest' ak-stage-prompt: '#/components/schemas/PromptChallengeResponseRequest' xak-flow-redirect: '#/components/schemas/RedirectChallengeResponseRequest' ak-stage-user-login: '#/components/schemas/UserLoginChallengeResponseRequest' FlowDesignationEnum: enum: - authentication - authorization - invalidation - enrollment - unenrollment - recovery - stage_configuration type: string FlowDiagram: type: object description: response of the flow's diagram action properties: diagram: type: string readOnly: true required: - diagram FlowErrorChallenge: type: object description: |- Challenge class when an unhandled error occurs during a stage. Normal users are shown an error message, superusers are shown a full stacktrace. properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-flow-error response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' request_id: type: string error: type: string traceback: type: string required: - request_id FlowImportResult: type: object description: Logs of an attempted flow import properties: logs: type: array items: $ref: '#/components/schemas/LogEvent' readOnly: true success: type: boolean readOnly: true required: - logs - success FlowInspection: type: object description: Serializer for inspect endpoint properties: plans: type: array items: $ref: '#/components/schemas/FlowInspectorPlan' current_plan: $ref: '#/components/schemas/FlowInspectorPlan' is_completed: type: boolean required: - is_completed - plans FlowInspectorPlan: type: object description: Serializer for an active FlowPlan properties: current_stage: allOf: - $ref: '#/components/schemas/FlowStageBinding' readOnly: true next_planned_stage: allOf: - $ref: '#/components/schemas/FlowStageBinding' readOnly: true plan_context: type: object additionalProperties: {} description: Get the plan's context, sanitized readOnly: true session_id: type: string description: Get a unique session ID readOnly: true required: - current_stage - next_planned_stage - plan_context - session_id FlowLayoutEnum: enum: - stacked - content_left - content_right - sidebar_left - sidebar_right type: string FlowRequest: type: object description: Flow Serializer properties: name: type: string minLength: 1 slug: type: string minLength: 1 description: Visible in the URL. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ title: type: string minLength: 1 description: Shown as the Title in Flow pages. designation: allOf: - $ref: '#/components/schemas/FlowDesignationEnum' description: Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' compatibility_mode: type: boolean description: Enable compatibility mode, increases compatibility with password managers on mobile devices. layout: $ref: '#/components/schemas/FlowLayoutEnum' denied_action: allOf: - $ref: '#/components/schemas/DeniedActionEnum' description: Configure what should happen when a flow denies access to a user. authentication: allOf: - $ref: '#/components/schemas/AuthenticationEnum' description: Required level of authentication and authorization to access a flow. required: - designation - name - slug - title FlowSet: type: object description: Stripped down flow serializer properties: pk: type: string format: uuid readOnly: true title: Flow uuid policybindingmodel_ptr_id: type: string format: uuid readOnly: true name: type: string slug: type: string description: Visible in the URL. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ title: type: string description: Shown as the Title in Flow pages. designation: allOf: - $ref: '#/components/schemas/FlowDesignationEnum' description: Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. background: type: string description: |- Get the URL to the background image. If the name is /static or starts with http it is returned as-is readOnly: true policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' compatibility_mode: type: boolean description: Enable compatibility mode, increases compatibility with password managers on mobile devices. export_url: type: string description: Get export URL for flow readOnly: true layout: $ref: '#/components/schemas/FlowLayoutEnum' denied_action: allOf: - $ref: '#/components/schemas/DeniedActionEnum' description: Configure what should happen when a flow denies access to a user. required: - background - designation - export_url - name - pk - policybindingmodel_ptr_id - slug - title FlowSetRequest: type: object description: Stripped down flow serializer properties: name: type: string minLength: 1 slug: type: string minLength: 1 description: Visible in the URL. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ title: type: string minLength: 1 description: Shown as the Title in Flow pages. designation: allOf: - $ref: '#/components/schemas/FlowDesignationEnum' description: Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' compatibility_mode: type: boolean description: Enable compatibility mode, increases compatibility with password managers on mobile devices. layout: $ref: '#/components/schemas/FlowLayoutEnum' denied_action: allOf: - $ref: '#/components/schemas/DeniedActionEnum' description: Configure what should happen when a flow denies access to a user. required: - designation - name - slug - title FlowStageBinding: type: object description: FlowStageBinding Serializer properties: pk: type: string format: uuid readOnly: true title: Fsb uuid policybindingmodel_ptr_id: type: string format: uuid readOnly: true target: type: string format: uuid stage: type: string format: uuid stage_obj: allOf: - $ref: '#/components/schemas/Stage' readOnly: true evaluate_on_plan: type: boolean description: Evaluate policies during the Flow planning process. re_evaluate_policies: type: boolean description: Evaluate policies when the Stage is presented to the user. order: type: integer maximum: 2147483647 minimum: -2147483648 policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' invalid_response_action: allOf: - $ref: '#/components/schemas/InvalidResponseActionEnum' description: Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. required: - order - pk - policybindingmodel_ptr_id - stage - stage_obj - target FlowStageBindingRequest: type: object description: FlowStageBinding Serializer properties: target: type: string format: uuid stage: type: string format: uuid evaluate_on_plan: type: boolean description: Evaluate policies during the Flow planning process. re_evaluate_policies: type: boolean description: Evaluate policies when the Stage is presented to the user. order: type: integer maximum: 2147483647 minimum: -2147483648 policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' invalid_response_action: allOf: - $ref: '#/components/schemas/InvalidResponseActionEnum' description: Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. required: - order - stage - target FooterLink: type: object description: Links returned in Config API properties: href: type: string readOnly: true nullable: true name: type: string readOnly: true required: - href - name FrameChallenge: type: object description: Challenge type to render a frame properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: xak-flow-frame response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' url: type: string loading_overlay: type: boolean default: false loading_text: type: string required: - loading_text - url FrameChallengeResponseRequest: type: object description: Base class for all challenge responses properties: component: type: string minLength: 1 default: xak-flow-frame GenericError: type: object description: Generic API Error properties: detail: type: string code: type: string required: - detail GeoIPPolicy: type: object description: GeoIP Policy Serializer properties: pk: type: string format: uuid readOnly: true title: Policy uuid name: type: string execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true bound_to: type: integer description: Return objects policy is bound to readOnly: true asns: type: array items: type: integer maximum: 2147483647 minimum: -2147483648 countries: type: array items: $ref: '#/components/schemas/CountryCodeEnum' maxItems: 249 countries_obj: type: array items: $ref: '#/components/schemas/DetailedCountryField' readOnly: true check_history_distance: type: boolean history_max_distance_km: type: integer maximum: 9223372036854775807 minimum: 0 format: int64 distance_tolerance_km: type: integer maximum: 2147483647 minimum: 0 history_login_count: type: integer maximum: 2147483647 minimum: 0 check_impossible_travel: type: boolean impossible_tolerance_km: type: integer maximum: 2147483647 minimum: 0 required: - bound_to - component - countries - countries_obj - meta_model_name - name - pk - verbose_name - verbose_name_plural GeoIPPolicyRequest: type: object description: GeoIP Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. asns: type: array items: type: integer maximum: 2147483647 minimum: -2147483648 countries: type: array items: $ref: '#/components/schemas/CountryCodeEnum' maxItems: 249 check_history_distance: type: boolean history_max_distance_km: type: integer maximum: 9223372036854775807 minimum: 0 format: int64 distance_tolerance_km: type: integer maximum: 2147483647 minimum: 0 history_login_count: type: integer maximum: 2147483647 minimum: 0 check_impossible_travel: type: boolean impossible_tolerance_km: type: integer maximum: 2147483647 minimum: 0 required: - countries - name GeoipBindingEnum: enum: - no_binding - bind_continent - bind_continent_country - bind_continent_country_city type: string GoogleWorkspaceProvider: type: object description: GoogleWorkspaceProvider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string property_mappings: type: array items: type: string format: uuid property_mappings_group: type: array items: type: string format: uuid description: Property mappings used for group creation/updating. component: type: string description: Get object component so that we know how to edit the object readOnly: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true delegated_subject: type: string format: email maxLength: 254 credentials: {} scopes: type: string exclude_users_service_account: type: boolean filter_group: type: string format: uuid nullable: true user_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' group_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' default_group_email_domain: type: string dry_run: type: boolean description: When enabled, provider will not modify or create objects in the remote system. required: - assigned_backchannel_application_name - assigned_backchannel_application_slug - component - credentials - default_group_email_domain - delegated_subject - meta_model_name - name - pk - verbose_name - verbose_name_plural GoogleWorkspaceProviderGroup: type: object description: GoogleWorkspaceProviderGroup Serializer properties: id: type: string format: uuid readOnly: true google_id: type: string group: type: string format: uuid group_obj: allOf: - $ref: '#/components/schemas/UserGroup' readOnly: true provider: type: integer attributes: readOnly: true required: - attributes - google_id - group - group_obj - id - provider GoogleWorkspaceProviderGroupRequest: type: object description: GoogleWorkspaceProviderGroup Serializer properties: google_id: type: string minLength: 1 group: type: string format: uuid provider: type: integer required: - google_id - group - provider GoogleWorkspaceProviderMapping: type: object description: GoogleWorkspaceProviderMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural GoogleWorkspaceProviderMappingRequest: type: object description: GoogleWorkspaceProviderMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 required: - expression - name GoogleWorkspaceProviderRequest: type: object description: GoogleWorkspaceProvider Serializer properties: name: type: string minLength: 1 property_mappings: type: array items: type: string format: uuid property_mappings_group: type: array items: type: string format: uuid description: Property mappings used for group creation/updating. delegated_subject: type: string format: email minLength: 1 maxLength: 254 credentials: {} scopes: type: string minLength: 1 exclude_users_service_account: type: boolean filter_group: type: string format: uuid nullable: true user_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' group_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' default_group_email_domain: type: string minLength: 1 dry_run: type: boolean description: When enabled, provider will not modify or create objects in the remote system. required: - credentials - default_group_email_domain - delegated_subject - name GoogleWorkspaceProviderUser: type: object description: GoogleWorkspaceProviderUser Serializer properties: id: type: string format: uuid readOnly: true google_id: type: string user: type: integer user_obj: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true provider: type: integer attributes: readOnly: true required: - attributes - google_id - id - provider - user - user_obj GoogleWorkspaceProviderUserRequest: type: object description: GoogleWorkspaceProviderUser Serializer properties: google_id: type: string minLength: 1 user: type: integer provider: type: integer required: - google_id - provider - user Group: type: object description: Group Serializer properties: pk: type: string format: uuid readOnly: true title: Group uuid num_pk: type: integer readOnly: true name: type: string is_superuser: type: boolean description: Users added to this group will be superusers. parent: type: string format: uuid nullable: true parent_name: type: string readOnly: true nullable: true users: type: array items: type: integer users_obj: type: array items: $ref: '#/components/schemas/GroupMember' readOnly: true nullable: true attributes: type: object additionalProperties: {} roles: type: array items: type: string format: uuid roles_obj: type: array items: $ref: '#/components/schemas/Role' readOnly: true required: - name - num_pk - parent_name - pk - roles_obj - users_obj GroupKerberosSourceConnection: type: object description: Group Source Connection properties: pk: type: integer readOnly: true title: ID group: type: string format: uuid source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - group - identifier - last_updated - pk - source - source_obj GroupKerberosSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 required: - group - identifier - source GroupLDAPSourceConnection: type: object description: Group Source Connection properties: pk: type: integer readOnly: true title: ID group: type: string format: uuid source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - group - identifier - last_updated - pk - source - source_obj GroupLDAPSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 required: - group - identifier - source GroupMatchingModeEnum: enum: - identifier - name_link - name_deny type: string GroupMember: type: object description: Stripped down user serializer to show relevant users for groups properties: pk: type: integer readOnly: true title: ID username: type: string description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. pattern: ^[\w.@+-]+$ maxLength: 150 name: type: string description: User's display name. is_active: type: boolean title: Active description: Designates whether this user should be treated as active. Unselect this instead of deleting accounts. last_login: type: string format: date-time nullable: true email: type: string format: email title: Email address maxLength: 254 attributes: type: object additionalProperties: {} uid: type: string readOnly: true required: - name - pk - uid - username GroupMemberRequest: type: object description: Stripped down user serializer to show relevant users for groups properties: username: type: string minLength: 1 description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. pattern: ^[\w.@+-]+$ maxLength: 150 name: type: string minLength: 1 description: User's display name. is_active: type: boolean title: Active description: Designates whether this user should be treated as active. Unselect this instead of deleting accounts. last_login: type: string format: date-time nullable: true email: type: string format: email title: Email address maxLength: 254 attributes: type: object additionalProperties: {} required: - name - username GroupOAuthSourceConnection: type: object description: Group Source Connection properties: pk: type: integer readOnly: true title: ID group: type: string format: uuid source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - group - identifier - last_updated - pk - source - source_obj GroupOAuthSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 required: - group - identifier - source GroupPlexSourceConnection: type: object description: Group Source Connection properties: pk: type: integer readOnly: true title: ID group: type: string format: uuid source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - group - identifier - last_updated - pk - source - source_obj GroupPlexSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 required: - group - identifier - source GroupRequest: type: object description: Group Serializer properties: name: type: string minLength: 1 is_superuser: type: boolean description: Users added to this group will be superusers. parent: type: string format: uuid nullable: true users: type: array items: type: integer attributes: type: object additionalProperties: {} roles: type: array items: type: string format: uuid required: - name GroupSAMLSourceConnection: type: object description: Group Source Connection properties: pk: type: integer readOnly: true title: ID group: type: string format: uuid source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - group - identifier - last_updated - pk - source - source_obj GroupSAMLSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 required: - group - identifier - source GroupSourceConnection: type: object description: Group Source Connection properties: pk: type: integer readOnly: true title: ID group: type: string format: uuid source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - group - identifier - last_updated - pk - source - source_obj GroupSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 required: - group - identifier - source IdentificationChallenge: type: object description: Identification challenges with all UI elements properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-identification response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' user_fields: type: array items: type: string nullable: true password_fields: type: boolean allow_show_password: type: boolean default: false application_pre: type: string flow_designation: $ref: '#/components/schemas/FlowDesignationEnum' captcha_stage: allOf: - $ref: '#/components/schemas/CaptchaChallenge' nullable: true enroll_url: type: string recovery_url: type: string passwordless_url: type: string primary_action: type: string sources: type: array items: $ref: '#/components/schemas/LoginSource' show_source_labels: type: boolean enable_remember_me: type: boolean default: true required: - flow_designation - password_fields - primary_action - show_source_labels - user_fields IdentificationChallengeResponseRequest: type: object description: Identification challenge properties: component: type: string minLength: 1 default: ak-stage-identification uid_field: type: string minLength: 1 password: type: string nullable: true captcha_token: type: string nullable: true required: - uid_field IdentificationStage: type: object description: IdentificationStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' user_fields: type: array items: $ref: '#/components/schemas/UserFieldsEnum' description: Fields of the user object to match against. (Hold shift to select multiple options) password_stage: type: string format: uuid nullable: true description: When set, shows a password field, instead of showing the password field as separate step. captcha_stage: type: string format: uuid nullable: true description: When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. case_insensitive_matching: type: boolean description: When enabled, user fields are matched regardless of their casing. show_matched_user: type: boolean description: When a valid username/email has been entered, and this option is enabled, the user's username and avatar will be shown. Otherwise, the text that the user entered will be shown enrollment_flow: type: string format: uuid nullable: true description: Optional enrollment flow, which is linked at the bottom of the page. recovery_flow: type: string format: uuid nullable: true description: Optional recovery flow, which is linked at the bottom of the page. passwordless_flow: type: string format: uuid nullable: true description: Optional passwordless flow, which is linked at the bottom of the page. sources: type: array items: type: string format: uuid description: Specify which sources should be shown. show_source_labels: type: boolean pretend_user_exists: type: boolean description: When enabled, the stage will succeed and continue even when incorrect user info is entered. enable_remember_me: type: boolean description: Show the user the 'Remember me on this device' toggle, allowing repeat users to skip straight to entering their password. required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural IdentificationStageRequest: type: object description: IdentificationStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' user_fields: type: array items: $ref: '#/components/schemas/UserFieldsEnum' description: Fields of the user object to match against. (Hold shift to select multiple options) password_stage: type: string format: uuid nullable: true description: When set, shows a password field, instead of showing the password field as separate step. captcha_stage: type: string format: uuid nullable: true description: When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. case_insensitive_matching: type: boolean description: When enabled, user fields are matched regardless of their casing. show_matched_user: type: boolean description: When a valid username/email has been entered, and this option is enabled, the user's username and avatar will be shown. Otherwise, the text that the user entered will be shown enrollment_flow: type: string format: uuid nullable: true description: Optional enrollment flow, which is linked at the bottom of the page. recovery_flow: type: string format: uuid nullable: true description: Optional recovery flow, which is linked at the bottom of the page. passwordless_flow: type: string format: uuid nullable: true description: Optional passwordless flow, which is linked at the bottom of the page. sources: type: array items: type: string format: uuid description: Specify which sources should be shown. show_source_labels: type: boolean pretend_user_exists: type: boolean description: When enabled, the stage will succeed and continue even when incorrect user info is entered. enable_remember_me: type: boolean description: Show the user the 'Remember me on this device' toggle, allowing repeat users to skip straight to entering their password. required: - name ImpersonationRequest: type: object properties: reason: type: string minLength: 1 required: - reason InitialPermissions: type: object description: InitialPermissions serializer properties: pk: type: integer readOnly: true title: ID name: type: string maxLength: 150 mode: $ref: '#/components/schemas/InitialPermissionsModeEnum' role: type: string format: uuid permissions: type: array items: type: integer permissions_obj: type: array items: $ref: '#/components/schemas/Permission' readOnly: true required: - mode - name - permissions_obj - pk - role InitialPermissionsModeEnum: enum: - user - role type: string InitialPermissionsRequest: type: object description: InitialPermissions serializer properties: name: type: string minLength: 1 maxLength: 150 mode: $ref: '#/components/schemas/InitialPermissionsModeEnum' role: type: string format: uuid permissions: type: array items: type: integer required: - mode - name - role InstallID: type: object properties: install_id: type: string required: - install_id IntentEnum: enum: - verification - api - recovery - app_password type: string InvalidResponseActionEnum: enum: - retry - restart - restart_with_context type: string Invitation: type: object description: Invitation Serializer properties: pk: type: string format: uuid readOnly: true title: Invite uuid name: type: string maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ expires: type: string format: date-time nullable: true fixed_data: type: object additionalProperties: {} created_by: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true single_use: type: boolean description: When enabled, the invitation will be deleted after usage. flow: type: string format: uuid nullable: true description: When set, only the configured flow can use this invitation. flow_obj: allOf: - $ref: '#/components/schemas/Flow' readOnly: true required: - created_by - flow_obj - name - pk InvitationRequest: type: object description: Invitation Serializer properties: name: type: string minLength: 1 maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ expires: type: string format: date-time nullable: true fixed_data: type: object additionalProperties: {} single_use: type: boolean description: When enabled, the invitation will be deleted after usage. flow: type: string format: uuid nullable: true description: When set, only the configured flow can use this invitation. required: - name InvitationStage: type: object description: InvitationStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' continue_flow_without_invitation: type: boolean description: If this flag is set, this Stage will jump to the next Stage when no Invitation is given. By default this Stage will cancel the Flow when no invitation is given. required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural InvitationStageRequest: type: object description: InvitationStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' continue_flow_without_invitation: type: boolean description: If this flag is set, this Stage will jump to the next Stage when no Invitation is given. By default this Stage will cancel the Flow when no invitation is given. required: - name IssuerModeEnum: enum: - global - per_provider type: string KadminTypeEnum: enum: - MIT - Heimdal - other type: string KerberosSource: type: object description: Kerberos Source Serializer properties: pk: type: string format: uuid readOnly: true title: Pbm uuid name: type: string description: Source's display Name. slug: type: string description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. readOnly: true user_path_template: type: string icon: type: string readOnly: true group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. realm: type: string description: Kerberos realm krb5_conf: type: string description: Custom krb5.conf to use. Uses the system one by default kadmin_type: allOf: - $ref: '#/components/schemas/KadminTypeEnum' description: KAdmin server type sync_users: type: boolean description: Sync users from Kerberos into authentik sync_users_password: type: boolean description: When a user changes their password, sync it back to Kerberos sync_principal: type: string description: Principal to authenticate to kadmin for sync. sync_ccache: type: string description: Credentials cache to authenticate to kadmin for sync. Must be in the form TYPE:residual connectivity: type: object additionalProperties: type: string nullable: true description: Get cached source connectivity readOnly: true spnego_server_name: type: string description: Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname spnego_ccache: type: string description: Credential cache to use for SPNEGO in form type:residual password_login_update_internal_password: type: boolean description: If enabled, the authentik-stored password will be updated upon login with the Kerberos password backend required: - component - connectivity - icon - managed - meta_model_name - name - pk - realm - slug - verbose_name - verbose_name_plural KerberosSourcePropertyMapping: type: object description: Kerberos PropertyMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural KerberosSourcePropertyMappingRequest: type: object description: Kerberos PropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 required: - expression - name KerberosSourceRequest: type: object description: Kerberos Source Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. user_path_template: type: string minLength: 1 group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. realm: type: string minLength: 1 description: Kerberos realm krb5_conf: type: string description: Custom krb5.conf to use. Uses the system one by default kadmin_type: allOf: - $ref: '#/components/schemas/KadminTypeEnum' description: KAdmin server type sync_users: type: boolean description: Sync users from Kerberos into authentik sync_users_password: type: boolean description: When a user changes their password, sync it back to Kerberos sync_principal: type: string description: Principal to authenticate to kadmin for sync. sync_password: type: string writeOnly: true description: Password to authenticate to kadmin for sync sync_keytab: type: string writeOnly: true description: Keytab to authenticate to kadmin for sync. Must be base64-encoded or in the form TYPE:residual sync_ccache: type: string description: Credentials cache to authenticate to kadmin for sync. Must be in the form TYPE:residual spnego_server_name: type: string description: Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname spnego_keytab: type: string writeOnly: true description: SPNEGO keytab base64-encoded or path to keytab in the form FILE:path spnego_ccache: type: string description: Credential cache to use for SPNEGO in form type:residual password_login_update_internal_password: type: boolean description: If enabled, the authentik-stored password will be updated upon login with the Kerberos password backend required: - name - realm - slug KerberosSyncStatus: type: object description: Kerberos Source sync status properties: is_running: type: boolean readOnly: true tasks: type: array items: $ref: '#/components/schemas/SystemTask' readOnly: true required: - is_running - tasks KubernetesServiceConnection: type: object description: KubernetesServiceConnection Serializer properties: pk: type: string format: uuid readOnly: true title: Uuid name: type: string local: type: boolean description: If enabled, use the local connection. Required Docker socket/Kubernetes Integration component: type: string readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true kubeconfig: description: Paste your kubeconfig here. authentik will automatically use the currently selected context. verify_ssl: type: boolean description: Verify SSL Certificates of the Kubernetes API endpoint required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural KubernetesServiceConnectionRequest: type: object description: KubernetesServiceConnection Serializer properties: name: type: string minLength: 1 local: type: boolean description: If enabled, use the local connection. Required Docker socket/Kubernetes Integration kubeconfig: description: Paste your kubeconfig here. authentik will automatically use the currently selected context. verify_ssl: type: boolean description: Verify SSL Certificates of the Kubernetes API endpoint required: - name LDAPAPIAccessMode: enum: - direct - cached type: string LDAPCheckAccess: type: object description: Base serializer class which doesn't implement create/update methods properties: has_search_permission: type: boolean access: $ref: '#/components/schemas/PolicyTestResult' required: - access LDAPDebug: type: object properties: user: type: array items: type: object additionalProperties: {} readOnly: true group: type: array items: type: object additionalProperties: {} readOnly: true membership: type: array items: type: object additionalProperties: {} readOnly: true required: - group - membership - user LDAPOutpostConfig: type: object description: LDAPProvider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string base_dn: type: string description: DN under which objects are accessible. bind_flow_slug: type: string unbind_flow_slug: type: string nullable: true description: Get slug for unbind flow, defaulting to brand's default flow. readOnly: true application_slug: type: string description: Prioritise backchannel slug over direct application slug readOnly: true certificate: type: string format: uuid nullable: true tls_server_name: type: string uid_start_number: type: integer maximum: 2147483647 minimum: -2147483648 description: The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber gid_start_number: type: integer maximum: 2147483647 minimum: -2147483648 description: The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber search_mode: $ref: '#/components/schemas/LDAPAPIAccessMode' bind_mode: $ref: '#/components/schemas/LDAPAPIAccessMode' mfa_support: type: boolean description: When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon. required: - application_slug - bind_flow_slug - name - pk - unbind_flow_slug LDAPProvider: type: object description: LDAPProvider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true assigned_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_application_name: type: string description: Application's display Name. readOnly: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true base_dn: type: string description: DN under which objects are accessible. certificate: type: string format: uuid nullable: true tls_server_name: type: string uid_start_number: type: integer maximum: 2147483647 minimum: -2147483648 description: The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber gid_start_number: type: integer maximum: 2147483647 minimum: -2147483648 description: The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber outpost_set: type: array items: type: string readOnly: true search_mode: $ref: '#/components/schemas/LDAPAPIAccessMode' bind_mode: $ref: '#/components/schemas/LDAPAPIAccessMode' mfa_support: type: boolean description: When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon. required: - assigned_application_name - assigned_application_slug - assigned_backchannel_application_name - assigned_backchannel_application_slug - authorization_flow - component - invalidation_flow - meta_model_name - name - outpost_set - pk - verbose_name - verbose_name_plural LDAPProviderRequest: type: object description: LDAPProvider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid base_dn: type: string minLength: 1 description: DN under which objects are accessible. certificate: type: string format: uuid nullable: true tls_server_name: type: string uid_start_number: type: integer maximum: 2147483647 minimum: -2147483648 description: The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber gid_start_number: type: integer maximum: 2147483647 minimum: -2147483648 description: The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber search_mode: $ref: '#/components/schemas/LDAPAPIAccessMode' bind_mode: $ref: '#/components/schemas/LDAPAPIAccessMode' mfa_support: type: boolean description: When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon. required: - authorization_flow - invalidation_flow - name LDAPSource: type: object description: LDAP Source Serializer properties: pk: type: string format: uuid readOnly: true title: Pbm uuid name: type: string description: Source's display Name. slug: type: string description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. readOnly: true user_path_template: type: string icon: type: string readOnly: true server_uri: type: string format: uri peer_certificate: type: string format: uuid nullable: true description: Optionally verify the LDAP Server's Certificate against the CA Chain in this keypair. client_certificate: type: string format: uuid nullable: true description: Client certificate to authenticate against the LDAP Server's Certificate. bind_cn: type: string start_tls: type: boolean title: Enable Start TLS sni: type: boolean title: Use Server URI for SNI verification base_dn: type: string additional_user_dn: type: string title: Addition User DN description: Prepended to Base DN for User-queries. additional_group_dn: type: string title: Addition Group DN description: Prepended to Base DN for Group-queries. user_object_filter: type: string description: Consider Objects matching this filter to be Users. group_object_filter: type: string description: Consider Objects matching this filter to be Groups. group_membership_field: type: string description: Field which contains members of a group. user_membership_attribute: type: string description: Attribute which matches the value of `group_membership_field`. object_uniqueness_field: type: string description: Field which contains a unique Identifier. password_login_update_internal_password: type: boolean description: Update internal authentik password when login succeeds with LDAP sync_users: type: boolean sync_users_password: type: boolean description: When a user changes their password, sync it back to LDAP. This can only be enabled on a single LDAP source. sync_groups: type: boolean sync_parent_group: type: string format: uuid nullable: true connectivity: type: object additionalProperties: type: object additionalProperties: type: string nullable: true description: Get cached source connectivity readOnly: true lookup_groups_from_user: type: boolean description: Lookup group membership based on a user attribute instead of a group attribute. This allows nested group resolution on systems like FreeIPA and Active Directory delete_not_found_objects: type: boolean description: Delete authentik users and groups which were previously supplied by this source, but are now missing from it. required: - base_dn - component - connectivity - icon - managed - meta_model_name - name - pk - server_uri - slug - verbose_name - verbose_name_plural LDAPSourcePropertyMapping: type: object description: LDAP PropertyMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural LDAPSourcePropertyMappingRequest: type: object description: LDAP PropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 required: - expression - name LDAPSourceRequest: type: object description: LDAP Source Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. user_path_template: type: string minLength: 1 server_uri: type: string minLength: 1 format: uri peer_certificate: type: string format: uuid nullable: true description: Optionally verify the LDAP Server's Certificate against the CA Chain in this keypair. client_certificate: type: string format: uuid nullable: true description: Client certificate to authenticate against the LDAP Server's Certificate. bind_cn: type: string bind_password: type: string writeOnly: true start_tls: type: boolean title: Enable Start TLS sni: type: boolean title: Use Server URI for SNI verification base_dn: type: string minLength: 1 additional_user_dn: type: string title: Addition User DN description: Prepended to Base DN for User-queries. additional_group_dn: type: string title: Addition Group DN description: Prepended to Base DN for Group-queries. user_object_filter: type: string minLength: 1 description: Consider Objects matching this filter to be Users. group_object_filter: type: string minLength: 1 description: Consider Objects matching this filter to be Groups. group_membership_field: type: string minLength: 1 description: Field which contains members of a group. user_membership_attribute: type: string minLength: 1 description: Attribute which matches the value of `group_membership_field`. object_uniqueness_field: type: string minLength: 1 description: Field which contains a unique Identifier. password_login_update_internal_password: type: boolean description: Update internal authentik password when login succeeds with LDAP sync_users: type: boolean sync_users_password: type: boolean description: When a user changes their password, sync it back to LDAP. This can only be enabled on a single LDAP source. sync_groups: type: boolean sync_parent_group: type: string format: uuid nullable: true lookup_groups_from_user: type: boolean description: Lookup group membership based on a user attribute instead of a group attribute. This allows nested group resolution on systems like FreeIPA and Active Directory delete_not_found_objects: type: boolean description: Delete authentik users and groups which were previously supplied by this source, but are now missing from it. required: - base_dn - name - server_uri - slug License: type: object description: License Serializer properties: license_uuid: type: string format: uuid readOnly: true name: type: string readOnly: true key: type: string expiry: type: string format: date-time readOnly: true internal_users: type: integer readOnly: true external_users: type: integer readOnly: true required: - expiry - external_users - internal_users - key - license_uuid - name LicenseFlagsEnum: enum: - trial - non_production type: string LicenseForecast: type: object description: Serializer for license forecast properties: internal_users: type: integer external_users: type: integer forecasted_internal_users: type: integer forecasted_external_users: type: integer required: - external_users - forecasted_external_users - forecasted_internal_users - internal_users LicenseRequest: type: object description: License Serializer properties: key: type: string minLength: 1 required: - key LicenseSummary: type: object description: Serializer for license status properties: internal_users: type: integer external_users: type: integer status: $ref: '#/components/schemas/LicenseSummaryStatusEnum' latest_valid: type: string format: date-time license_flags: type: array items: $ref: '#/components/schemas/LicenseFlagsEnum' required: - external_users - internal_users - latest_valid - license_flags - status LicenseSummaryStatusEnum: enum: - unlicensed - valid - expired - expiry_soon - limit_exceeded_admin - limit_exceeded_user - read_only type: string Link: type: object description: Returns a single link properties: link: type: string required: - link LogEvent: type: object description: Single log message with all context logged. properties: timestamp: type: string format: date-time log_level: $ref: '#/components/schemas/LogLevelEnum' logger: type: string event: type: string attributes: type: object additionalProperties: {} required: - attributes - event - log_level - logger - timestamp LogLevelEnum: enum: - critical - exception - error - warn - warning - info - debug - notset type: string LoginChallengeTypes: oneOf: - $ref: '#/components/schemas/RedirectChallenge' - $ref: '#/components/schemas/AppleLoginChallenge' - $ref: '#/components/schemas/PlexAuthenticationChallenge' discriminator: propertyName: component mapping: xak-flow-redirect: '#/components/schemas/RedirectChallenge' ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge' ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge' LoginMetrics: type: object description: Login Metrics per 1h properties: logins: type: array items: $ref: '#/components/schemas/Coordinate' readOnly: true logins_failed: type: array items: $ref: '#/components/schemas/Coordinate' readOnly: true authorizations: type: array items: $ref: '#/components/schemas/Coordinate' readOnly: true required: - authorizations - logins - logins_failed LoginSource: type: object description: Serializer for Login buttons of sources properties: name: type: string icon_url: type: string nullable: true challenge: $ref: '#/components/schemas/LoginChallengeTypes' required: - challenge - name MatchingModeEnum: enum: - strict - regex type: string Metadata: type: object description: Serializer for blueprint metadata properties: name: type: string labels: type: object additionalProperties: {} required: - labels - name MicrosoftEntraProvider: type: object description: MicrosoftEntraProvider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string property_mappings: type: array items: type: string format: uuid property_mappings_group: type: array items: type: string format: uuid description: Property mappings used for group creation/updating. component: type: string description: Get object component so that we know how to edit the object readOnly: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true client_id: type: string client_secret: type: string tenant_id: type: string exclude_users_service_account: type: boolean filter_group: type: string format: uuid nullable: true user_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' group_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' dry_run: type: boolean description: When enabled, provider will not modify or create objects in the remote system. required: - assigned_backchannel_application_name - assigned_backchannel_application_slug - client_id - client_secret - component - meta_model_name - name - pk - tenant_id - verbose_name - verbose_name_plural MicrosoftEntraProviderGroup: type: object description: MicrosoftEntraProviderGroup Serializer properties: id: type: string format: uuid readOnly: true microsoft_id: type: string group: type: string format: uuid group_obj: allOf: - $ref: '#/components/schemas/UserGroup' readOnly: true provider: type: integer attributes: readOnly: true required: - attributes - group - group_obj - id - microsoft_id - provider MicrosoftEntraProviderGroupRequest: type: object description: MicrosoftEntraProviderGroup Serializer properties: microsoft_id: type: string minLength: 1 group: type: string format: uuid provider: type: integer required: - group - microsoft_id - provider MicrosoftEntraProviderMapping: type: object description: MicrosoftEntraProviderMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural MicrosoftEntraProviderMappingRequest: type: object description: MicrosoftEntraProviderMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 required: - expression - name MicrosoftEntraProviderRequest: type: object description: MicrosoftEntraProvider Serializer properties: name: type: string minLength: 1 property_mappings: type: array items: type: string format: uuid property_mappings_group: type: array items: type: string format: uuid description: Property mappings used for group creation/updating. client_id: type: string minLength: 1 client_secret: type: string minLength: 1 tenant_id: type: string minLength: 1 exclude_users_service_account: type: boolean filter_group: type: string format: uuid nullable: true user_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' group_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' dry_run: type: boolean description: When enabled, provider will not modify or create objects in the remote system. required: - client_id - client_secret - name - tenant_id MicrosoftEntraProviderUser: type: object description: MicrosoftEntraProviderUser Serializer properties: id: type: string format: uuid readOnly: true microsoft_id: type: string user: type: integer user_obj: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true provider: type: integer attributes: readOnly: true required: - attributes - id - microsoft_id - provider - user - user_obj MicrosoftEntraProviderUserRequest: type: object description: MicrosoftEntraProviderUser Serializer properties: microsoft_id: type: string minLength: 1 user: type: integer provider: type: integer required: - microsoft_id - provider - user ModelEnum: enum: - authentik_tenants.domain - authentik_crypto.certificatekeypair - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping - authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice - authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt - authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_enterprise.license - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping type: string MutualTLSStage: type: object description: MutualTLSStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' mode: $ref: '#/components/schemas/MutualTLSStageModeEnum' certificate_authorities: type: array items: type: string format: uuid description: Configure certificate authorities to validate the certificate against. This option has a higher priority than the `client_certificate` option on `Brand`. cert_attribute: $ref: '#/components/schemas/CertAttributeEnum' user_attribute: $ref: '#/components/schemas/UserAttributeEnum' required: - cert_attribute - component - meta_model_name - mode - name - pk - user_attribute - verbose_name - verbose_name_plural MutualTLSStageModeEnum: enum: - optional - required type: string MutualTLSStageRequest: type: object description: MutualTLSStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' mode: $ref: '#/components/schemas/MutualTLSStageModeEnum' certificate_authorities: type: array items: type: string format: uuid description: Configure certificate authorities to validate the certificate against. This option has a higher priority than the `client_certificate` option on `Brand`. cert_attribute: $ref: '#/components/schemas/CertAttributeEnum' user_attribute: $ref: '#/components/schemas/UserAttributeEnum' required: - cert_attribute - mode - name - user_attribute NameIdPolicyEnum: enum: - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent - urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName - urn:oasis:names:tc:SAML:2.0:nameid-format:transient type: string NetworkBindingEnum: enum: - no_binding - bind_asn - bind_asn_network - bind_asn_network_ip type: string NotConfiguredActionEnum: enum: - skip - deny - configure type: string Notification: type: object description: Notification Serializer properties: pk: type: string format: uuid readOnly: true title: Uuid severity: allOf: - $ref: '#/components/schemas/SeverityEnum' readOnly: true body: type: string readOnly: true created: type: string format: date-time readOnly: true event: $ref: '#/components/schemas/Event' seen: type: boolean required: - body - created - pk - severity NotificationRequest: type: object description: Notification Serializer properties: event: $ref: '#/components/schemas/EventRequest' seen: type: boolean NotificationRule: type: object description: NotificationRule Serializer properties: pk: type: string format: uuid readOnly: true title: Pbm uuid name: type: string transports: type: array items: type: string format: uuid description: Select which transports should be used to notify the user. If none are selected, the notification will only be shown in the authentik UI. severity: allOf: - $ref: '#/components/schemas/SeverityEnum' description: Controls which severity level the created notifications will have. group: type: string format: uuid nullable: true description: Define which group of users this notification should be sent and shown to. If left empty, Notification won't ben sent. group_obj: allOf: - $ref: '#/components/schemas/Group' readOnly: true required: - group_obj - name - pk NotificationRuleRequest: type: object description: NotificationRule Serializer properties: name: type: string minLength: 1 transports: type: array items: type: string format: uuid description: Select which transports should be used to notify the user. If none are selected, the notification will only be shown in the authentik UI. severity: allOf: - $ref: '#/components/schemas/SeverityEnum' description: Controls which severity level the created notifications will have. group: type: string format: uuid nullable: true description: Define which group of users this notification should be sent and shown to. If left empty, Notification won't ben sent. required: - name NotificationTransport: type: object description: NotificationTransport Serializer properties: pk: type: string format: uuid readOnly: true title: Uuid name: type: string mode: $ref: '#/components/schemas/NotificationTransportModeEnum' mode_verbose: type: string description: Return selected mode with a UI Label readOnly: true webhook_url: type: string format: uri webhook_mapping_body: type: string format: uuid nullable: true description: Customize the body of the request. Mapping should return data that is JSON-serializable. webhook_mapping_headers: type: string format: uuid nullable: true description: Configure additional headers to be sent. Mapping should return a dictionary of key-value pairs send_once: type: boolean description: Only send notification once, for example when sending a webhook into a chat channel. required: - mode_verbose - name - pk NotificationTransportModeEnum: enum: - local - webhook - webhook_slack - email type: string NotificationTransportRequest: type: object description: NotificationTransport Serializer properties: name: type: string minLength: 1 mode: $ref: '#/components/schemas/NotificationTransportModeEnum' webhook_url: type: string format: uri webhook_mapping_body: type: string format: uuid nullable: true description: Customize the body of the request. Mapping should return data that is JSON-serializable. webhook_mapping_headers: type: string format: uuid nullable: true description: Configure additional headers to be sent. Mapping should return a dictionary of key-value pairs send_once: type: boolean description: Only send notification once, for example when sending a webhook into a chat channel. required: - name NotificationTransportTest: type: object description: Notification test serializer properties: messages: type: array items: type: string required: - messages NotificationWebhookMapping: type: object description: NotificationWebhookMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid name: type: string expression: type: string required: - expression - name - pk NotificationWebhookMappingRequest: type: object description: NotificationWebhookMapping Serializer properties: name: type: string minLength: 1 expression: type: string minLength: 1 required: - expression - name OAuth2Provider: type: object description: OAuth2Provider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true assigned_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_application_name: type: string description: Application's display Name. readOnly: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true client_type: allOf: - $ref: '#/components/schemas/ClientTypeEnum' description: Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable client_id: type: string maxLength: 255 client_secret: type: string maxLength: 255 access_code_validity: type: string description: 'Access codes not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' access_token_validity: type: string description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' refresh_token_validity: type: string description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' include_claims_in_id_token: type: boolean description: Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint. signing_key: type: string format: uuid nullable: true description: Key used to sign the tokens. encryption_key: type: string format: uuid nullable: true description: Key used to encrypt the tokens. When set, tokens will be encrypted and returned as JWEs. redirect_uris: type: array items: $ref: '#/components/schemas/RedirectURI' sub_mode: allOf: - $ref: '#/components/schemas/SubModeEnum' description: Configure what data should be used as unique User Identifier. For most cases, the default should be fine. issuer_mode: allOf: - $ref: '#/components/schemas/IssuerModeEnum' description: Configure how the issuer field of the ID Token should be filled. jwt_federation_sources: type: array items: type: string format: uuid title: Any JWT signed by the JWK of the selected source can be used to authenticate. title: Any JWT signed by the JWK of the selected source can be used to authenticate. jwt_federation_providers: type: array items: type: integer required: - assigned_application_name - assigned_application_slug - assigned_backchannel_application_name - assigned_backchannel_application_slug - authorization_flow - component - invalidation_flow - meta_model_name - name - pk - redirect_uris - verbose_name - verbose_name_plural OAuth2ProviderRequest: type: object description: OAuth2Provider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid client_type: allOf: - $ref: '#/components/schemas/ClientTypeEnum' description: Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable client_id: type: string minLength: 1 maxLength: 255 client_secret: type: string maxLength: 255 access_code_validity: type: string minLength: 1 description: 'Access codes not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' access_token_validity: type: string minLength: 1 description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' refresh_token_validity: type: string minLength: 1 description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' include_claims_in_id_token: type: boolean description: Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint. signing_key: type: string format: uuid nullable: true description: Key used to sign the tokens. encryption_key: type: string format: uuid nullable: true description: Key used to encrypt the tokens. When set, tokens will be encrypted and returned as JWEs. redirect_uris: type: array items: $ref: '#/components/schemas/RedirectURIRequest' sub_mode: allOf: - $ref: '#/components/schemas/SubModeEnum' description: Configure what data should be used as unique User Identifier. For most cases, the default should be fine. issuer_mode: allOf: - $ref: '#/components/schemas/IssuerModeEnum' description: Configure how the issuer field of the ID Token should be filled. jwt_federation_sources: type: array items: type: string format: uuid title: Any JWT signed by the JWK of the selected source can be used to authenticate. title: Any JWT signed by the JWK of the selected source can be used to authenticate. jwt_federation_providers: type: array items: type: integer required: - authorization_flow - invalidation_flow - name - redirect_uris OAuth2ProviderSetupURLs: type: object description: OAuth2 Provider Metadata serializer properties: issuer: type: string readOnly: true authorize: type: string readOnly: true token: type: string readOnly: true user_info: type: string readOnly: true provider_info: type: string readOnly: true logout: type: string readOnly: true jwks: type: string readOnly: true required: - authorize - issuer - jwks - logout - provider_info - token - user_info OAuthDeviceCodeChallenge: type: object description: OAuth Device code challenge properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-provider-oauth2-device-code response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' OAuthDeviceCodeChallengeResponseRequest: type: object description: Response that includes the user-entered device code properties: component: type: string minLength: 1 default: ak-provider-oauth2-device-code code: type: string minLength: 1 required: - code OAuthDeviceCodeFinishChallenge: type: object description: Final challenge after user enters their code properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-provider-oauth2-device-code-finish response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' OAuthDeviceCodeFinishChallengeResponseRequest: type: object description: Response that device has been authenticated and tab can be closed properties: component: type: string minLength: 1 default: ak-provider-oauth2-device-code-finish OAuthSource: type: object description: OAuth Source Serializer properties: pk: type: string format: uuid readOnly: true title: Pbm uuid name: type: string description: Source's display Name. slug: type: string description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. readOnly: true user_path_template: type: string icon: type: string nullable: true readOnly: true group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. provider_type: $ref: '#/components/schemas/ProviderTypeEnum' request_token_url: type: string nullable: true description: URL used to request the initial token. This URL is only required for OAuth 1. maxLength: 255 authorization_url: type: string nullable: true description: URL the user is redirect to to conest the flow. maxLength: 255 access_token_url: type: string nullable: true description: URL used by authentik to retrieve tokens. maxLength: 255 profile_url: type: string nullable: true description: URL used by authentik to get user information. maxLength: 255 consumer_key: type: string callback_url: type: string description: Get OAuth Callback URL readOnly: true additional_scopes: type: string type: allOf: - $ref: '#/components/schemas/SourceType' readOnly: true oidc_well_known_url: type: string oidc_jwks_url: type: string oidc_jwks: {} authorization_code_auth_method: allOf: - $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum' description: How to perform authentication during an authorization_code token request flow required: - callback_url - component - consumer_key - icon - managed - meta_model_name - name - pk - provider_type - slug - type - verbose_name - verbose_name_plural OAuthSourcePropertyMapping: type: object description: OAuthSourcePropertyMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural OAuthSourcePropertyMappingRequest: type: object description: OAuthSourcePropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 required: - expression - name OAuthSourceRequest: type: object description: OAuth Source Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. user_path_template: type: string minLength: 1 group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. provider_type: $ref: '#/components/schemas/ProviderTypeEnum' request_token_url: type: string nullable: true description: URL used to request the initial token. This URL is only required for OAuth 1. maxLength: 255 authorization_url: type: string nullable: true description: URL the user is redirect to to conest the flow. maxLength: 255 access_token_url: type: string nullable: true description: URL used by authentik to retrieve tokens. maxLength: 255 profile_url: type: string nullable: true description: URL used by authentik to get user information. maxLength: 255 consumer_key: type: string minLength: 1 consumer_secret: type: string writeOnly: true minLength: 1 additional_scopes: type: string oidc_well_known_url: type: string oidc_jwks_url: type: string oidc_jwks: {} authorization_code_auth_method: allOf: - $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum' description: How to perform authentication during an authorization_code token request flow required: - consumer_key - consumer_secret - name - provider_type - slug OpenIDConnectConfiguration: type: object description: rest_framework Serializer for OIDC Configuration properties: issuer: type: string authorization_endpoint: type: string token_endpoint: type: string userinfo_endpoint: type: string end_session_endpoint: type: string introspection_endpoint: type: string jwks_uri: type: string response_types_supported: type: array items: type: string id_token_signing_alg_values_supported: type: array items: type: string subject_types_supported: type: array items: type: string token_endpoint_auth_methods_supported: type: array items: type: string required: - authorization_endpoint - end_session_endpoint - id_token_signing_alg_values_supported - introspection_endpoint - issuer - jwks_uri - response_types_supported - subject_types_supported - token_endpoint - token_endpoint_auth_methods_supported - userinfo_endpoint OutgoingSyncDeleteAction: enum: - do_nothing - delete - suspend type: string Outpost: type: object description: Outpost Serializer properties: pk: type: string format: uuid readOnly: true title: Uuid name: type: string type: $ref: '#/components/schemas/OutpostTypeEnum' providers: type: array items: type: integer providers_obj: type: array items: $ref: '#/components/schemas/Provider' readOnly: true service_connection: type: string format: uuid nullable: true description: Select Service-Connection authentik should use to manage this outpost. Leave empty if authentik should not handle the deployment. service_connection_obj: allOf: - $ref: '#/components/schemas/ServiceConnection' readOnly: true refresh_interval_s: type: integer readOnly: true token_identifier: type: string description: Get Token identifier readOnly: true config: type: object additionalProperties: {} managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. required: - config - name - pk - providers - providers_obj - refresh_interval_s - service_connection_obj - token_identifier - type OutpostDefaultConfig: type: object description: Global default outpost config properties: config: type: object additionalProperties: {} readOnly: true required: - config OutpostHealth: type: object description: Outpost health status properties: uid: type: string readOnly: true last_seen: type: string format: date-time readOnly: true version: type: string readOnly: true golang_version: type: string readOnly: true openssl_enabled: type: boolean readOnly: true openssl_version: type: string readOnly: true fips_enabled: type: boolean nullable: true description: Get FIPS enabled readOnly: true version_should: type: string readOnly: true version_outdated: type: boolean readOnly: true build_hash: type: string readOnly: true build_hash_should: type: string readOnly: true hostname: type: string readOnly: true required: - build_hash - build_hash_should - fips_enabled - golang_version - hostname - last_seen - openssl_enabled - openssl_version - uid - version - version_outdated - version_should OutpostRequest: type: object description: Outpost Serializer properties: name: type: string minLength: 1 type: $ref: '#/components/schemas/OutpostTypeEnum' providers: type: array items: type: integer service_connection: type: string format: uuid nullable: true description: Select Service-Connection authentik should use to manage this outpost. Leave empty if authentik should not handle the deployment. config: type: object additionalProperties: {} managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. required: - config - name - providers - type OutpostTypeEnum: enum: - proxy - ldap - radius - rac type: string PaginatedApplicationEntitlementList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ApplicationEntitlement' required: - pagination - results PaginatedApplicationList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Application' required: - pagination - results PaginatedAuthenticatedSessionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/AuthenticatedSession' required: - pagination - results PaginatedAuthenticatorDuoStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/AuthenticatorDuoStage' required: - pagination - results PaginatedAuthenticatorEmailStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/AuthenticatorEmailStage' required: - pagination - results PaginatedAuthenticatorEndpointGDTCStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/AuthenticatorEndpointGDTCStage' required: - pagination - results PaginatedAuthenticatorSMSStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/AuthenticatorSMSStage' required: - pagination - results PaginatedAuthenticatorStaticStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/AuthenticatorStaticStage' required: - pagination - results PaginatedAuthenticatorTOTPStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/AuthenticatorTOTPStage' required: - pagination - results PaginatedAuthenticatorValidateStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/AuthenticatorValidateStage' required: - pagination - results PaginatedAuthenticatorWebAuthnStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/AuthenticatorWebAuthnStage' required: - pagination - results PaginatedBlueprintInstanceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/BlueprintInstance' required: - pagination - results PaginatedBrandList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Brand' required: - pagination - results PaginatedCaptchaStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/CaptchaStage' required: - pagination - results PaginatedCertificateKeyPairList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/CertificateKeyPair' required: - pagination - results PaginatedConnectionTokenList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ConnectionToken' required: - pagination - results PaginatedConsentStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ConsentStage' required: - pagination - results PaginatedDenyStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/DenyStage' required: - pagination - results PaginatedDockerServiceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/DockerServiceConnection' required: - pagination - results PaginatedDomainList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Domain' required: - pagination - results PaginatedDummyPolicyList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/DummyPolicy' required: - pagination - results PaginatedDummyStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/DummyStage' required: - pagination - results PaginatedDuoDeviceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/DuoDevice' required: - pagination - results PaginatedEmailDeviceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/EmailDevice' required: - pagination - results PaginatedEmailStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/EmailStage' required: - pagination - results PaginatedEndpointDeviceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/EndpointDevice' required: - pagination - results PaginatedEndpointList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Endpoint' required: - pagination - results PaginatedEventList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Event' required: - pagination - results PaginatedEventMatcherPolicyList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/EventMatcherPolicy' required: - pagination - results PaginatedExpiringBaseGrantModelList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ExpiringBaseGrantModel' required: - pagination - results PaginatedExpressionPolicyList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ExpressionPolicy' required: - pagination - results PaginatedExtraRoleObjectPermissionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ExtraRoleObjectPermission' required: - pagination - results PaginatedExtraUserObjectPermissionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ExtraUserObjectPermission' required: - pagination - results PaginatedFlowList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Flow' required: - pagination - results PaginatedFlowStageBindingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/FlowStageBinding' required: - pagination - results PaginatedGeoIPPolicyList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/GeoIPPolicy' required: - pagination - results PaginatedGoogleWorkspaceProviderGroupList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/GoogleWorkspaceProviderGroup' required: - pagination - results PaginatedGoogleWorkspaceProviderList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/GoogleWorkspaceProvider' required: - pagination - results PaginatedGoogleWorkspaceProviderMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/GoogleWorkspaceProviderMapping' required: - pagination - results PaginatedGoogleWorkspaceProviderUserList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/GoogleWorkspaceProviderUser' required: - pagination - results PaginatedGroupKerberosSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/GroupKerberosSourceConnection' required: - pagination - results PaginatedGroupLDAPSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/GroupLDAPSourceConnection' required: - pagination - results PaginatedGroupList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Group' required: - pagination - results PaginatedGroupOAuthSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/GroupOAuthSourceConnection' required: - pagination - results PaginatedGroupPlexSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/GroupPlexSourceConnection' required: - pagination - results PaginatedGroupSAMLSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/GroupSAMLSourceConnection' required: - pagination - results PaginatedGroupSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/GroupSourceConnection' required: - pagination - results PaginatedIdentificationStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/IdentificationStage' required: - pagination - results PaginatedInitialPermissionsList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/InitialPermissions' required: - pagination - results PaginatedInvitationList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Invitation' required: - pagination - results PaginatedInvitationStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/InvitationStage' required: - pagination - results PaginatedKerberosSourceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/KerberosSource' required: - pagination - results PaginatedKerberosSourcePropertyMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/KerberosSourcePropertyMapping' required: - pagination - results PaginatedKubernetesServiceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/KubernetesServiceConnection' required: - pagination - results PaginatedLDAPOutpostConfigList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/LDAPOutpostConfig' required: - pagination - results PaginatedLDAPProviderList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/LDAPProvider' required: - pagination - results PaginatedLDAPSourceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/LDAPSource' required: - pagination - results PaginatedLDAPSourcePropertyMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/LDAPSourcePropertyMapping' required: - pagination - results PaginatedLicenseList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/License' required: - pagination - results PaginatedMicrosoftEntraProviderGroupList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/MicrosoftEntraProviderGroup' required: - pagination - results PaginatedMicrosoftEntraProviderList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/MicrosoftEntraProvider' required: - pagination - results PaginatedMicrosoftEntraProviderMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/MicrosoftEntraProviderMapping' required: - pagination - results PaginatedMicrosoftEntraProviderUserList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/MicrosoftEntraProviderUser' required: - pagination - results PaginatedMutualTLSStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/MutualTLSStage' required: - pagination - results PaginatedNotificationList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Notification' required: - pagination - results PaginatedNotificationRuleList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/NotificationRule' required: - pagination - results PaginatedNotificationTransportList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/NotificationTransport' required: - pagination - results PaginatedNotificationWebhookMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/NotificationWebhookMapping' required: - pagination - results PaginatedOAuth2ProviderList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/OAuth2Provider' required: - pagination - results PaginatedOAuthSourceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/OAuthSource' required: - pagination - results PaginatedOAuthSourcePropertyMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/OAuthSourcePropertyMapping' required: - pagination - results PaginatedOutpostList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Outpost' required: - pagination - results PaginatedPasswordExpiryPolicyList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/PasswordExpiryPolicy' required: - pagination - results PaginatedPasswordPolicyList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/PasswordPolicy' required: - pagination - results PaginatedPasswordStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/PasswordStage' required: - pagination - results PaginatedPermissionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Permission' required: - pagination - results PaginatedPlexSourceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/PlexSource' required: - pagination - results PaginatedPlexSourcePropertyMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/PlexSourcePropertyMapping' required: - pagination - results PaginatedPolicyBindingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/PolicyBinding' required: - pagination - results PaginatedPolicyList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Policy' required: - pagination - results PaginatedPromptList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Prompt' required: - pagination - results PaginatedPromptStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/PromptStage' required: - pagination - results PaginatedPropertyMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/PropertyMapping' required: - pagination - results PaginatedProviderList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Provider' required: - pagination - results PaginatedProxyOutpostConfigList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ProxyOutpostConfig' required: - pagination - results PaginatedProxyProviderList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ProxyProvider' required: - pagination - results PaginatedRACPropertyMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/RACPropertyMapping' required: - pagination - results PaginatedRACProviderList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/RACProvider' required: - pagination - results PaginatedRadiusOutpostConfigList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/RadiusOutpostConfig' required: - pagination - results PaginatedRadiusProviderList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/RadiusProvider' required: - pagination - results PaginatedRadiusProviderPropertyMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/RadiusProviderPropertyMapping' required: - pagination - results PaginatedRedirectStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/RedirectStage' required: - pagination - results PaginatedReputationList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Reputation' required: - pagination - results PaginatedReputationPolicyList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ReputationPolicy' required: - pagination - results PaginatedRoleAssignedObjectPermissionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/RoleAssignedObjectPermission' required: - pagination - results PaginatedRoleList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Role' required: - pagination - results PaginatedSAMLPropertyMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SAMLPropertyMapping' required: - pagination - results PaginatedSAMLProviderList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SAMLProvider' required: - pagination - results PaginatedSAMLSourceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SAMLSource' required: - pagination - results PaginatedSAMLSourcePropertyMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SAMLSourcePropertyMapping' required: - pagination - results PaginatedSCIMMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SCIMMapping' required: - pagination - results PaginatedSCIMProviderGroupList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SCIMProviderGroup' required: - pagination - results PaginatedSCIMProviderList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SCIMProvider' required: - pagination - results PaginatedSCIMProviderUserList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SCIMProviderUser' required: - pagination - results PaginatedSCIMSourceGroupList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SCIMSourceGroup' required: - pagination - results PaginatedSCIMSourceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SCIMSource' required: - pagination - results PaginatedSCIMSourcePropertyMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SCIMSourcePropertyMapping' required: - pagination - results PaginatedSCIMSourceUserList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SCIMSourceUser' required: - pagination - results PaginatedSMSDeviceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SMSDevice' required: - pagination - results PaginatedSSFProviderList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SSFProvider' required: - pagination - results PaginatedSSFStreamList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SSFStream' required: - pagination - results PaginatedScopeMappingList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ScopeMapping' required: - pagination - results PaginatedServiceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/ServiceConnection' required: - pagination - results PaginatedSourceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Source' required: - pagination - results PaginatedSourceStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SourceStage' required: - pagination - results PaginatedStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Stage' required: - pagination - results PaginatedStaticDeviceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/StaticDevice' required: - pagination - results PaginatedSystemTaskList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/SystemTask' required: - pagination - results PaginatedTOTPDeviceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/TOTPDevice' required: - pagination - results PaginatedTenantList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Tenant' required: - pagination - results PaginatedTokenList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/Token' required: - pagination - results PaginatedTokenModelList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/TokenModel' required: - pagination - results PaginatedUniquePasswordPolicyList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UniquePasswordPolicy' required: - pagination - results PaginatedUserAssignedObjectPermissionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserAssignedObjectPermission' required: - pagination - results PaginatedUserConsentList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserConsent' required: - pagination - results PaginatedUserDeleteStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserDeleteStage' required: - pagination - results PaginatedUserKerberosSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserKerberosSourceConnection' required: - pagination - results PaginatedUserLDAPSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserLDAPSourceConnection' required: - pagination - results PaginatedUserList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/User' required: - pagination - results PaginatedUserLoginStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserLoginStage' required: - pagination - results PaginatedUserLogoutStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserLogoutStage' required: - pagination - results PaginatedUserOAuthSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserOAuthSourceConnection' required: - pagination - results PaginatedUserPlexSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserPlexSourceConnection' required: - pagination - results PaginatedUserSAMLSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserSAMLSourceConnection' required: - pagination - results PaginatedUserSourceConnectionList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserSourceConnection' required: - pagination - results PaginatedUserWriteStageList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/UserWriteStage' required: - pagination - results PaginatedWebAuthnDeviceList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/WebAuthnDevice' required: - pagination - results PaginatedWebAuthnDeviceTypeList: type: object properties: pagination: $ref: '#/components/schemas/Pagination' results: type: array items: $ref: '#/components/schemas/WebAuthnDeviceType' required: - pagination - results Pagination: type: object properties: next: type: number previous: type: number count: type: number current: type: number total_pages: type: number start_index: type: number end_index: type: number required: - next - previous - count - current - total_pages - start_index - end_index PasswordChallenge: type: object description: Password challenge UI fields properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-password response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string recovery_url: type: string allow_show_password: type: boolean default: false required: - pending_user - pending_user_avatar PasswordChallengeResponseRequest: type: object description: Password challenge response properties: component: type: string minLength: 1 default: ak-stage-password password: type: string minLength: 1 required: - password PasswordExpiryPolicy: type: object description: Password Expiry Policy Serializer properties: pk: type: string format: uuid readOnly: true title: Policy uuid name: type: string execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true bound_to: type: integer description: Return objects policy is bound to readOnly: true days: type: integer maximum: 2147483647 minimum: -2147483648 deny_only: type: boolean required: - bound_to - component - days - meta_model_name - name - pk - verbose_name - verbose_name_plural PasswordExpiryPolicyRequest: type: object description: Password Expiry Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. days: type: integer maximum: 2147483647 minimum: -2147483648 deny_only: type: boolean required: - days - name PasswordPolicy: type: object description: Password Policy Serializer properties: pk: type: string format: uuid readOnly: true title: Policy uuid name: type: string execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true bound_to: type: integer description: Return objects policy is bound to readOnly: true password_field: type: string description: Field key to check, field keys defined in Prompt stages are available. amount_digits: type: integer maximum: 2147483647 minimum: 0 amount_uppercase: type: integer maximum: 2147483647 minimum: 0 amount_lowercase: type: integer maximum: 2147483647 minimum: 0 amount_symbols: type: integer maximum: 2147483647 minimum: 0 length_min: type: integer maximum: 2147483647 minimum: 0 symbol_charset: type: string error_message: type: string check_static_rules: type: boolean check_have_i_been_pwned: type: boolean check_zxcvbn: type: boolean hibp_allowed_count: type: integer maximum: 2147483647 minimum: 0 description: How many times the password hash is allowed to be on haveibeenpwned zxcvbn_score_threshold: type: integer maximum: 2147483647 minimum: 0 description: If the zxcvbn score is equal or less than this value, the policy will fail. required: - bound_to - component - meta_model_name - name - pk - verbose_name - verbose_name_plural PasswordPolicyRequest: type: object description: Password Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. password_field: type: string minLength: 1 description: Field key to check, field keys defined in Prompt stages are available. amount_digits: type: integer maximum: 2147483647 minimum: 0 amount_uppercase: type: integer maximum: 2147483647 minimum: 0 amount_lowercase: type: integer maximum: 2147483647 minimum: 0 amount_symbols: type: integer maximum: 2147483647 minimum: 0 length_min: type: integer maximum: 2147483647 minimum: 0 symbol_charset: type: string minLength: 1 error_message: type: string check_static_rules: type: boolean check_have_i_been_pwned: type: boolean check_zxcvbn: type: boolean hibp_allowed_count: type: integer maximum: 2147483647 minimum: 0 description: How many times the password hash is allowed to be on haveibeenpwned zxcvbn_score_threshold: type: integer maximum: 2147483647 minimum: 0 description: If the zxcvbn score is equal or less than this value, the policy will fail. required: - name PasswordStage: type: object description: PasswordStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' backends: type: array items: $ref: '#/components/schemas/BackendsEnum' description: Selection of backends to test the password against. configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. failed_attempts_before_cancel: type: integer maximum: 2147483647 minimum: -2147483648 description: How many attempts a user has before the flow is canceled. To lock the user out, use a reputation policy and a user_write stage. allow_show_password: type: boolean description: When enabled, provides a 'show password' button with the password input field. required: - backends - component - meta_model_name - name - pk - verbose_name - verbose_name_plural PasswordStageRequest: type: object description: PasswordStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' backends: type: array items: $ref: '#/components/schemas/BackendsEnum' description: Selection of backends to test the password against. configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. failed_attempts_before_cancel: type: integer maximum: 2147483647 minimum: -2147483648 description: How many attempts a user has before the flow is canceled. To lock the user out, use a reputation policy and a user_write stage. allow_show_password: type: boolean description: When enabled, provides a 'show password' button with the password input field. required: - backends - name PatchedApplicationEntitlementRequest: type: object description: ApplicationEntitlement Serializer properties: name: type: string minLength: 1 app: type: string format: uuid attributes: {} PatchedApplicationRequest: type: object description: Application Serializer properties: name: type: string minLength: 1 description: Application's display Name. slug: type: string minLength: 1 description: Internal application name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ provider: type: integer nullable: true backchannel_providers: type: array items: type: integer open_in_new_tab: type: boolean description: Open launch URL in a new browser tab or window. meta_launch_url: type: string format: uri meta_description: type: string meta_publisher: type: string policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' group: type: string PatchedAuthenticatorDuoStageRequest: type: object description: AuthenticatorDuoStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 client_id: type: string minLength: 1 client_secret: type: string writeOnly: true minLength: 1 api_hostname: type: string minLength: 1 admin_integration_key: type: string admin_secret_key: type: string writeOnly: true PatchedAuthenticatorEmailStageRequest: type: object description: AuthenticatorEmailStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 use_global_settings: type: boolean description: When enabled, global Email connection settings will be used and connection settings below will be ignored. host: type: string minLength: 1 port: type: integer maximum: 2147483647 minimum: -2147483648 username: type: string password: type: string use_tls: type: boolean use_ssl: type: boolean timeout: type: integer maximum: 2147483647 minimum: -2147483648 from_address: type: string format: email minLength: 1 maxLength: 254 subject: type: string minLength: 1 token_expiry: type: string minLength: 1 description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).' template: type: string minLength: 1 PatchedAuthenticatorEndpointGDTCStageRequest: type: object description: AuthenticatorEndpointGDTCStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 credentials: {} PatchedAuthenticatorSMSStageRequest: type: object description: AuthenticatorSMSStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 provider: $ref: '#/components/schemas/ProviderEnum' from_number: type: string minLength: 1 account_sid: type: string minLength: 1 auth: type: string minLength: 1 auth_password: type: string auth_type: $ref: '#/components/schemas/AuthTypeEnum' verify_only: type: boolean description: When enabled, the Phone number is only used during enrollment to verify the users authenticity. Only a hash of the phone number is saved to ensure it is not reused in the future. mapping: type: string format: uuid nullable: true description: Optionally modify the payload being sent to custom providers. PatchedAuthenticatorStaticStageRequest: type: object description: AuthenticatorStaticStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 token_count: type: integer maximum: 2147483647 minimum: 0 token_length: type: integer maximum: 2147483647 minimum: 0 PatchedAuthenticatorTOTPStageRequest: type: object description: AuthenticatorTOTPStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 digits: $ref: '#/components/schemas/DigitsEnum' PatchedAuthenticatorValidateStageRequest: type: object description: AuthenticatorValidateStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' not_configured_action: $ref: '#/components/schemas/NotConfiguredActionEnum' device_classes: type: array items: $ref: '#/components/schemas/DeviceClassesEnum' description: Device classes which can be used to authenticate configuration_stages: type: array items: type: string format: uuid description: Stages used to configure Authenticator when user doesn't have any compatible devices. After this configuration Stage passes, the user is not prompted again. last_auth_threshold: type: string minLength: 1 description: If any of the user's device has been used within this threshold, this stage will be skipped webauthn_user_verification: allOf: - $ref: '#/components/schemas/UserVerificationEnum' description: Enforce user verification for WebAuthn devices. webauthn_allowed_device_types: type: array items: type: string format: uuid PatchedAuthenticatorWebAuthnStageRequest: type: object description: AuthenticatorWebAuthnStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. friendly_name: type: string nullable: true minLength: 1 user_verification: $ref: '#/components/schemas/UserVerificationEnum' authenticator_attachment: allOf: - $ref: '#/components/schemas/AuthenticatorAttachmentEnum' nullable: true resident_key_requirement: $ref: '#/components/schemas/ResidentKeyRequirementEnum' device_type_restrictions: type: array items: type: string format: uuid PatchedBlueprintInstanceRequest: type: object description: Info about a single blueprint instance file properties: name: type: string minLength: 1 path: type: string default: '' context: {} enabled: type: boolean content: type: string PatchedBrandRequest: type: object description: Brand Serializer properties: domain: type: string minLength: 1 description: Domain that activates this brand. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b` default: type: boolean branding_title: type: string minLength: 1 branding_logo: type: string minLength: 1 branding_favicon: type: string minLength: 1 branding_custom_css: type: string branding_default_flow_background: type: string minLength: 1 flow_authentication: type: string format: uuid nullable: true flow_invalidation: type: string format: uuid nullable: true flow_recovery: type: string format: uuid nullable: true flow_unenrollment: type: string format: uuid nullable: true flow_user_settings: type: string format: uuid nullable: true flow_device_code: type: string format: uuid nullable: true default_application: type: string format: uuid nullable: true description: When set, external users will be redirected to this application after authenticating. web_certificate: type: string format: uuid nullable: true description: Web Certificate used by the authentik Core webserver. client_certificates: type: array items: type: string format: uuid description: Certificates used for client authentication. attributes: {} PatchedCaptchaStageRequest: type: object description: CaptchaStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' public_key: type: string minLength: 1 description: Public key, acquired your captcha Provider. private_key: type: string writeOnly: true minLength: 1 description: Private key, acquired your captcha Provider. js_url: type: string minLength: 1 api_url: type: string minLength: 1 interactive: type: boolean score_min_threshold: type: number format: double score_max_threshold: type: number format: double error_on_invalid_score: type: boolean description: When enabled and the received captcha score is outside of the given threshold, the stage will show an error message. When not enabled, the flow will continue, but the data from the captcha will be available in the context for policy decisions PatchedCertificateKeyPairRequest: type: object description: CertificateKeyPair Serializer properties: name: type: string minLength: 1 certificate_data: type: string writeOnly: true minLength: 1 description: PEM-encoded Certificate data key_data: type: string writeOnly: true description: Optional Private Key. If this is set, you can use this keypair for encryption. PatchedConnectionTokenRequest: type: object description: ConnectionToken Serializer properties: pk: type: string format: uuid title: Connection token uuid provider: type: integer endpoint: type: string format: uuid PatchedConsentStageRequest: type: object description: ConsentStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' mode: $ref: '#/components/schemas/ConsentStageModeEnum' consent_expire_in: type: string minLength: 1 title: Consent expires in description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' PatchedDenyStageRequest: type: object description: DenyStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' deny_message: type: string PatchedDockerServiceConnectionRequest: type: object description: DockerServiceConnection Serializer properties: name: type: string minLength: 1 local: type: boolean description: If enabled, use the local connection. Required Docker socket/Kubernetes Integration url: type: string minLength: 1 description: Can be in the format of 'unix://' when connecting to a local docker daemon, or 'https://:2376' when connecting to a remote system. tls_verification: type: string format: uuid nullable: true description: CA which the endpoint's Certificate is verified against. Can be left empty for no validation. tls_authentication: type: string format: uuid nullable: true description: Certificate/Key used for authentication. Can be left empty for no authentication. PatchedDomainRequest: type: object description: Domain Serializer properties: domain: type: string minLength: 1 maxLength: 253 is_primary: type: boolean tenant: type: string format: uuid PatchedDummyPolicyRequest: type: object description: Dummy Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. result: type: boolean wait_min: type: integer maximum: 2147483647 minimum: -2147483648 wait_max: type: integer maximum: 2147483647 minimum: -2147483648 PatchedDummyStageRequest: type: object description: DummyStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' throw_error: type: boolean PatchedDuoDeviceRequest: type: object description: Serializer for Duo authenticator devices properties: name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 PatchedEmailDeviceRequest: type: object description: Serializer for email authenticator devices properties: name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 PatchedEmailStageRequest: type: object description: EmailStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' use_global_settings: type: boolean description: When enabled, global Email connection settings will be used and connection settings below will be ignored. host: type: string minLength: 1 port: type: integer maximum: 2147483647 minimum: -2147483648 username: type: string password: type: string writeOnly: true use_tls: type: boolean use_ssl: type: boolean timeout: type: integer maximum: 2147483647 minimum: -2147483648 from_address: type: string format: email minLength: 1 maxLength: 254 token_expiry: type: string minLength: 1 description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).' subject: type: string minLength: 1 template: type: string minLength: 1 activate_user_on_success: type: boolean description: Activate users upon completion of stage. PatchedEndpointDeviceRequest: type: object description: Serializer for Endpoint authenticator devices properties: pk: type: string format: uuid title: Uuid name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 PatchedEndpointRequest: type: object description: Endpoint Serializer properties: name: type: string minLength: 1 provider: type: integer protocol: $ref: '#/components/schemas/ProtocolEnum' host: type: string minLength: 1 settings: {} property_mappings: type: array items: type: string format: uuid auth_mode: $ref: '#/components/schemas/AuthModeEnum' maximum_connections: type: integer maximum: 2147483647 minimum: -2147483648 PatchedEventMatcherPolicyRequest: type: object description: Event Matcher Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. action: allOf: - $ref: '#/components/schemas/EventActions' nullable: true description: Match created events with this action type. When left empty, all action types will be matched. client_ip: type: string nullable: true minLength: 1 description: Matches Event's Client IP (strict matching, for network matching use an Expression Policy) app: allOf: - $ref: '#/components/schemas/AppEnum' nullable: true description: Match events created by selected application. When left empty, all applications are matched. model: allOf: - $ref: '#/components/schemas/ModelEnum' nullable: true description: Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched. PatchedEventRequest: type: object description: Event Serializer properties: user: {} action: $ref: '#/components/schemas/EventActions' app: type: string minLength: 1 context: {} client_ip: type: string nullable: true minLength: 1 expires: type: string format: date-time brand: {} PatchedExpressionPolicyRequest: type: object description: Group Membership Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. expression: type: string minLength: 1 PatchedExtraRoleObjectPermissionRequest: type: object description: User permission with additional object-related data properties: object_pk: type: string minLength: 1 PatchedExtraUserObjectPermissionRequest: type: object description: User permission with additional object-related data properties: object_pk: type: string minLength: 1 PatchedFlowRequest: type: object description: Flow Serializer properties: name: type: string minLength: 1 slug: type: string minLength: 1 description: Visible in the URL. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ title: type: string minLength: 1 description: Shown as the Title in Flow pages. designation: allOf: - $ref: '#/components/schemas/FlowDesignationEnum' description: Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' compatibility_mode: type: boolean description: Enable compatibility mode, increases compatibility with password managers on mobile devices. layout: $ref: '#/components/schemas/FlowLayoutEnum' denied_action: allOf: - $ref: '#/components/schemas/DeniedActionEnum' description: Configure what should happen when a flow denies access to a user. authentication: allOf: - $ref: '#/components/schemas/AuthenticationEnum' description: Required level of authentication and authorization to access a flow. PatchedFlowStageBindingRequest: type: object description: FlowStageBinding Serializer properties: target: type: string format: uuid stage: type: string format: uuid evaluate_on_plan: type: boolean description: Evaluate policies during the Flow planning process. re_evaluate_policies: type: boolean description: Evaluate policies when the Stage is presented to the user. order: type: integer maximum: 2147483647 minimum: -2147483648 policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' invalid_response_action: allOf: - $ref: '#/components/schemas/InvalidResponseActionEnum' description: Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context. PatchedGeoIPPolicyRequest: type: object description: GeoIP Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. asns: type: array items: type: integer maximum: 2147483647 minimum: -2147483648 countries: type: array items: $ref: '#/components/schemas/CountryCodeEnum' maxItems: 249 check_history_distance: type: boolean history_max_distance_km: type: integer maximum: 9223372036854775807 minimum: 0 format: int64 distance_tolerance_km: type: integer maximum: 2147483647 minimum: 0 history_login_count: type: integer maximum: 2147483647 minimum: 0 check_impossible_travel: type: boolean impossible_tolerance_km: type: integer maximum: 2147483647 minimum: 0 PatchedGoogleWorkspaceProviderMappingRequest: type: object description: GoogleWorkspaceProviderMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 PatchedGoogleWorkspaceProviderRequest: type: object description: GoogleWorkspaceProvider Serializer properties: name: type: string minLength: 1 property_mappings: type: array items: type: string format: uuid property_mappings_group: type: array items: type: string format: uuid description: Property mappings used for group creation/updating. delegated_subject: type: string format: email minLength: 1 maxLength: 254 credentials: {} scopes: type: string minLength: 1 exclude_users_service_account: type: boolean filter_group: type: string format: uuid nullable: true user_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' group_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' default_group_email_domain: type: string minLength: 1 dry_run: type: boolean description: When enabled, provider will not modify or create objects in the remote system. PatchedGroupKerberosSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 PatchedGroupLDAPSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 PatchedGroupOAuthSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 PatchedGroupPlexSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 PatchedGroupRequest: type: object description: Group Serializer properties: name: type: string minLength: 1 is_superuser: type: boolean description: Users added to this group will be superusers. parent: type: string format: uuid nullable: true users: type: array items: type: integer attributes: type: object additionalProperties: {} roles: type: array items: type: string format: uuid PatchedGroupSAMLSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 PatchedGroupSourceConnectionRequest: type: object description: Group Source Connection properties: group: type: string format: uuid source: type: string format: uuid identifier: type: string minLength: 1 PatchedIdentificationStageRequest: type: object description: IdentificationStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' user_fields: type: array items: $ref: '#/components/schemas/UserFieldsEnum' description: Fields of the user object to match against. (Hold shift to select multiple options) password_stage: type: string format: uuid nullable: true description: When set, shows a password field, instead of showing the password field as separate step. captcha_stage: type: string format: uuid nullable: true description: When set, adds functionality exactly like a Captcha stage, but baked into the Identification stage. case_insensitive_matching: type: boolean description: When enabled, user fields are matched regardless of their casing. show_matched_user: type: boolean description: When a valid username/email has been entered, and this option is enabled, the user's username and avatar will be shown. Otherwise, the text that the user entered will be shown enrollment_flow: type: string format: uuid nullable: true description: Optional enrollment flow, which is linked at the bottom of the page. recovery_flow: type: string format: uuid nullable: true description: Optional recovery flow, which is linked at the bottom of the page. passwordless_flow: type: string format: uuid nullable: true description: Optional passwordless flow, which is linked at the bottom of the page. sources: type: array items: type: string format: uuid description: Specify which sources should be shown. show_source_labels: type: boolean pretend_user_exists: type: boolean description: When enabled, the stage will succeed and continue even when incorrect user info is entered. enable_remember_me: type: boolean description: Show the user the 'Remember me on this device' toggle, allowing repeat users to skip straight to entering their password. PatchedInitialPermissionsRequest: type: object description: InitialPermissions serializer properties: name: type: string minLength: 1 maxLength: 150 mode: $ref: '#/components/schemas/InitialPermissionsModeEnum' role: type: string format: uuid permissions: type: array items: type: integer PatchedInvitationRequest: type: object description: Invitation Serializer properties: name: type: string minLength: 1 maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ expires: type: string format: date-time nullable: true fixed_data: type: object additionalProperties: {} single_use: type: boolean description: When enabled, the invitation will be deleted after usage. flow: type: string format: uuid nullable: true description: When set, only the configured flow can use this invitation. PatchedInvitationStageRequest: type: object description: InvitationStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' continue_flow_without_invitation: type: boolean description: If this flag is set, this Stage will jump to the next Stage when no Invitation is given. By default this Stage will cancel the Flow when no invitation is given. PatchedKerberosSourcePropertyMappingRequest: type: object description: Kerberos PropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 PatchedKerberosSourceRequest: type: object description: Kerberos Source Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. user_path_template: type: string minLength: 1 group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. realm: type: string minLength: 1 description: Kerberos realm krb5_conf: type: string description: Custom krb5.conf to use. Uses the system one by default kadmin_type: allOf: - $ref: '#/components/schemas/KadminTypeEnum' description: KAdmin server type sync_users: type: boolean description: Sync users from Kerberos into authentik sync_users_password: type: boolean description: When a user changes their password, sync it back to Kerberos sync_principal: type: string description: Principal to authenticate to kadmin for sync. sync_password: type: string writeOnly: true description: Password to authenticate to kadmin for sync sync_keytab: type: string writeOnly: true description: Keytab to authenticate to kadmin for sync. Must be base64-encoded or in the form TYPE:residual sync_ccache: type: string description: Credentials cache to authenticate to kadmin for sync. Must be in the form TYPE:residual spnego_server_name: type: string description: Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname spnego_keytab: type: string writeOnly: true description: SPNEGO keytab base64-encoded or path to keytab in the form FILE:path spnego_ccache: type: string description: Credential cache to use for SPNEGO in form type:residual password_login_update_internal_password: type: boolean description: If enabled, the authentik-stored password will be updated upon login with the Kerberos password backend PatchedKubernetesServiceConnectionRequest: type: object description: KubernetesServiceConnection Serializer properties: name: type: string minLength: 1 local: type: boolean description: If enabled, use the local connection. Required Docker socket/Kubernetes Integration kubeconfig: description: Paste your kubeconfig here. authentik will automatically use the currently selected context. verify_ssl: type: boolean description: Verify SSL Certificates of the Kubernetes API endpoint PatchedLDAPProviderRequest: type: object description: LDAPProvider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid base_dn: type: string minLength: 1 description: DN under which objects are accessible. certificate: type: string format: uuid nullable: true tls_server_name: type: string uid_start_number: type: integer maximum: 2147483647 minimum: -2147483648 description: The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber gid_start_number: type: integer maximum: 2147483647 minimum: -2147483648 description: The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber search_mode: $ref: '#/components/schemas/LDAPAPIAccessMode' bind_mode: $ref: '#/components/schemas/LDAPAPIAccessMode' mfa_support: type: boolean description: When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon. PatchedLDAPSourcePropertyMappingRequest: type: object description: LDAP PropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 PatchedLDAPSourceRequest: type: object description: LDAP Source Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. user_path_template: type: string minLength: 1 server_uri: type: string minLength: 1 format: uri peer_certificate: type: string format: uuid nullable: true description: Optionally verify the LDAP Server's Certificate against the CA Chain in this keypair. client_certificate: type: string format: uuid nullable: true description: Client certificate to authenticate against the LDAP Server's Certificate. bind_cn: type: string bind_password: type: string writeOnly: true start_tls: type: boolean title: Enable Start TLS sni: type: boolean title: Use Server URI for SNI verification base_dn: type: string minLength: 1 additional_user_dn: type: string title: Addition User DN description: Prepended to Base DN for User-queries. additional_group_dn: type: string title: Addition Group DN description: Prepended to Base DN for Group-queries. user_object_filter: type: string minLength: 1 description: Consider Objects matching this filter to be Users. group_object_filter: type: string minLength: 1 description: Consider Objects matching this filter to be Groups. group_membership_field: type: string minLength: 1 description: Field which contains members of a group. user_membership_attribute: type: string minLength: 1 description: Attribute which matches the value of `group_membership_field`. object_uniqueness_field: type: string minLength: 1 description: Field which contains a unique Identifier. password_login_update_internal_password: type: boolean description: Update internal authentik password when login succeeds with LDAP sync_users: type: boolean sync_users_password: type: boolean description: When a user changes their password, sync it back to LDAP. This can only be enabled on a single LDAP source. sync_groups: type: boolean sync_parent_group: type: string format: uuid nullable: true lookup_groups_from_user: type: boolean description: Lookup group membership based on a user attribute instead of a group attribute. This allows nested group resolution on systems like FreeIPA and Active Directory delete_not_found_objects: type: boolean description: Delete authentik users and groups which were previously supplied by this source, but are now missing from it. PatchedLicenseRequest: type: object description: License Serializer properties: key: type: string minLength: 1 PatchedMicrosoftEntraProviderMappingRequest: type: object description: MicrosoftEntraProviderMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 PatchedMicrosoftEntraProviderRequest: type: object description: MicrosoftEntraProvider Serializer properties: name: type: string minLength: 1 property_mappings: type: array items: type: string format: uuid property_mappings_group: type: array items: type: string format: uuid description: Property mappings used for group creation/updating. client_id: type: string minLength: 1 client_secret: type: string minLength: 1 tenant_id: type: string minLength: 1 exclude_users_service_account: type: boolean filter_group: type: string format: uuid nullable: true user_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' group_delete_action: $ref: '#/components/schemas/OutgoingSyncDeleteAction' dry_run: type: boolean description: When enabled, provider will not modify or create objects in the remote system. PatchedMutualTLSStageRequest: type: object description: MutualTLSStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' mode: $ref: '#/components/schemas/MutualTLSStageModeEnum' certificate_authorities: type: array items: type: string format: uuid description: Configure certificate authorities to validate the certificate against. This option has a higher priority than the `client_certificate` option on `Brand`. cert_attribute: $ref: '#/components/schemas/CertAttributeEnum' user_attribute: $ref: '#/components/schemas/UserAttributeEnum' PatchedNotificationRequest: type: object description: Notification Serializer properties: event: $ref: '#/components/schemas/EventRequest' seen: type: boolean PatchedNotificationRuleRequest: type: object description: NotificationRule Serializer properties: name: type: string minLength: 1 transports: type: array items: type: string format: uuid description: Select which transports should be used to notify the user. If none are selected, the notification will only be shown in the authentik UI. severity: allOf: - $ref: '#/components/schemas/SeverityEnum' description: Controls which severity level the created notifications will have. group: type: string format: uuid nullable: true description: Define which group of users this notification should be sent and shown to. If left empty, Notification won't ben sent. PatchedNotificationTransportRequest: type: object description: NotificationTransport Serializer properties: name: type: string minLength: 1 mode: $ref: '#/components/schemas/NotificationTransportModeEnum' webhook_url: type: string format: uri webhook_mapping_body: type: string format: uuid nullable: true description: Customize the body of the request. Mapping should return data that is JSON-serializable. webhook_mapping_headers: type: string format: uuid nullable: true description: Configure additional headers to be sent. Mapping should return a dictionary of key-value pairs send_once: type: boolean description: Only send notification once, for example when sending a webhook into a chat channel. PatchedNotificationWebhookMappingRequest: type: object description: NotificationWebhookMapping Serializer properties: name: type: string minLength: 1 expression: type: string minLength: 1 PatchedOAuth2ProviderRequest: type: object description: OAuth2Provider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid client_type: allOf: - $ref: '#/components/schemas/ClientTypeEnum' description: Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable client_id: type: string minLength: 1 maxLength: 255 client_secret: type: string maxLength: 255 access_code_validity: type: string minLength: 1 description: 'Access codes not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' access_token_validity: type: string minLength: 1 description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' refresh_token_validity: type: string minLength: 1 description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' include_claims_in_id_token: type: boolean description: Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint. signing_key: type: string format: uuid nullable: true description: Key used to sign the tokens. encryption_key: type: string format: uuid nullable: true description: Key used to encrypt the tokens. When set, tokens will be encrypted and returned as JWEs. redirect_uris: type: array items: $ref: '#/components/schemas/RedirectURIRequest' sub_mode: allOf: - $ref: '#/components/schemas/SubModeEnum' description: Configure what data should be used as unique User Identifier. For most cases, the default should be fine. issuer_mode: allOf: - $ref: '#/components/schemas/IssuerModeEnum' description: Configure how the issuer field of the ID Token should be filled. jwt_federation_sources: type: array items: type: string format: uuid title: Any JWT signed by the JWK of the selected source can be used to authenticate. title: Any JWT signed by the JWK of the selected source can be used to authenticate. jwt_federation_providers: type: array items: type: integer PatchedOAuthSourcePropertyMappingRequest: type: object description: OAuthSourcePropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 PatchedOAuthSourceRequest: type: object description: OAuth Source Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. user_path_template: type: string minLength: 1 group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. provider_type: $ref: '#/components/schemas/ProviderTypeEnum' request_token_url: type: string nullable: true description: URL used to request the initial token. This URL is only required for OAuth 1. maxLength: 255 authorization_url: type: string nullable: true description: URL the user is redirect to to conest the flow. maxLength: 255 access_token_url: type: string nullable: true description: URL used by authentik to retrieve tokens. maxLength: 255 profile_url: type: string nullable: true description: URL used by authentik to get user information. maxLength: 255 consumer_key: type: string minLength: 1 consumer_secret: type: string writeOnly: true minLength: 1 additional_scopes: type: string oidc_well_known_url: type: string oidc_jwks_url: type: string oidc_jwks: {} authorization_code_auth_method: allOf: - $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum' description: How to perform authentication during an authorization_code token request flow PatchedOutpostRequest: type: object description: Outpost Serializer properties: name: type: string minLength: 1 type: $ref: '#/components/schemas/OutpostTypeEnum' providers: type: array items: type: integer service_connection: type: string format: uuid nullable: true description: Select Service-Connection authentik should use to manage this outpost. Leave empty if authentik should not handle the deployment. config: type: object additionalProperties: {} managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. PatchedPasswordExpiryPolicyRequest: type: object description: Password Expiry Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. days: type: integer maximum: 2147483647 minimum: -2147483648 deny_only: type: boolean PatchedPasswordPolicyRequest: type: object description: Password Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. password_field: type: string minLength: 1 description: Field key to check, field keys defined in Prompt stages are available. amount_digits: type: integer maximum: 2147483647 minimum: 0 amount_uppercase: type: integer maximum: 2147483647 minimum: 0 amount_lowercase: type: integer maximum: 2147483647 minimum: 0 amount_symbols: type: integer maximum: 2147483647 minimum: 0 length_min: type: integer maximum: 2147483647 minimum: 0 symbol_charset: type: string minLength: 1 error_message: type: string check_static_rules: type: boolean check_have_i_been_pwned: type: boolean check_zxcvbn: type: boolean hibp_allowed_count: type: integer maximum: 2147483647 minimum: 0 description: How many times the password hash is allowed to be on haveibeenpwned zxcvbn_score_threshold: type: integer maximum: 2147483647 minimum: 0 description: If the zxcvbn score is equal or less than this value, the policy will fail. PatchedPasswordStageRequest: type: object description: PasswordStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' backends: type: array items: $ref: '#/components/schemas/BackendsEnum' description: Selection of backends to test the password against. configure_flow: type: string format: uuid nullable: true description: Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage. failed_attempts_before_cancel: type: integer maximum: 2147483647 minimum: -2147483648 description: How many attempts a user has before the flow is canceled. To lock the user out, use a reputation policy and a user_write stage. allow_show_password: type: boolean description: When enabled, provides a 'show password' button with the password input field. PatchedPermissionAssignRequest: type: object description: Request to assign a new permission properties: permissions: type: array items: type: string minLength: 1 model: $ref: '#/components/schemas/ModelEnum' object_pk: type: string minLength: 1 PatchedPlexSourcePropertyMappingRequest: type: object description: PlexSourcePropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 PatchedPlexSourceRequest: type: object description: Plex Source Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. user_path_template: type: string minLength: 1 group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. client_id: type: string minLength: 1 description: Client identifier used to talk to Plex. allowed_servers: type: array items: type: string minLength: 1 description: Which servers a user has to be a member of to be granted access. Empty list allows every server. allow_friends: type: boolean description: Allow friends to authenticate, even if you don't share a server. plex_token: type: string minLength: 1 description: Plex token used to check friends PatchedPolicyBindingRequest: type: object description: PolicyBinding Serializer properties: policy: type: string format: uuid nullable: true group: type: string format: uuid nullable: true user: type: integer nullable: true target: type: string format: uuid negate: type: boolean description: Negates the outcome of the policy. Messages are unaffected. enabled: type: boolean order: type: integer maximum: 2147483647 minimum: -2147483648 timeout: type: integer maximum: 2147483647 minimum: 0 description: Timeout after which Policy execution is terminated. failure_result: type: boolean description: Result if the Policy execution fails. PatchedPromptRequest: type: object description: Prompt Serializer properties: name: type: string minLength: 1 field_key: type: string minLength: 1 description: Name of the form field, also used to store the value label: type: string minLength: 1 type: $ref: '#/components/schemas/PromptTypeEnum' required: type: boolean placeholder: type: string description: Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices. initial_value: type: string description: Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices. order: type: integer maximum: 2147483647 minimum: -2147483648 promptstage_set: type: array items: $ref: '#/components/schemas/StageRequest' sub_text: type: string placeholder_expression: type: boolean initial_value_expression: type: boolean PatchedPromptStageRequest: type: object description: PromptStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' fields: type: array items: type: string format: uuid validation_policies: type: array items: type: string format: uuid PatchedProxyProviderRequest: type: object description: ProxyProvider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid internal_host: type: string format: uri external_host: type: string minLength: 1 format: uri internal_host_ssl_validation: type: boolean description: Validate SSL Certificates of upstream servers certificate: type: string format: uuid nullable: true skip_path_regex: type: string description: Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression. basic_auth_enabled: type: boolean title: Set HTTP-Basic Authentication description: Set a custom HTTP-Basic Authentication header based on values from authentik. basic_auth_password_attribute: type: string title: HTTP-Basic Password Key description: User/Group Attribute used for the password part of the HTTP-Basic Header. basic_auth_user_attribute: type: string title: HTTP-Basic Username Key description: User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used. mode: allOf: - $ref: '#/components/schemas/ProxyMode' description: Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. intercept_header_auth: type: boolean description: When enabled, this provider will intercept the authorization header and authenticate requests based on its value. cookie_domain: type: string jwt_federation_sources: type: array items: type: string format: uuid title: Any JWT signed by the JWK of the selected source can be used to authenticate. title: Any JWT signed by the JWK of the selected source can be used to authenticate. jwt_federation_providers: type: array items: type: integer access_token_validity: type: string minLength: 1 description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' refresh_token_validity: type: string minLength: 1 description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' PatchedRACPropertyMappingRequest: type: object description: RACPropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string static_settings: type: object additionalProperties: {} PatchedRACProviderRequest: type: object description: RACProvider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. property_mappings: type: array items: type: string format: uuid settings: {} connection_expiry: type: string minLength: 1 description: 'Determines how long a session lasts. Default of 0 means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' delete_token_on_disconnect: type: boolean description: When set to true, connection tokens will be deleted upon disconnect. PatchedRadiusProviderPropertyMappingRequest: type: object description: RadiusProviderPropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 PatchedRadiusProviderRequest: type: object description: RadiusProvider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid client_networks: type: string minLength: 1 description: List of CIDRs (comma-separated) that clients can connect from. A more specific CIDR will match before a looser one. Clients connecting from a non-specified CIDR will be dropped. shared_secret: type: string minLength: 1 description: Shared secret between clients and server to hash packets. mfa_support: type: boolean description: When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon. PatchedRedirectStageRequest: type: object description: RedirectStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' keep_context: type: boolean mode: $ref: '#/components/schemas/RedirectStageModeEnum' target_static: type: string target_flow: type: string format: uuid nullable: true PatchedReputationPolicyRequest: type: object description: Reputation Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. check_ip: type: boolean check_username: type: boolean threshold: type: integer maximum: 2147483647 minimum: -2147483648 PatchedRoleRequest: type: object description: Role serializer properties: name: type: string minLength: 1 maxLength: 150 PatchedSAMLPropertyMappingRequest: type: object description: SAMLPropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 saml_name: type: string minLength: 1 friendly_name: type: string nullable: true PatchedSAMLProviderRequest: type: object description: SAMLProvider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid acs_url: type: string minLength: 1 format: uri audience: type: string description: Value of the audience restriction field of the assertion. When left empty, no audience restriction will be added. issuer: type: string minLength: 1 description: Also known as EntityID assertion_valid_not_before: type: string minLength: 1 description: 'Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3).' assertion_valid_not_on_or_after: type: string minLength: 1 description: 'Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' session_valid_not_on_or_after: type: string minLength: 1 description: 'Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' name_id_mapping: type: string format: uuid nullable: true title: NameID Property Mapping description: Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be considered authn_context_class_ref_mapping: type: string format: uuid nullable: true title: AuthnContextClassRef Property Mapping description: Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate. digest_algorithm: $ref: '#/components/schemas/DigestAlgorithmEnum' signature_algorithm: $ref: '#/components/schemas/SignatureAlgorithmEnum' signing_kp: type: string format: uuid nullable: true title: Signing Keypair description: Keypair used to sign outgoing Responses going to the Service Provider. verification_kp: type: string format: uuid nullable: true title: Verification Certificate description: When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default. encryption_kp: type: string format: uuid nullable: true title: Encryption Keypair description: When selected, incoming assertions are encrypted by the IdP using the public key of the encryption keypair. The assertion is decrypted by the SP using the the private key. sign_assertion: type: boolean sign_response: type: boolean sp_binding: allOf: - $ref: '#/components/schemas/SpBindingEnum' title: Service Provider Binding description: This determines how authentik sends the response back to the Service Provider. default_relay_state: type: string description: Default relay_state value for IDP-initiated logins PatchedSAMLSourcePropertyMappingRequest: type: object description: SAMLSourcePropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 PatchedSAMLSourceRequest: type: object description: SAMLSource Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. user_path_template: type: string minLength: 1 group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. pre_authentication_flow: type: string format: uuid description: Flow used before authentication. issuer: type: string description: Also known as Entity ID. Defaults the Metadata URL. sso_url: type: string minLength: 1 description: URL that the initial Login request is sent to. format: uri slo_url: type: string nullable: true description: Optional URL if your IDP supports Single-Logout. format: uri allow_idp_initiated: type: boolean description: Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done. name_id_policy: allOf: - $ref: '#/components/schemas/NameIdPolicyEnum' description: NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. binding_type: $ref: '#/components/schemas/BindingTypeEnum' verification_kp: type: string format: uuid nullable: true title: Verification Certificate description: When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default. signing_kp: type: string format: uuid nullable: true title: Signing Keypair description: Keypair used to sign outgoing Responses going to the Identity Provider. digest_algorithm: $ref: '#/components/schemas/DigestAlgorithmEnum' signature_algorithm: $ref: '#/components/schemas/SignatureAlgorithmEnum' temporary_user_delete_after: type: string minLength: 1 title: Delete temporary users after description: 'Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format ''transient'', and the user doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' encryption_kp: type: string format: uuid nullable: true title: Encryption Keypair description: When selected, incoming assertions are encrypted by the IdP using the public key of the encryption keypair. The assertion is decrypted by the SP using the the private key. PatchedSCIMMappingRequest: type: object description: SCIMMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 PatchedSCIMProviderRequest: type: object description: SCIMProvider Serializer properties: name: type: string minLength: 1 property_mappings: type: array items: type: string format: uuid property_mappings_group: type: array items: type: string format: uuid description: Property mappings used for group creation/updating. url: type: string minLength: 1 description: Base URL to SCIM requests, usually ends in /v2 verify_certificates: type: boolean token: type: string minLength: 1 description: Authentication token compatibility_mode: allOf: - $ref: '#/components/schemas/CompatibilityModeEnum' title: SCIM Compatibility Mode description: Alter authentik behavior for vendor-specific SCIM implementations. exclude_users_service_account: type: boolean filter_group: type: string format: uuid nullable: true dry_run: type: boolean description: When enabled, provider will not modify or create objects in the remote system. PatchedSCIMSourceGroupRequest: type: object description: SCIMSourceGroup Serializer properties: id: type: string minLength: 1 group: type: string format: uuid source: type: string format: uuid attributes: {} PatchedSCIMSourcePropertyMappingRequest: type: object description: SCIMSourcePropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 PatchedSCIMSourceRequest: type: object description: SCIMSource Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid user_path_template: type: string minLength: 1 PatchedSCIMSourceUserRequest: type: object description: SCIMSourceUser Serializer properties: id: type: string minLength: 1 user: type: integer source: type: string format: uuid attributes: {} PatchedSMSDeviceRequest: type: object description: Serializer for sms authenticator devices properties: name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 PatchedSSFProviderRequest: type: object description: SSFProvider Serializer properties: name: type: string minLength: 1 signing_key: type: string format: uuid description: Key used to sign the SSF Events. oidc_auth_providers: type: array items: type: integer event_retention: type: string minLength: 1 PatchedScopeMappingRequest: type: object description: ScopeMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 scope_name: type: string minLength: 1 description: Scope name requested by the client description: type: string description: Description shown to the user when consenting. If left empty, the user won't be informed. PatchedSettingsRequest: type: object description: Settings Serializer properties: avatars: type: string minLength: 1 description: Configure how authentik should show avatars for users. default_user_change_name: type: boolean description: Enable the ability for users to change their name. default_user_change_email: type: boolean description: Enable the ability for users to change their email address. default_user_change_username: type: boolean description: Enable the ability for users to change their username. event_retention: type: string minLength: 1 description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).' reputation_lower_limit: type: integer maximum: 0 minimum: -2147483648 description: Reputation cannot decrease lower than this value. Zero or negative. reputation_upper_limit: type: integer maximum: 2147483647 minimum: 0 description: Reputation cannot increase higher than this value. Zero or positive. footer_links: description: The option configures the footer links on the flow executor pages. gdpr_compliance: type: boolean description: When enabled, all the events caused by a user will be deleted upon the user's deletion. impersonation: type: boolean description: Globally enable/disable impersonation. impersonation_require_reason: type: boolean description: Require administrators to provide a reason for impersonating a user. default_token_duration: type: string minLength: 1 description: Default token duration default_token_length: type: integer maximum: 2147483647 minimum: 1 description: Default token length PatchedSourceStageRequest: type: object description: SourceStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' source: type: string format: uuid resume_timeout: type: string minLength: 1 description: 'Amount of time a user can take to return from the source to continue the flow (Format: hours=-1;minutes=-2;seconds=-3)' PatchedStaticDeviceRequest: type: object description: Serializer for static authenticator devices properties: name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 PatchedTOTPDeviceRequest: type: object description: Serializer for totp authenticator devices properties: name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 PatchedTenantRequest: type: object description: Tenant Serializer properties: schema_name: type: string minLength: 1 maxLength: 63 name: type: string minLength: 1 ready: type: boolean PatchedTokenRequest: type: object description: Token Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. identifier: type: string minLength: 1 maxLength: 255 pattern: ^[-a-zA-Z0-9_]+$ intent: $ref: '#/components/schemas/IntentEnum' user: type: integer description: type: string expires: type: string format: date-time nullable: true expiring: type: boolean PatchedUniquePasswordPolicyRequest: type: object description: Password Uniqueness Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. password_field: type: string minLength: 1 description: Field key to check, field keys defined in Prompt stages are available. num_historical_passwords: type: integer maximum: 2147483647 minimum: 0 description: Number of passwords to check against. PatchedUserDeleteStageRequest: type: object description: UserDeleteStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' PatchedUserKerberosSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 PatchedUserLDAPSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 PatchedUserLoginStageRequest: type: object description: UserLoginStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' session_duration: type: string minLength: 1 description: 'Determines how long a session lasts. Default of 0 means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' terminate_other_sessions: type: boolean description: Terminate all other sessions of the user logging in. remember_me_offset: type: string minLength: 1 description: 'Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)' network_binding: allOf: - $ref: '#/components/schemas/NetworkBindingEnum' description: Bind sessions created by this stage to the configured network geoip_binding: allOf: - $ref: '#/components/schemas/GeoipBindingEnum' description: Bind sessions created by this stage to the configured GeoIP location PatchedUserLogoutStageRequest: type: object description: UserLogoutStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' PatchedUserOAuthSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 access_token: type: string writeOnly: true nullable: true PatchedUserPlexSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 plex_token: type: string writeOnly: true minLength: 1 PatchedUserRequest: type: object description: User Serializer properties: username: type: string minLength: 1 maxLength: 150 name: type: string description: User's display name. is_active: type: boolean title: Active description: Designates whether this user should be treated as active. Unselect this instead of deleting accounts. last_login: type: string format: date-time nullable: true groups: type: array items: type: string format: uuid email: type: string format: email title: Email address maxLength: 254 attributes: type: object additionalProperties: {} path: type: string minLength: 1 type: $ref: '#/components/schemas/UserTypeEnum' PatchedUserSAMLSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 PatchedUserSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 PatchedUserWriteStageRequest: type: object description: UserWriteStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' user_creation_mode: $ref: '#/components/schemas/UserCreationModeEnum' create_users_as_inactive: type: boolean description: When set, newly created users are inactive and cannot login. create_users_group: type: string format: uuid nullable: true description: Optionally add newly created users to this group. user_type: $ref: '#/components/schemas/UserTypeEnum' user_path_template: type: string PatchedWebAuthnDeviceRequest: type: object description: Serializer for WebAuthn authenticator devices properties: name: type: string minLength: 1 maxLength: 200 Permission: type: object description: Global permission properties: id: type: integer readOnly: true name: type: string maxLength: 255 codename: type: string maxLength: 100 model: type: string title: Python model class name readOnly: true app_label: type: string readOnly: true app_label_verbose: type: string description: Human-readable app label readOnly: true model_verbose: type: string description: Human-readable model name readOnly: true required: - app_label - app_label_verbose - codename - id - model - model_verbose - name PermissionAssignRequest: type: object description: Request to assign a new permission properties: permissions: type: array items: type: string minLength: 1 model: $ref: '#/components/schemas/ModelEnum' object_pk: type: string minLength: 1 required: - permissions PermissionAssignResult: type: object description: Result from assigning permissions to a user/role properties: id: type: string required: - id PermissionRequest: type: object description: Global permission properties: name: type: string minLength: 1 maxLength: 255 codename: type: string minLength: 1 maxLength: 100 required: - codename - name PlexAuthenticationChallenge: type: object description: Challenge shown to the user in identification stage properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-source-plex response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' client_id: type: string slug: type: string required: - client_id - slug PlexAuthenticationChallengeResponseRequest: type: object description: Pseudo class for plex response properties: component: type: string minLength: 1 default: ak-source-plex PlexSource: type: object description: Plex Source Serializer properties: pk: type: string format: uuid readOnly: true title: Pbm uuid name: type: string description: Source's display Name. slug: type: string description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. readOnly: true user_path_template: type: string icon: type: string readOnly: true group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. client_id: type: string description: Client identifier used to talk to Plex. allowed_servers: type: array items: type: string description: Which servers a user has to be a member of to be granted access. Empty list allows every server. allow_friends: type: boolean description: Allow friends to authenticate, even if you don't share a server. plex_token: type: string description: Plex token used to check friends required: - component - icon - managed - meta_model_name - name - pk - plex_token - slug - verbose_name - verbose_name_plural PlexSourcePropertyMapping: type: object description: PlexSourcePropertyMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural PlexSourcePropertyMappingRequest: type: object description: PlexSourcePropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 required: - expression - name PlexSourceRequest: type: object description: Plex Source Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. user_path_template: type: string minLength: 1 group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. client_id: type: string minLength: 1 description: Client identifier used to talk to Plex. allowed_servers: type: array items: type: string minLength: 1 description: Which servers a user has to be a member of to be granted access. Empty list allows every server. allow_friends: type: boolean description: Allow friends to authenticate, even if you don't share a server. plex_token: type: string minLength: 1 description: Plex token used to check friends required: - name - plex_token - slug PlexTokenRedeemRequest: type: object description: Serializer to redeem a plex token properties: plex_token: type: string minLength: 1 required: - plex_token Policy: type: object description: Policy Serializer properties: pk: type: string format: uuid readOnly: true title: Policy uuid name: type: string execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true bound_to: type: integer description: Return objects policy is bound to readOnly: true required: - bound_to - component - meta_model_name - name - pk - verbose_name - verbose_name_plural PolicyBinding: type: object description: PolicyBinding Serializer properties: pk: type: string format: uuid readOnly: true title: Policy binding uuid policy: type: string format: uuid nullable: true group: type: string format: uuid nullable: true user: type: integer nullable: true policy_obj: allOf: - $ref: '#/components/schemas/Policy' readOnly: true group_obj: allOf: - $ref: '#/components/schemas/Group' readOnly: true user_obj: allOf: - $ref: '#/components/schemas/User' readOnly: true target: type: string format: uuid negate: type: boolean description: Negates the outcome of the policy. Messages are unaffected. enabled: type: boolean order: type: integer maximum: 2147483647 minimum: -2147483648 timeout: type: integer maximum: 2147483647 minimum: 0 description: Timeout after which Policy execution is terminated. failure_result: type: boolean description: Result if the Policy execution fails. required: - group_obj - order - pk - policy_obj - target - user_obj PolicyBindingRequest: type: object description: PolicyBinding Serializer properties: policy: type: string format: uuid nullable: true group: type: string format: uuid nullable: true user: type: integer nullable: true target: type: string format: uuid negate: type: boolean description: Negates the outcome of the policy. Messages are unaffected. enabled: type: boolean order: type: integer maximum: 2147483647 minimum: -2147483648 timeout: type: integer maximum: 2147483647 minimum: 0 description: Timeout after which Policy execution is terminated. failure_result: type: boolean description: Result if the Policy execution fails. required: - order - target PolicyEngineMode: enum: - all - any type: string PolicyRequest: type: object description: Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. required: - name PolicyTestRequest: type: object description: Test policy execution for a user with context properties: user: type: integer context: type: object additionalProperties: {} required: - user PolicyTestResult: type: object description: result of a policy test properties: passing: type: boolean messages: type: array items: type: string readOnly: true log_messages: type: array items: $ref: '#/components/schemas/LogEvent' readOnly: true required: - log_messages - messages - passing Prompt: type: object description: Prompt Serializer properties: pk: type: string format: uuid readOnly: true title: Prompt uuid name: type: string field_key: type: string description: Name of the form field, also used to store the value label: type: string type: $ref: '#/components/schemas/PromptTypeEnum' required: type: boolean placeholder: type: string description: Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices. initial_value: type: string description: Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices. order: type: integer maximum: 2147483647 minimum: -2147483648 promptstage_set: type: array items: $ref: '#/components/schemas/Stage' sub_text: type: string placeholder_expression: type: boolean initial_value_expression: type: boolean required: - field_key - label - name - pk - type PromptChallenge: type: object description: Initial challenge being sent, define fields properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-prompt response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' fields: type: array items: $ref: '#/components/schemas/StagePrompt' required: - fields PromptChallengeResponseRequest: type: object description: |- Validate response, fields are dynamically created based on the stage properties: component: type: string minLength: 1 default: ak-stage-prompt additionalProperties: {} PromptRequest: type: object description: Prompt Serializer properties: name: type: string minLength: 1 field_key: type: string minLength: 1 description: Name of the form field, also used to store the value label: type: string minLength: 1 type: $ref: '#/components/schemas/PromptTypeEnum' required: type: boolean placeholder: type: string description: Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices. initial_value: type: string description: Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices. order: type: integer maximum: 2147483647 minimum: -2147483648 promptstage_set: type: array items: $ref: '#/components/schemas/StageRequest' sub_text: type: string placeholder_expression: type: boolean initial_value_expression: type: boolean required: - field_key - label - name - type PromptStage: type: object description: PromptStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' fields: type: array items: type: string format: uuid validation_policies: type: array items: type: string format: uuid required: - component - fields - meta_model_name - name - pk - verbose_name - verbose_name_plural PromptStageRequest: type: object description: PromptStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' fields: type: array items: type: string format: uuid validation_policies: type: array items: type: string format: uuid required: - fields - name PromptTypeEnum: enum: - text - text_area - text_read_only - text_area_read_only - username - email - password - number - checkbox - radio-button-group - dropdown - date - date-time - file - separator - hidden - static - ak-locale type: string PropertyMapping: type: object description: PropertyMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural PropertyMappingPreview: type: object description: Preview how the current user is mapped via the property mappings selected in a provider properties: preview: type: object additionalProperties: {} readOnly: true required: - preview PropertyMappingTestRequest: type: object description: Test property mapping execution for a user/group with context properties: user: type: integer nullable: true context: type: object additionalProperties: {} group: type: string format: uuid nullable: true PropertyMappingTestResult: type: object description: Result of a Property-mapping test properties: result: type: string readOnly: true successful: type: boolean readOnly: true required: - result - successful ProtocolEnum: enum: - rdp - vnc - ssh type: string Provider: type: object description: Provider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true assigned_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_application_name: type: string description: Application's display Name. readOnly: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - assigned_application_name - assigned_application_slug - assigned_backchannel_application_name - assigned_backchannel_application_slug - authorization_flow - component - invalidation_flow - meta_model_name - name - pk - verbose_name - verbose_name_plural ProviderEnum: enum: - twilio - generic type: string ProviderModelEnum: enum: - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_ldap.ldapprovider - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_radius.radiusprovider - authentik_providers_saml.samlprovider - authentik_providers_scim.scimprovider - authentik_providers_ssf.ssfprovider type: string ProviderRequest: type: object description: Provider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid required: - authorization_flow - invalidation_flow - name ProviderTypeEnum: enum: - apple - openidconnect - azuread - discord - facebook - github - gitlab - google - mailcow - okta - patreon - reddit - twitch - twitter type: string ProxyMode: enum: - proxy - forward_single - forward_domain type: string ProxyOutpostConfig: type: object description: Proxy provider serializer for outposts properties: pk: type: integer readOnly: true title: ID name: type: string internal_host: type: string format: uri external_host: type: string format: uri internal_host_ssl_validation: type: boolean description: Validate SSL Certificates of upstream servers client_id: type: string maxLength: 255 client_secret: type: string maxLength: 255 oidc_configuration: allOf: - $ref: '#/components/schemas/OpenIDConnectConfiguration' readOnly: true cookie_secret: type: string certificate: type: string format: uuid nullable: true skip_path_regex: type: string description: Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression. basic_auth_enabled: type: boolean title: Set HTTP-Basic Authentication description: Set a custom HTTP-Basic Authentication header based on values from authentik. basic_auth_password_attribute: type: string title: HTTP-Basic Password Key description: User/Group Attribute used for the password part of the HTTP-Basic Header. basic_auth_user_attribute: type: string title: HTTP-Basic Username Key description: User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used. mode: allOf: - $ref: '#/components/schemas/ProxyMode' description: Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. cookie_domain: type: string access_token_validity: type: number format: double nullable: true description: Get token validity as second count readOnly: true intercept_header_auth: type: boolean description: When enabled, this provider will intercept the authorization header and authenticate requests based on its value. scopes_to_request: type: array items: type: string description: |- Get all the scope names the outpost should request, including custom-defined ones readOnly: true assigned_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_application_name: type: string description: Application's display Name. readOnly: true required: - access_token_validity - assigned_application_name - assigned_application_slug - external_host - name - oidc_configuration - pk - scopes_to_request ProxyProvider: type: object description: ProxyProvider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true assigned_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_application_name: type: string description: Application's display Name. readOnly: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true client_id: type: string readOnly: true internal_host: type: string format: uri external_host: type: string format: uri internal_host_ssl_validation: type: boolean description: Validate SSL Certificates of upstream servers certificate: type: string format: uuid nullable: true skip_path_regex: type: string description: Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression. basic_auth_enabled: type: boolean title: Set HTTP-Basic Authentication description: Set a custom HTTP-Basic Authentication header based on values from authentik. basic_auth_password_attribute: type: string title: HTTP-Basic Password Key description: User/Group Attribute used for the password part of the HTTP-Basic Header. basic_auth_user_attribute: type: string title: HTTP-Basic Username Key description: User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used. mode: allOf: - $ref: '#/components/schemas/ProxyMode' description: Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. intercept_header_auth: type: boolean description: When enabled, this provider will intercept the authorization header and authenticate requests based on its value. redirect_uris: type: array items: $ref: '#/components/schemas/RedirectURI' readOnly: true cookie_domain: type: string jwt_federation_sources: type: array items: type: string format: uuid title: Any JWT signed by the JWK of the selected source can be used to authenticate. title: Any JWT signed by the JWK of the selected source can be used to authenticate. jwt_federation_providers: type: array items: type: integer access_token_validity: type: string description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' refresh_token_validity: type: string description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' outpost_set: type: array items: type: string readOnly: true required: - assigned_application_name - assigned_application_slug - assigned_backchannel_application_name - assigned_backchannel_application_slug - authorization_flow - client_id - component - external_host - invalidation_flow - meta_model_name - name - outpost_set - pk - redirect_uris - verbose_name - verbose_name_plural ProxyProviderRequest: type: object description: ProxyProvider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid internal_host: type: string format: uri external_host: type: string minLength: 1 format: uri internal_host_ssl_validation: type: boolean description: Validate SSL Certificates of upstream servers certificate: type: string format: uuid nullable: true skip_path_regex: type: string description: Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression. basic_auth_enabled: type: boolean title: Set HTTP-Basic Authentication description: Set a custom HTTP-Basic Authentication header based on values from authentik. basic_auth_password_attribute: type: string title: HTTP-Basic Password Key description: User/Group Attribute used for the password part of the HTTP-Basic Header. basic_auth_user_attribute: type: string title: HTTP-Basic Username Key description: User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used. mode: allOf: - $ref: '#/components/schemas/ProxyMode' description: Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host. intercept_header_auth: type: boolean description: When enabled, this provider will intercept the authorization header and authenticate requests based on its value. cookie_domain: type: string jwt_federation_sources: type: array items: type: string format: uuid title: Any JWT signed by the JWK of the selected source can be used to authenticate. title: Any JWT signed by the JWK of the selected source can be used to authenticate. jwt_federation_providers: type: array items: type: integer access_token_validity: type: string minLength: 1 description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' refresh_token_validity: type: string minLength: 1 description: 'Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' required: - authorization_flow - external_host - invalidation_flow - name RACPropertyMapping: type: object description: RACPropertyMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true static_settings: type: object additionalProperties: {} required: - component - meta_model_name - name - pk - static_settings - verbose_name - verbose_name_plural RACPropertyMappingRequest: type: object description: RACPropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string static_settings: type: object additionalProperties: {} required: - name - static_settings RACProvider: type: object description: RACProvider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true assigned_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_application_name: type: string description: Application's display Name. readOnly: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true settings: {} outpost_set: type: array items: type: string readOnly: true connection_expiry: type: string description: 'Determines how long a session lasts. Default of 0 means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' delete_token_on_disconnect: type: boolean description: When set to true, connection tokens will be deleted upon disconnect. required: - assigned_application_name - assigned_application_slug - assigned_backchannel_application_name - assigned_backchannel_application_slug - authorization_flow - component - meta_model_name - name - outpost_set - pk - verbose_name - verbose_name_plural RACProviderRequest: type: object description: RACProvider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. property_mappings: type: array items: type: string format: uuid settings: {} connection_expiry: type: string minLength: 1 description: 'Determines how long a session lasts. Default of 0 means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' delete_token_on_disconnect: type: boolean description: When set to true, connection tokens will be deleted upon disconnect. required: - authorization_flow - name RadiusCheckAccess: type: object description: Base serializer class which doesn't implement create/update methods properties: attributes: type: string access: $ref: '#/components/schemas/PolicyTestResult' required: - access RadiusOutpostConfig: type: object description: RadiusProvider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string application_slug: type: string auth_flow_slug: type: string client_networks: type: string description: List of CIDRs (comma-separated) that clients can connect from. A more specific CIDR will match before a looser one. Clients connecting from a non-specified CIDR will be dropped. shared_secret: type: string description: Shared secret between clients and server to hash packets. mfa_support: type: boolean description: When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon. required: - application_slug - auth_flow_slug - name - pk RadiusProvider: type: object description: RadiusProvider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true assigned_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_application_name: type: string description: Application's display Name. readOnly: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true client_networks: type: string description: List of CIDRs (comma-separated) that clients can connect from. A more specific CIDR will match before a looser one. Clients connecting from a non-specified CIDR will be dropped. shared_secret: type: string description: Shared secret between clients and server to hash packets. outpost_set: type: array items: type: string readOnly: true mfa_support: type: boolean description: When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon. required: - assigned_application_name - assigned_application_slug - assigned_backchannel_application_name - assigned_backchannel_application_slug - authorization_flow - component - invalidation_flow - meta_model_name - name - outpost_set - pk - verbose_name - verbose_name_plural RadiusProviderPropertyMapping: type: object description: RadiusProviderPropertyMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural RadiusProviderPropertyMappingRequest: type: object description: RadiusProviderPropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 required: - expression - name RadiusProviderRequest: type: object description: RadiusProvider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid client_networks: type: string minLength: 1 description: List of CIDRs (comma-separated) that clients can connect from. A more specific CIDR will match before a looser one. Clients connecting from a non-specified CIDR will be dropped. shared_secret: type: string minLength: 1 description: Shared secret between clients and server to hash packets. mfa_support: type: boolean description: When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon. required: - authorization_flow - invalidation_flow - name RedirectChallenge: type: object description: Challenge type to redirect the client properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: xak-flow-redirect response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' to: type: string required: - to RedirectChallengeResponseRequest: type: object description: Redirect challenge response properties: component: type: string minLength: 1 default: xak-flow-redirect to: type: string minLength: 1 required: - to RedirectStage: type: object description: RedirectStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' keep_context: type: boolean mode: $ref: '#/components/schemas/RedirectStageModeEnum' target_static: type: string target_flow: type: string format: uuid nullable: true required: - component - meta_model_name - mode - name - pk - verbose_name - verbose_name_plural RedirectStageModeEnum: enum: - static - flow type: string RedirectStageRequest: type: object description: RedirectStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' keep_context: type: boolean mode: $ref: '#/components/schemas/RedirectStageModeEnum' target_static: type: string target_flow: type: string format: uuid nullable: true required: - mode - name RedirectURI: type: object description: A single allowed redirect URI entry properties: matching_mode: $ref: '#/components/schemas/MatchingModeEnum' url: type: string required: - matching_mode - url RedirectURIRequest: type: object description: A single allowed redirect URI entry properties: matching_mode: $ref: '#/components/schemas/MatchingModeEnum' url: type: string minLength: 1 required: - matching_mode - url Reputation: type: object description: Reputation Serializer properties: pk: type: string format: uuid title: Reputation uuid identifier: type: string ip: type: string ip_geo_data: {} ip_asn_data: {} score: type: integer maximum: 9223372036854775807 minimum: -9223372036854775808 format: int64 updated: type: string format: date-time readOnly: true required: - identifier - ip - updated ReputationPolicy: type: object description: Reputation Policy Serializer properties: pk: type: string format: uuid readOnly: true title: Policy uuid name: type: string execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true bound_to: type: integer description: Return objects policy is bound to readOnly: true check_ip: type: boolean check_username: type: boolean threshold: type: integer maximum: 2147483647 minimum: -2147483648 required: - bound_to - component - meta_model_name - name - pk - verbose_name - verbose_name_plural ReputationPolicyRequest: type: object description: Reputation Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. check_ip: type: boolean check_username: type: boolean threshold: type: integer maximum: 2147483647 minimum: -2147483648 required: - name ResidentKeyRequirementEnum: enum: - discouraged - preferred - required type: string Role: type: object description: Role serializer properties: pk: type: string format: uuid readOnly: true title: Uuid name: type: string maxLength: 150 required: - name - pk RoleAssignedObjectPermission: type: object description: Roles assigned object permission serializer properties: role_pk: type: string readOnly: true name: type: string readOnly: true permissions: type: array items: $ref: '#/components/schemas/RoleObjectPermission' required: - name - permissions - role_pk RoleObjectPermission: type: object description: Role-bound object level permission properties: id: type: integer readOnly: true codename: type: string readOnly: true model: type: string title: Python model class name readOnly: true app_label: type: string readOnly: true object_pk: type: string name: type: string readOnly: true required: - app_label - codename - id - model - name - object_pk RoleRequest: type: object description: Role serializer properties: name: type: string minLength: 1 maxLength: 150 required: - name SAMLMetadata: type: object description: SAML Provider Metadata serializer properties: metadata: type: string readOnly: true download_url: type: string readOnly: true required: - download_url - metadata SAMLPropertyMapping: type: object description: SAMLPropertyMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true saml_name: type: string friendly_name: type: string nullable: true required: - component - expression - meta_model_name - name - pk - saml_name - verbose_name - verbose_name_plural SAMLPropertyMappingRequest: type: object description: SAMLPropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 saml_name: type: string minLength: 1 friendly_name: type: string nullable: true required: - expression - name - saml_name SAMLProvider: type: object description: SAMLProvider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true assigned_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_application_name: type: string description: Application's display Name. readOnly: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true acs_url: type: string format: uri audience: type: string description: Value of the audience restriction field of the assertion. When left empty, no audience restriction will be added. issuer: type: string description: Also known as EntityID assertion_valid_not_before: type: string description: 'Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3).' assertion_valid_not_on_or_after: type: string description: 'Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' session_valid_not_on_or_after: type: string description: 'Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' name_id_mapping: type: string format: uuid nullable: true title: NameID Property Mapping description: Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be considered authn_context_class_ref_mapping: type: string format: uuid nullable: true title: AuthnContextClassRef Property Mapping description: Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate. digest_algorithm: $ref: '#/components/schemas/DigestAlgorithmEnum' signature_algorithm: $ref: '#/components/schemas/SignatureAlgorithmEnum' signing_kp: type: string format: uuid nullable: true title: Signing Keypair description: Keypair used to sign outgoing Responses going to the Service Provider. verification_kp: type: string format: uuid nullable: true title: Verification Certificate description: When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default. encryption_kp: type: string format: uuid nullable: true title: Encryption Keypair description: When selected, incoming assertions are encrypted by the IdP using the public key of the encryption keypair. The assertion is decrypted by the SP using the the private key. sign_assertion: type: boolean sign_response: type: boolean sp_binding: allOf: - $ref: '#/components/schemas/SpBindingEnum' title: Service Provider Binding description: This determines how authentik sends the response back to the Service Provider. default_relay_state: type: string description: Default relay_state value for IDP-initiated logins url_download_metadata: type: string description: Get metadata download URL readOnly: true url_sso_post: type: string description: Get SSO Post URL readOnly: true url_sso_redirect: type: string description: Get SSO Redirect URL readOnly: true url_sso_init: type: string description: Get SSO IDP-Initiated URL readOnly: true url_slo_post: type: string description: Get SLO POST URL readOnly: true url_slo_redirect: type: string description: Get SLO redirect URL readOnly: true required: - acs_url - assigned_application_name - assigned_application_slug - assigned_backchannel_application_name - assigned_backchannel_application_slug - authorization_flow - component - invalidation_flow - meta_model_name - name - pk - url_download_metadata - url_slo_post - url_slo_redirect - url_sso_init - url_sso_post - url_sso_redirect - verbose_name - verbose_name_plural SAMLProviderImportRequest: type: object description: Import saml provider from XML Metadata properties: name: type: string minLength: 1 authorization_flow: type: string format: uuid invalidation_flow: type: string format: uuid file: type: string format: binary required: - authorization_flow - file - invalidation_flow - name SAMLProviderRequest: type: object description: SAMLProvider Serializer properties: name: type: string minLength: 1 authentication_flow: type: string format: uuid nullable: true description: Flow used for authentication when the associated application is accessed by an un-authenticated user. authorization_flow: type: string format: uuid description: Flow used when authorizing this provider. invalidation_flow: type: string format: uuid description: Flow used ending the session from a provider. property_mappings: type: array items: type: string format: uuid acs_url: type: string minLength: 1 format: uri audience: type: string description: Value of the audience restriction field of the assertion. When left empty, no audience restriction will be added. issuer: type: string minLength: 1 description: Also known as EntityID assertion_valid_not_before: type: string minLength: 1 description: 'Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3).' assertion_valid_not_on_or_after: type: string minLength: 1 description: 'Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' session_valid_not_on_or_after: type: string minLength: 1 description: 'Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).' name_id_mapping: type: string format: uuid nullable: true title: NameID Property Mapping description: Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be considered authn_context_class_ref_mapping: type: string format: uuid nullable: true title: AuthnContextClassRef Property Mapping description: Configure how the AuthnContextClassRef value will be created. When left empty, the AuthnContextClassRef will be set based on which authentication methods the user used to authenticate. digest_algorithm: $ref: '#/components/schemas/DigestAlgorithmEnum' signature_algorithm: $ref: '#/components/schemas/SignatureAlgorithmEnum' signing_kp: type: string format: uuid nullable: true title: Signing Keypair description: Keypair used to sign outgoing Responses going to the Service Provider. verification_kp: type: string format: uuid nullable: true title: Verification Certificate description: When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default. encryption_kp: type: string format: uuid nullable: true title: Encryption Keypair description: When selected, incoming assertions are encrypted by the IdP using the public key of the encryption keypair. The assertion is decrypted by the SP using the the private key. sign_assertion: type: boolean sign_response: type: boolean sp_binding: allOf: - $ref: '#/components/schemas/SpBindingEnum' title: Service Provider Binding description: This determines how authentik sends the response back to the Service Provider. default_relay_state: type: string description: Default relay_state value for IDP-initiated logins required: - acs_url - authorization_flow - invalidation_flow - name SAMLSource: type: object description: SAMLSource Serializer properties: pk: type: string format: uuid readOnly: true title: Pbm uuid name: type: string description: Source's display Name. slug: type: string description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. readOnly: true user_path_template: type: string icon: type: string readOnly: true group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. pre_authentication_flow: type: string format: uuid description: Flow used before authentication. issuer: type: string description: Also known as Entity ID. Defaults the Metadata URL. sso_url: type: string description: URL that the initial Login request is sent to. format: uri slo_url: type: string nullable: true description: Optional URL if your IDP supports Single-Logout. format: uri allow_idp_initiated: type: boolean description: Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done. name_id_policy: allOf: - $ref: '#/components/schemas/NameIdPolicyEnum' description: NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. binding_type: $ref: '#/components/schemas/BindingTypeEnum' verification_kp: type: string format: uuid nullable: true title: Verification Certificate description: When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default. signing_kp: type: string format: uuid nullable: true title: Signing Keypair description: Keypair used to sign outgoing Responses going to the Identity Provider. digest_algorithm: $ref: '#/components/schemas/DigestAlgorithmEnum' signature_algorithm: $ref: '#/components/schemas/SignatureAlgorithmEnum' temporary_user_delete_after: type: string title: Delete temporary users after description: 'Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format ''transient'', and the user doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' encryption_kp: type: string format: uuid nullable: true title: Encryption Keypair description: When selected, incoming assertions are encrypted by the IdP using the public key of the encryption keypair. The assertion is decrypted by the SP using the the private key. required: - component - icon - managed - meta_model_name - name - pk - pre_authentication_flow - slug - sso_url - verbose_name - verbose_name_plural SAMLSourcePropertyMapping: type: object description: SAMLSourcePropertyMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural SAMLSourcePropertyMappingRequest: type: object description: SAMLSourcePropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 required: - expression - name SAMLSourceRequest: type: object description: SAMLSource Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. user_path_template: type: string minLength: 1 group_matching_mode: allOf: - $ref: '#/components/schemas/GroupMatchingModeEnum' description: How the source determines if an existing group should be used or a new group created. pre_authentication_flow: type: string format: uuid description: Flow used before authentication. issuer: type: string description: Also known as Entity ID. Defaults the Metadata URL. sso_url: type: string minLength: 1 description: URL that the initial Login request is sent to. format: uri slo_url: type: string nullable: true description: Optional URL if your IDP supports Single-Logout. format: uri allow_idp_initiated: type: boolean description: Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done. name_id_policy: allOf: - $ref: '#/components/schemas/NameIdPolicyEnum' description: NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent. binding_type: $ref: '#/components/schemas/BindingTypeEnum' verification_kp: type: string format: uuid nullable: true title: Verification Certificate description: When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default. signing_kp: type: string format: uuid nullable: true title: Signing Keypair description: Keypair used to sign outgoing Responses going to the Identity Provider. digest_algorithm: $ref: '#/components/schemas/DigestAlgorithmEnum' signature_algorithm: $ref: '#/components/schemas/SignatureAlgorithmEnum' temporary_user_delete_after: type: string minLength: 1 title: Delete temporary users after description: 'Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format ''transient'', and the user doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' encryption_kp: type: string format: uuid nullable: true title: Encryption Keypair description: When selected, incoming assertions are encrypted by the IdP using the public key of the encryption keypair. The assertion is decrypted by the SP using the the private key. required: - name - pre_authentication_flow - slug - sso_url SCIMMapping: type: object description: SCIMMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural SCIMMappingRequest: type: object description: SCIMMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 required: - expression - name SCIMProvider: type: object description: SCIMProvider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string property_mappings: type: array items: type: string format: uuid property_mappings_group: type: array items: type: string format: uuid description: Property mappings used for group creation/updating. component: type: string description: Get object component so that we know how to edit the object readOnly: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true url: type: string description: Base URL to SCIM requests, usually ends in /v2 verify_certificates: type: boolean token: type: string description: Authentication token compatibility_mode: allOf: - $ref: '#/components/schemas/CompatibilityModeEnum' title: SCIM Compatibility Mode description: Alter authentik behavior for vendor-specific SCIM implementations. exclude_users_service_account: type: boolean filter_group: type: string format: uuid nullable: true dry_run: type: boolean description: When enabled, provider will not modify or create objects in the remote system. required: - assigned_backchannel_application_name - assigned_backchannel_application_slug - component - meta_model_name - name - pk - token - url - verbose_name - verbose_name_plural SCIMProviderGroup: type: object description: SCIMProviderGroup Serializer properties: id: type: string format: uuid readOnly: true scim_id: type: string group: type: string format: uuid group_obj: allOf: - $ref: '#/components/schemas/UserGroup' readOnly: true provider: type: integer attributes: readOnly: true required: - attributes - group - group_obj - id - provider - scim_id SCIMProviderGroupRequest: type: object description: SCIMProviderGroup Serializer properties: scim_id: type: string minLength: 1 group: type: string format: uuid provider: type: integer required: - group - provider - scim_id SCIMProviderRequest: type: object description: SCIMProvider Serializer properties: name: type: string minLength: 1 property_mappings: type: array items: type: string format: uuid property_mappings_group: type: array items: type: string format: uuid description: Property mappings used for group creation/updating. url: type: string minLength: 1 description: Base URL to SCIM requests, usually ends in /v2 verify_certificates: type: boolean token: type: string minLength: 1 description: Authentication token compatibility_mode: allOf: - $ref: '#/components/schemas/CompatibilityModeEnum' title: SCIM Compatibility Mode description: Alter authentik behavior for vendor-specific SCIM implementations. exclude_users_service_account: type: boolean filter_group: type: string format: uuid nullable: true dry_run: type: boolean description: When enabled, provider will not modify or create objects in the remote system. required: - name - token - url SCIMProviderUser: type: object description: SCIMProviderUser Serializer properties: id: type: string format: uuid readOnly: true scim_id: type: string user: type: integer user_obj: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true provider: type: integer attributes: readOnly: true required: - attributes - id - provider - scim_id - user - user_obj SCIMProviderUserRequest: type: object description: SCIMProviderUser Serializer properties: scim_id: type: string minLength: 1 user: type: integer provider: type: integer required: - provider - scim_id - user SCIMSource: type: object description: SCIMSource Serializer properties: pk: type: string format: uuid readOnly: true title: Pbm uuid name: type: string description: Source's display Name. slug: type: string description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. readOnly: true user_path_template: type: string root_url: type: string description: Get Root URL readOnly: true token_obj: allOf: - $ref: '#/components/schemas/Token' readOnly: true required: - component - managed - meta_model_name - name - pk - root_url - slug - token_obj - verbose_name - verbose_name_plural SCIMSourceGroup: type: object description: SCIMSourceGroup Serializer properties: id: type: string group: type: string format: uuid group_obj: allOf: - $ref: '#/components/schemas/UserGroup' readOnly: true source: type: string format: uuid attributes: {} required: - group - group_obj - id - source SCIMSourceGroupRequest: type: object description: SCIMSourceGroup Serializer properties: id: type: string minLength: 1 group: type: string format: uuid source: type: string format: uuid attributes: {} required: - group - id - source SCIMSourcePropertyMapping: type: object description: SCIMSourcePropertyMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - expression - meta_model_name - name - pk - verbose_name - verbose_name_plural SCIMSourcePropertyMappingRequest: type: object description: SCIMSourcePropertyMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 required: - expression - name SCIMSourceRequest: type: object description: SCIMSource Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid user_path_template: type: string minLength: 1 required: - name - slug SCIMSourceUser: type: object description: SCIMSourceUser Serializer properties: id: type: string user: type: integer user_obj: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true source: type: string format: uuid attributes: {} required: - id - source - user - user_obj SCIMSourceUserRequest: type: object description: SCIMSourceUser Serializer properties: id: type: string minLength: 1 user: type: integer source: type: string format: uuid attributes: {} required: - id - source - user SMSDevice: type: object description: Serializer for sms authenticator devices properties: name: type: string description: The human-readable name of this device. maxLength: 64 pk: type: integer readOnly: true title: ID phone_number: type: string readOnly: true user: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true required: - name - phone_number - pk - user SMSDeviceRequest: type: object description: Serializer for sms authenticator devices properties: name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 required: - name SSFProvider: type: object description: SSFProvider Serializer properties: pk: type: integer readOnly: true title: ID name: type: string component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true signing_key: type: string format: uuid description: Key used to sign the SSF Events. token_obj: allOf: - $ref: '#/components/schemas/Token' readOnly: true oidc_auth_providers: type: array items: type: integer ssf_url: type: string nullable: true readOnly: true event_retention: type: string required: - component - meta_model_name - name - pk - signing_key - ssf_url - token_obj - verbose_name - verbose_name_plural SSFProviderRequest: type: object description: SSFProvider Serializer properties: name: type: string minLength: 1 signing_key: type: string format: uuid description: Key used to sign the SSF Events. oidc_auth_providers: type: array items: type: integer event_retention: type: string minLength: 1 required: - name - signing_key SSFStream: type: object description: SSFStream Serializer properties: pk: type: string format: uuid readOnly: true title: Uuid provider: type: integer provider_obj: allOf: - $ref: '#/components/schemas/SSFProvider' readOnly: true delivery_method: $ref: '#/components/schemas/DeliveryMethodEnum' endpoint_url: type: string nullable: true events_requested: type: array items: $ref: '#/components/schemas/EventsRequestedEnum' format: type: string aud: type: array items: type: string iss: type: string required: - delivery_method - format - iss - pk - provider - provider_obj ScopeMapping: type: object description: ScopeMapping Serializer properties: pk: type: string format: uuid readOnly: true title: Pm uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string expression: type: string component: type: string description: Get object's component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true scope_name: type: string description: Scope name requested by the client description: type: string description: Description shown to the user when consenting. If left empty, the user won't be informed. required: - component - expression - meta_model_name - name - pk - scope_name - verbose_name - verbose_name_plural ScopeMappingRequest: type: object description: ScopeMapping Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. name: type: string minLength: 1 expression: type: string minLength: 1 scope_name: type: string minLength: 1 description: Scope name requested by the client description: type: string description: Description shown to the user when consenting. If left empty, the user won't be informed. required: - expression - name - scope_name SelectableStage: type: object description: Serializer for stages which can be selected by users properties: pk: type: string format: uuid name: type: string verbose_name: type: string meta_model_name: type: string required: - meta_model_name - name - pk - verbose_name ServiceConnection: type: object description: ServiceConnection Serializer properties: pk: type: string format: uuid readOnly: true title: Uuid name: type: string local: type: boolean description: If enabled, use the local connection. Required Docker socket/Kubernetes Integration component: type: string description: Return component used to edit this object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural ServiceConnectionRequest: type: object description: ServiceConnection Serializer properties: name: type: string minLength: 1 local: type: boolean description: If enabled, use the local connection. Required Docker socket/Kubernetes Integration required: - name ServiceConnectionState: type: object description: Serializer for Service connection state properties: healthy: type: boolean readOnly: true version: type: string readOnly: true required: - healthy - version SessionEndChallenge: type: object description: Challenge for ending a session properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-session-end response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string application_name: type: string application_launch_url: type: string invalidation_flow_url: type: string brand_name: type: string required: - brand_name - pending_user - pending_user_avatar SessionUser: type: object description: |- Response for the /user/me endpoint, returns the currently active user (as `user` property) and, if this user is being impersonated, the original user in the `original` property. properties: user: $ref: '#/components/schemas/UserSelf' original: $ref: '#/components/schemas/UserSelf' required: - user Settings: type: object description: Settings Serializer properties: avatars: type: string description: Configure how authentik should show avatars for users. default_user_change_name: type: boolean description: Enable the ability for users to change their name. default_user_change_email: type: boolean description: Enable the ability for users to change their email address. default_user_change_username: type: boolean description: Enable the ability for users to change their username. event_retention: type: string description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).' reputation_lower_limit: type: integer maximum: 0 minimum: -2147483648 description: Reputation cannot decrease lower than this value. Zero or negative. reputation_upper_limit: type: integer maximum: 2147483647 minimum: 0 description: Reputation cannot increase higher than this value. Zero or positive. footer_links: description: The option configures the footer links on the flow executor pages. gdpr_compliance: type: boolean description: When enabled, all the events caused by a user will be deleted upon the user's deletion. impersonation: type: boolean description: Globally enable/disable impersonation. impersonation_require_reason: type: boolean description: Require administrators to provide a reason for impersonating a user. default_token_duration: type: string description: Default token duration default_token_length: type: integer maximum: 2147483647 minimum: 1 description: Default token length SettingsRequest: type: object description: Settings Serializer properties: avatars: type: string minLength: 1 description: Configure how authentik should show avatars for users. default_user_change_name: type: boolean description: Enable the ability for users to change their name. default_user_change_email: type: boolean description: Enable the ability for users to change their email address. default_user_change_username: type: boolean description: Enable the ability for users to change their username. event_retention: type: string minLength: 1 description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).' reputation_lower_limit: type: integer maximum: 0 minimum: -2147483648 description: Reputation cannot decrease lower than this value. Zero or negative. reputation_upper_limit: type: integer maximum: 2147483647 minimum: 0 description: Reputation cannot increase higher than this value. Zero or positive. footer_links: description: The option configures the footer links on the flow executor pages. gdpr_compliance: type: boolean description: When enabled, all the events caused by a user will be deleted upon the user's deletion. impersonation: type: boolean description: Globally enable/disable impersonation. impersonation_require_reason: type: boolean description: Require administrators to provide a reason for impersonating a user. default_token_duration: type: string minLength: 1 description: Default token duration default_token_length: type: integer maximum: 2147483647 minimum: 1 description: Default token length SeverityEnum: enum: - notice - warning - alert type: string ShellChallenge: type: object description: challenge type to render HTML as-is properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: xak-flow-shell response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' body: type: string required: - body SignatureAlgorithmEnum: enum: - http://www.w3.org/2000/09/xmldsig#rsa-sha1 - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384 - http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512 - http://www.w3.org/2000/09/xmldsig#dsa-sha1 type: string Source: type: object description: Source Serializer properties: pk: type: string format: uuid readOnly: true title: Pbm uuid name: type: string description: Source's display Name. slug: type: string description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. readOnly: true user_path_template: type: string icon: type: string nullable: true description: |- Get the URL to the Icon. If the name is /static or starts with http it is returned as-is readOnly: true required: - component - icon - managed - meta_model_name - name - pk - slug - verbose_name - verbose_name_plural SourceRequest: type: object description: Source Serializer properties: name: type: string minLength: 1 description: Source's display Name. slug: type: string minLength: 1 description: Internal source name, used in URLs. maxLength: 50 pattern: ^[-a-zA-Z0-9_]+$ enabled: type: boolean authentication_flow: type: string format: uuid nullable: true description: Flow to use when authenticating existing users. enrollment_flow: type: string format: uuid nullable: true description: Flow to use when enrolling new users. user_property_mappings: type: array items: type: string format: uuid group_property_mappings: type: array items: type: string format: uuid policy_engine_mode: $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' description: How the source determines if an existing user should be authenticated or a new user enrolled. user_path_template: type: string minLength: 1 required: - name - slug SourceStage: type: object description: SourceStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' source: type: string format: uuid resume_timeout: type: string description: 'Amount of time a user can take to return from the source to continue the flow (Format: hours=-1;minutes=-2;seconds=-3)' required: - component - meta_model_name - name - pk - source - verbose_name - verbose_name_plural SourceStageRequest: type: object description: SourceStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' source: type: string format: uuid resume_timeout: type: string minLength: 1 description: 'Amount of time a user can take to return from the source to continue the flow (Format: hours=-1;minutes=-2;seconds=-3)' required: - name - source SourceType: type: object description: Serializer for SourceType properties: name: type: string verbose_name: type: string urls_customizable: type: boolean request_token_url: type: string readOnly: true nullable: true authorization_url: type: string readOnly: true nullable: true access_token_url: type: string readOnly: true nullable: true profile_url: type: string readOnly: true nullable: true oidc_well_known_url: type: string readOnly: true nullable: true oidc_jwks_url: type: string readOnly: true nullable: true required: - access_token_url - authorization_url - name - oidc_jwks_url - oidc_well_known_url - profile_url - request_token_url - urls_customizable - verbose_name SpBindingEnum: enum: - redirect - post type: string Stage: type: object description: Stage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural StagePrompt: type: object description: Serializer for a single Prompt field properties: field_key: type: string label: type: string type: $ref: '#/components/schemas/PromptTypeEnum' required: type: boolean placeholder: type: string initial_value: type: string order: type: integer sub_text: type: string choices: type: array items: type: string nullable: true required: - choices - field_key - initial_value - label - order - placeholder - required - sub_text - type StageRequest: type: object description: Stage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' required: - name StaticDevice: type: object description: Serializer for static authenticator devices properties: name: type: string description: The human-readable name of this device. maxLength: 64 token_set: type: array items: $ref: '#/components/schemas/StaticDeviceToken' readOnly: true pk: type: integer readOnly: true title: ID user: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true required: - name - pk - token_set - user StaticDeviceRequest: type: object description: Serializer for static authenticator devices properties: name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 required: - name StaticDeviceToken: type: object description: Serializer for static device's tokens properties: token: type: string maxLength: 16 required: - token StaticDeviceTokenRequest: type: object description: Serializer for static device's tokens properties: token: type: string minLength: 1 maxLength: 16 required: - token SubModeEnum: enum: - hashed_user_id - user_id - user_uuid - user_username - user_email - user_upn type: string SyncObjectModelEnum: enum: - authentik.core.models.User - authentik.core.models.Group type: string SyncObjectRequest: type: object description: Sync object serializer properties: sync_object_model: $ref: '#/components/schemas/SyncObjectModelEnum' sync_object_id: type: string minLength: 1 override_dry_run: type: boolean default: false required: - sync_object_id - sync_object_model SyncObjectResult: type: object description: Result of a single object sync properties: messages: type: array items: $ref: '#/components/schemas/LogEvent' readOnly: true required: - messages SyncStatus: type: object description: Provider sync status properties: is_running: type: boolean readOnly: true tasks: type: array items: $ref: '#/components/schemas/SystemTask' readOnly: true required: - is_running - tasks SystemInfo: type: object description: Get system information. properties: http_headers: type: object additionalProperties: type: string description: Get HTTP Request headers readOnly: true http_host: type: string description: Get HTTP host readOnly: true http_is_secure: type: boolean description: Get HTTP Secure flag readOnly: true runtime: type: object description: Get versions properties: python_version: type: string environment: type: string architecture: type: string platform: type: string uname: type: string openssl_version: type: string openssl_fips_enabled: type: boolean nullable: true authentik_version: type: string required: - architecture - authentik_version - environment - openssl_fips_enabled - openssl_version - platform - python_version - uname readOnly: true brand: type: string description: Currently active brand readOnly: true server_time: type: string format: date-time description: Current server time readOnly: true embedded_outpost_disabled: type: boolean description: Whether the embedded outpost is disabled readOnly: true embedded_outpost_host: type: string description: Get the FQDN configured on the embedded outpost readOnly: true required: - brand - embedded_outpost_disabled - embedded_outpost_host - http_headers - http_host - http_is_secure - runtime - server_time SystemTask: type: object description: Serialize TaskInfo and TaskResult properties: uuid: type: string format: uuid readOnly: true name: type: string full_name: type: string description: Get full name with UID readOnly: true uid: type: string description: type: string start_timestamp: type: string format: date-time readOnly: true finish_timestamp: type: string format: date-time readOnly: true duration: type: number format: double readOnly: true status: $ref: '#/components/schemas/SystemTaskStatusEnum' messages: type: array items: $ref: '#/components/schemas/LogEvent' expires: type: string format: date-time nullable: true expiring: type: boolean required: - description - duration - finish_timestamp - full_name - messages - name - start_timestamp - status - uuid SystemTaskStatusEnum: enum: - unknown - successful - warning - error type: string TOTPDevice: type: object description: Serializer for totp authenticator devices properties: name: type: string description: The human-readable name of this device. maxLength: 64 pk: type: integer readOnly: true title: ID user: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true required: - name - pk - user TOTPDeviceRequest: type: object description: Serializer for totp authenticator devices properties: name: type: string minLength: 1 description: The human-readable name of this device. maxLength: 64 required: - name Tenant: type: object description: Tenant Serializer properties: tenant_uuid: type: string format: uuid readOnly: true schema_name: type: string maxLength: 63 name: type: string ready: type: boolean required: - name - schema_name - tenant_uuid TenantAdminGroupRequestRequest: type: object description: Tenant admin group creation request serializer properties: user: type: string minLength: 1 required: - user TenantRecoveryKeyRequestRequest: type: object description: Tenant recovery key creation request serializer properties: user: type: string minLength: 1 duration_days: type: integer required: - duration_days - user TenantRecoveryKeyResponse: type: object description: Tenant recovery key creation response serializer properties: expiry: type: string format: date-time url: type: string required: - expiry - url TenantRequest: type: object description: Tenant Serializer properties: schema_name: type: string minLength: 1 maxLength: 63 name: type: string minLength: 1 ready: type: boolean required: - name - schema_name Token: type: object description: Token Serializer properties: pk: type: string format: uuid readOnly: true title: Token uuid managed: type: string nullable: true title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. identifier: type: string maxLength: 255 pattern: ^[-a-zA-Z0-9_]+$ intent: $ref: '#/components/schemas/IntentEnum' user: type: integer user_obj: allOf: - $ref: '#/components/schemas/User' readOnly: true description: type: string expires: type: string format: date-time nullable: true expiring: type: boolean required: - identifier - pk - user_obj TokenModel: type: object description: Serializer for BaseGrantModel and RefreshToken properties: pk: type: integer readOnly: true title: ID provider: $ref: '#/components/schemas/OAuth2Provider' user: $ref: '#/components/schemas/User' is_expired: type: boolean description: Check if token is expired yet. readOnly: true expires: type: string format: date-time nullable: true scope: type: array items: type: string id_token: type: string description: Get the token's id_token as JSON String readOnly: true revoked: type: boolean required: - id_token - is_expired - pk - provider - scope - user TokenRequest: type: object description: Token Serializer properties: managed: type: string nullable: true minLength: 1 title: Managed by authentik description: Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update. identifier: type: string minLength: 1 maxLength: 255 pattern: ^[-a-zA-Z0-9_]+$ intent: $ref: '#/components/schemas/IntentEnum' user: type: integer description: type: string expires: type: string format: date-time nullable: true expiring: type: boolean required: - identifier TokenSetKeyRequest: type: object properties: key: type: string minLength: 1 required: - key TokenView: type: object description: Show token's current key properties: key: type: string readOnly: true required: - key TransactionApplicationRequest: type: object description: Serializer for creating a provider and an application in one transaction properties: app: $ref: '#/components/schemas/ApplicationRequest' provider_model: $ref: '#/components/schemas/ProviderModelEnum' provider: $ref: '#/components/schemas/modelRequest' policy_bindings: type: array items: $ref: '#/components/schemas/TransactionPolicyBindingRequest' required: - app - provider - provider_model TransactionApplicationResponse: type: object description: Transactional creation response properties: applied: type: boolean logs: type: array items: type: string required: - applied - logs TransactionPolicyBindingRequest: type: object description: PolicyBindingSerializer which does not require target as target is set implicitly properties: policy: type: string format: uuid nullable: true group: type: string format: uuid nullable: true user: type: integer nullable: true negate: type: boolean description: Negates the outcome of the policy. Messages are unaffected. enabled: type: boolean order: type: integer maximum: 2147483647 minimum: -2147483648 timeout: type: integer maximum: 2147483647 minimum: 0 description: Timeout after which Policy execution is terminated. failure_result: type: boolean description: Result if the Policy execution fails. required: - order TypeCreate: type: object description: Types of an object that can be created properties: name: type: string description: type: string component: type: string model_name: type: string icon_url: type: string requires_enterprise: type: boolean default: false required: - component - description - model_name - name UiThemeEnum: enum: - automatic - light - dark type: string UniquePasswordPolicy: type: object description: Password Uniqueness Policy Serializer properties: pk: type: string format: uuid readOnly: true title: Policy uuid name: type: string execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. component: type: string description: Get object component so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true bound_to: type: integer description: Return objects policy is bound to readOnly: true password_field: type: string description: Field key to check, field keys defined in Prompt stages are available. num_historical_passwords: type: integer maximum: 2147483647 minimum: 0 description: Number of passwords to check against. required: - bound_to - component - meta_model_name - name - pk - verbose_name - verbose_name_plural UniquePasswordPolicyRequest: type: object description: Password Uniqueness Policy Serializer properties: name: type: string minLength: 1 execution_logging: type: boolean description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. password_field: type: string minLength: 1 description: Field key to check, field keys defined in Prompt stages are available. num_historical_passwords: type: integer maximum: 2147483647 minimum: 0 description: Number of passwords to check against. required: - name UsedBy: type: object description: A list of all objects referencing the queried object properties: app: type: string model_name: type: string pk: type: string name: type: string action: $ref: '#/components/schemas/UsedByActionEnum' required: - action - app - model_name - name - pk UsedByActionEnum: enum: - cascade - cascade_many - set_null - set_default type: string User: type: object description: User Serializer properties: pk: type: integer readOnly: true title: ID username: type: string maxLength: 150 name: type: string description: User's display name. is_active: type: boolean title: Active description: Designates whether this user should be treated as active. Unselect this instead of deleting accounts. last_login: type: string format: date-time nullable: true date_joined: type: string format: date-time readOnly: true is_superuser: type: boolean readOnly: true groups: type: array items: type: string format: uuid groups_obj: type: array items: $ref: '#/components/schemas/UserGroup' readOnly: true nullable: true email: type: string format: email title: Email address maxLength: 254 avatar: type: string description: User's avatar, either a http/https URL or a data URI readOnly: true attributes: type: object additionalProperties: {} uid: type: string readOnly: true path: type: string type: $ref: '#/components/schemas/UserTypeEnum' uuid: type: string format: uuid readOnly: true password_change_date: type: string format: date-time readOnly: true required: - avatar - date_joined - groups_obj - is_superuser - name - password_change_date - pk - uid - username - uuid UserAccountRequest: type: object description: Account adding/removing operations properties: pk: type: integer required: - pk UserAssignedObjectPermission: type: object description: Users assigned object permission serializer properties: pk: type: integer readOnly: true title: ID username: type: string description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. pattern: ^[\w.@+-]+$ maxLength: 150 name: type: string description: User's display name. is_active: type: boolean title: Active description: Designates whether this user should be treated as active. Unselect this instead of deleting accounts. last_login: type: string format: date-time nullable: true email: type: string format: email title: Email address maxLength: 254 attributes: type: object additionalProperties: {} uid: type: string readOnly: true permissions: type: array items: $ref: '#/components/schemas/UserObjectPermission' is_superuser: type: boolean required: - is_superuser - name - permissions - pk - uid - username UserAttributeEnum: enum: - username - email type: string UserConsent: type: object description: UserConsent Serializer properties: pk: type: integer readOnly: true title: ID expires: type: string format: date-time nullable: true expiring: type: boolean user: $ref: '#/components/schemas/User' application: $ref: '#/components/schemas/Application' permissions: type: string default: '' required: - application - pk - user UserCreationModeEnum: enum: - never_create - create_when_required - always_create type: string UserDeleteStage: type: object description: UserDeleteStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural UserDeleteStageRequest: type: object description: UserDeleteStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' required: - name UserFieldsEnum: enum: - email - username - upn type: string UserGroup: type: object description: Simplified Group Serializer for user's groups properties: pk: type: string format: uuid readOnly: true title: Group uuid num_pk: type: integer description: Get a numerical, int32 ID for the group readOnly: true name: type: string is_superuser: type: boolean description: Users added to this group will be superusers. parent: type: string format: uuid nullable: true parent_name: type: string readOnly: true nullable: true attributes: type: object additionalProperties: {} required: - name - num_pk - parent_name - pk UserGroupRequest: type: object description: Simplified Group Serializer for user's groups properties: name: type: string minLength: 1 is_superuser: type: boolean description: Users added to this group will be superusers. parent: type: string format: uuid nullable: true attributes: type: object additionalProperties: {} required: - name UserKerberosSourceConnection: type: object description: User source connection properties: pk: type: integer readOnly: true title: ID user: type: integer source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - identifier - last_updated - pk - source - source_obj - user UserKerberosSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 required: - identifier - source - user UserLDAPSourceConnection: type: object description: User source connection properties: pk: type: integer readOnly: true title: ID user: type: integer source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - identifier - last_updated - pk - source - source_obj - user UserLDAPSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 required: - identifier - source - user UserLoginChallenge: type: object description: Empty challenge properties: flow_info: $ref: '#/components/schemas/ContextualFlowInfo' component: type: string default: ak-stage-user-login response_errors: type: object additionalProperties: type: array items: $ref: '#/components/schemas/ErrorDetail' pending_user: type: string pending_user_avatar: type: string required: - pending_user - pending_user_avatar UserLoginChallengeResponseRequest: type: object description: User login challenge properties: component: type: string minLength: 1 default: ak-stage-user-login remember_me: type: boolean required: - remember_me UserLoginStage: type: object description: UserLoginStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' session_duration: type: string description: 'Determines how long a session lasts. Default of 0 means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' terminate_other_sessions: type: boolean description: Terminate all other sessions of the user logging in. remember_me_offset: type: string description: 'Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)' network_binding: allOf: - $ref: '#/components/schemas/NetworkBindingEnum' description: Bind sessions created by this stage to the configured network geoip_binding: allOf: - $ref: '#/components/schemas/GeoipBindingEnum' description: Bind sessions created by this stage to the configured GeoIP location required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural UserLoginStageRequest: type: object description: UserLoginStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' session_duration: type: string minLength: 1 description: 'Determines how long a session lasts. Default of 0 means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' terminate_other_sessions: type: boolean description: Terminate all other sessions of the user logging in. remember_me_offset: type: string minLength: 1 description: 'Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)' network_binding: allOf: - $ref: '#/components/schemas/NetworkBindingEnum' description: Bind sessions created by this stage to the configured network geoip_binding: allOf: - $ref: '#/components/schemas/GeoipBindingEnum' description: Bind sessions created by this stage to the configured GeoIP location required: - name UserLogoutStage: type: object description: UserLogoutStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural UserLogoutStageRequest: type: object description: UserLogoutStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' required: - name UserMatchingModeEnum: enum: - identifier - email_link - email_deny - username_link - username_deny type: string UserMetrics: type: object description: User Metrics properties: logins: type: array items: $ref: '#/components/schemas/Coordinate' readOnly: true logins_failed: type: array items: $ref: '#/components/schemas/Coordinate' readOnly: true authorizations: type: array items: $ref: '#/components/schemas/Coordinate' readOnly: true required: - authorizations - logins - logins_failed UserOAuthSourceConnection: type: object description: User source connection properties: pk: type: integer readOnly: true title: ID user: type: integer source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - identifier - last_updated - pk - source - source_obj - user UserOAuthSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 access_token: type: string writeOnly: true nullable: true required: - identifier - source - user UserObjectPermission: type: object description: User-bound object level permission properties: id: type: integer readOnly: true codename: type: string readOnly: true model: type: string title: Python model class name readOnly: true app_label: type: string readOnly: true object_pk: type: string name: type: string readOnly: true required: - app_label - codename - id - model - name - object_pk UserPasswordSetRequest: type: object properties: password: type: string minLength: 1 required: - password UserPath: type: object properties: paths: type: array items: type: string readOnly: true required: - paths UserPlexSourceConnection: type: object description: User source connection properties: pk: type: integer readOnly: true title: ID user: type: integer source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - identifier - last_updated - pk - source - source_obj - user UserPlexSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 plex_token: type: string writeOnly: true minLength: 1 required: - identifier - plex_token - source - user UserRequest: type: object description: User Serializer properties: username: type: string minLength: 1 maxLength: 150 name: type: string description: User's display name. is_active: type: boolean title: Active description: Designates whether this user should be treated as active. Unselect this instead of deleting accounts. last_login: type: string format: date-time nullable: true groups: type: array items: type: string format: uuid email: type: string format: email title: Email address maxLength: 254 attributes: type: object additionalProperties: {} path: type: string minLength: 1 type: $ref: '#/components/schemas/UserTypeEnum' required: - name - username UserSAMLSourceConnection: type: object description: User source connection properties: pk: type: integer readOnly: true title: ID user: type: integer source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - identifier - last_updated - pk - source - source_obj - user UserSAMLSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 required: - identifier - source - user UserSelf: type: object description: User Serializer for information a user can retrieve about themselves properties: pk: type: integer readOnly: true title: ID username: type: string description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. pattern: ^[\w.@+-]+$ maxLength: 150 name: type: string description: User's display name. is_active: type: boolean readOnly: true title: Active description: Designates whether this user should be treated as active. Unselect this instead of deleting accounts. is_superuser: type: boolean readOnly: true groups: type: array items: $ref: '#/components/schemas/UserSelfGroups' readOnly: true email: type: string format: email title: Email address maxLength: 254 avatar: type: string description: User's avatar, either a http/https URL or a data URI readOnly: true uid: type: string readOnly: true settings: type: object additionalProperties: {} description: Get user settings with brand and group settings applied readOnly: true type: $ref: '#/components/schemas/UserTypeEnum' system_permissions: type: array items: type: string description: Get all system permissions assigned to the user readOnly: true required: - avatar - groups - is_active - is_superuser - name - pk - settings - system_permissions - uid - username UserSelfGroups: type: object properties: name: type: string readOnly: true pk: type: string readOnly: true required: - name - pk UserServiceAccountRequest: type: object properties: name: type: string minLength: 1 create_group: type: boolean default: false expiring: type: boolean default: true expires: type: string format: date-time description: If not provided, valid for 360 days required: - name UserServiceAccountResponse: type: object properties: username: type: string token: type: string user_uid: type: string user_pk: type: integer group_pk: type: string required: - token - user_pk - user_uid - username UserSetting: type: object description: Serializer for User settings for stages and sources properties: object_uid: type: string component: type: string title: type: string configure_url: type: string icon_url: type: string required: - component - object_uid - title UserSourceConnection: type: object description: User source connection properties: pk: type: integer readOnly: true title: ID user: type: integer source: type: string format: uuid source_obj: allOf: - $ref: '#/components/schemas/Source' readOnly: true identifier: type: string created: type: string format: date-time readOnly: true last_updated: type: string format: date-time readOnly: true required: - created - identifier - last_updated - pk - source - source_obj - user UserSourceConnectionRequest: type: object description: User source connection properties: user: type: integer source: type: string format: uuid identifier: type: string minLength: 1 required: - identifier - source - user UserTypeEnum: enum: - internal - external - service_account - internal_service_account type: string UserVerificationEnum: enum: - required - preferred - discouraged type: string UserWriteStage: type: object description: UserWriteStage Serializer properties: pk: type: string format: uuid readOnly: true title: Stage uuid name: type: string component: type: string description: Get object type so that we know how to edit the object readOnly: true verbose_name: type: string description: Return object's verbose_name readOnly: true verbose_name_plural: type: string description: Return object's plural verbose_name readOnly: true meta_model_name: type: string description: Return internal model name readOnly: true flow_set: type: array items: $ref: '#/components/schemas/FlowSet' user_creation_mode: $ref: '#/components/schemas/UserCreationModeEnum' create_users_as_inactive: type: boolean description: When set, newly created users are inactive and cannot login. create_users_group: type: string format: uuid nullable: true description: Optionally add newly created users to this group. user_type: $ref: '#/components/schemas/UserTypeEnum' user_path_template: type: string required: - component - meta_model_name - name - pk - verbose_name - verbose_name_plural UserWriteStageRequest: type: object description: UserWriteStage Serializer properties: name: type: string minLength: 1 flow_set: type: array items: $ref: '#/components/schemas/FlowSetRequest' user_creation_mode: $ref: '#/components/schemas/UserCreationModeEnum' create_users_as_inactive: type: boolean description: When set, newly created users are inactive and cannot login. create_users_group: type: string format: uuid nullable: true description: Optionally add newly created users to this group. user_type: $ref: '#/components/schemas/UserTypeEnum' user_path_template: type: string required: - name ValidationError: type: object description: Validation Error properties: non_field_errors: type: array items: type: string code: type: string additionalProperties: {} Version: type: object description: Get running and latest version. properties: version_current: type: string description: Get current version readOnly: true version_latest: type: string description: Get latest version from cache readOnly: true version_latest_valid: type: boolean description: Check if latest version is valid readOnly: true build_hash: type: string description: Get build hash, if version is not latest or released readOnly: true outdated: type: boolean description: Check if we're running the latest version readOnly: true outpost_outdated: type: boolean description: Check if any outpost is outdated/has a version mismatch readOnly: true required: - build_hash - outdated - outpost_outdated - version_current - version_latest - version_latest_valid VersionHistory: type: object description: VersionHistory Serializer properties: id: type: integer readOnly: true timestamp: type: string format: date-time version: type: string build: type: string required: - build - id - timestamp - version WebAuthnDevice: type: object description: Serializer for WebAuthn authenticator devices properties: pk: type: integer readOnly: true title: ID name: type: string maxLength: 200 created_on: type: string format: date-time readOnly: true device_type: allOf: - $ref: '#/components/schemas/WebAuthnDeviceType' readOnly: true nullable: true aaguid: type: string readOnly: true user: allOf: - $ref: '#/components/schemas/GroupMember' readOnly: true required: - aaguid - created_on - device_type - name - pk - user WebAuthnDeviceRequest: type: object description: Serializer for WebAuthn authenticator devices properties: name: type: string minLength: 1 maxLength: 200 required: - name WebAuthnDeviceType: type: object description: WebAuthnDeviceType Serializer properties: aaguid: type: string format: uuid description: type: string required: - aaguid - description WebAuthnDeviceTypeRequest: type: object description: WebAuthnDeviceType Serializer properties: aaguid: type: string format: uuid description: type: string minLength: 1 required: - aaguid - description Worker: type: object properties: worker_id: type: string version: type: string version_matching: type: boolean required: - version - version_matching - worker_id modelRequest: oneOf: - $ref: '#/components/schemas/GoogleWorkspaceProviderRequest' - $ref: '#/components/schemas/LDAPProviderRequest' - $ref: '#/components/schemas/MicrosoftEntraProviderRequest' - $ref: '#/components/schemas/OAuth2ProviderRequest' - $ref: '#/components/schemas/ProxyProviderRequest' - $ref: '#/components/schemas/RACProviderRequest' - $ref: '#/components/schemas/RadiusProviderRequest' - $ref: '#/components/schemas/SAMLProviderRequest' - $ref: '#/components/schemas/SCIMProviderRequest' - $ref: '#/components/schemas/SSFProviderRequest' discriminator: propertyName: provider_model mapping: authentik_providers_google_workspace.googleworkspaceprovider: '#/components/schemas/GoogleWorkspaceProviderRequest' authentik_providers_ldap.ldapprovider: '#/components/schemas/LDAPProviderRequest' authentik_providers_microsoft_entra.microsoftentraprovider: '#/components/schemas/MicrosoftEntraProviderRequest' authentik_providers_oauth2.oauth2provider: '#/components/schemas/OAuth2ProviderRequest' authentik_providers_proxy.proxyprovider: '#/components/schemas/ProxyProviderRequest' authentik_providers_rac.racprovider: '#/components/schemas/RACProviderRequest' authentik_providers_radius.radiusprovider: '#/components/schemas/RadiusProviderRequest' authentik_providers_saml.samlprovider: '#/components/schemas/SAMLProviderRequest' authentik_providers_scim.scimprovider: '#/components/schemas/SCIMProviderRequest' authentik_providers_ssf.ssfprovider: '#/components/schemas/SSFProviderRequest' securitySchemes: authentik: type: http scheme: bearer servers: - url: /api/v3/