habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0e37a66751ad12e647eb03197e901b611a704b0e
authentik/schema.yml
Simonyi Gergő b6b47b669e release: 2025.6.2
2025-06-16 18:20:22 +02:00

61459 lines
1.6 MiB
Raw Blame History

openapi: 3.0.3
info:
title: authentik
version: 2025.6.2
description: Making authentication simple.
contact:
email: hello@goauthentik.io
license:
name: MIT
url: https://github.com/goauthentik/authentik/blob/main/LICENSE
paths:
/admin/apps/:
get:
operationId: admin_apps_list
description: Read-only view list all installed apps
tags:
- admin
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/App'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/admin/metrics/:
get:
operationId: admin_metrics_retrieve
description: Login Metrics per 1h
tags:
- admin
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LoginMetrics'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/admin/models/:
get:
operationId: admin_models_list
description: Read-only view list all installed models
tags:
- admin
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/App'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/admin/settings/:
get:
operationId: admin_settings_retrieve
description: Settings view
tags:
- admin
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Settings'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: admin_settings_update
description: Settings view
tags:
- admin
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SettingsRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Settings'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: admin_settings_partial_update
description: Settings view
tags:
- admin
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSettingsRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Settings'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/admin/system/:
get:
operationId: admin_system_retrieve
description: Get system information.
tags:
- admin
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SystemInfo'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: admin_system_create
description: Get system information.
tags:
- admin
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SystemInfo'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/admin/version/:
get:
operationId: admin_version_retrieve
description: Get running and latest version.
tags:
- admin
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Version'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/admin/version/history/:
get:
operationId: admin_version_history_list
description: VersionHistory Viewset
parameters:
- in: query
name: build
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: version
schema:
type: string
tags:
- admin
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/VersionHistory'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/admin/version/history/{id}/:
get:
operationId: admin_version_history_retrieve
description: VersionHistory Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Version history.
required: true
tags:
- admin
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/VersionHistory'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/admin/workers/:
get:
operationId: admin_workers_list
description: Get currently connected worker count.
tags:
- admin
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Worker'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/all/:
get:
operationId: authenticators_admin_all_list
description: Get all devices for current user
parameters:
- in: query
name: user
schema:
type: integer
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Device'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/duo/:
get:
operationId: authenticators_admin_duo_list
description: Viewset for Duo authenticator devices (for admins)
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedDuoDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: authenticators_admin_duo_create
description: Viewset for Duo authenticator devices (for admins)
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DuoDeviceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/DuoDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/duo/{id}/:
get:
operationId: authenticators_admin_duo_retrieve
description: Viewset for Duo authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Duo Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DuoDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_admin_duo_update
description: Viewset for Duo authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Duo Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DuoDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DuoDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_admin_duo_partial_update
description: Viewset for Duo authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Duo Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedDuoDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DuoDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_admin_duo_destroy
description: Viewset for Duo authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Duo Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/email/:
get:
operationId: authenticators_admin_email_list
description: Viewset for email authenticator devices (for admins)
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedEmailDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: authenticators_admin_email_create
description: Viewset for email authenticator devices (for admins)
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EmailDeviceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/EmailDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/email/{id}/:
get:
operationId: authenticators_admin_email_retrieve
description: Viewset for email authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Email Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EmailDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_admin_email_update
description: Viewset for email authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Email Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EmailDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EmailDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_admin_email_partial_update
description: Viewset for email authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Email Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedEmailDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EmailDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_admin_email_destroy
description: Viewset for email authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Email Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/endpoint/:
get:
operationId: authenticators_admin_endpoint_list
description: Viewset for Endpoint authenticator devices (for admins)
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedEndpointDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: authenticators_admin_endpoint_create
description: Viewset for Endpoint authenticator devices (for admins)
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDeviceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/endpoint/{uuid}/:
get:
operationId: authenticators_admin_endpoint_retrieve
description: Viewset for Endpoint authenticator devices (for admins)
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Endpoint Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_admin_endpoint_update
description: Viewset for Endpoint authenticator devices (for admins)
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Endpoint Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_admin_endpoint_partial_update
description: Viewset for Endpoint authenticator devices (for admins)
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Endpoint Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedEndpointDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_admin_endpoint_destroy
description: Viewset for Endpoint authenticator devices (for admins)
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Endpoint Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/sms/:
get:
operationId: authenticators_admin_sms_list
description: Viewset for sms authenticator devices (for admins)
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSMSDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: authenticators_admin_sms_create
description: Viewset for sms authenticator devices (for admins)
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SMSDeviceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SMSDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/sms/{id}/:
get:
operationId: authenticators_admin_sms_retrieve
description: Viewset for sms authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SMS Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SMSDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_admin_sms_update
description: Viewset for sms authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SMS Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SMSDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SMSDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_admin_sms_partial_update
description: Viewset for sms authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SMS Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSMSDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SMSDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_admin_sms_destroy
description: Viewset for sms authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SMS Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/static/:
get:
operationId: authenticators_admin_static_list
description: Viewset for static authenticator devices (for admins)
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedStaticDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: authenticators_admin_static_create
description: Viewset for static authenticator devices (for admins)
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/StaticDeviceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/StaticDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/static/{id}/:
get:
operationId: authenticators_admin_static_retrieve
description: Viewset for static authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Static Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/StaticDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_admin_static_update
description: Viewset for static authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Static Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/StaticDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/StaticDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_admin_static_partial_update
description: Viewset for static authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Static Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedStaticDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/StaticDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_admin_static_destroy
description: Viewset for static authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Static Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/totp/:
get:
operationId: authenticators_admin_totp_list
description: Viewset for totp authenticator devices (for admins)
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedTOTPDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: authenticators_admin_totp_create
description: Viewset for totp authenticator devices (for admins)
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TOTPDeviceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/TOTPDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/totp/{id}/:
get:
operationId: authenticators_admin_totp_retrieve
description: Viewset for totp authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this TOTP Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TOTPDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_admin_totp_update
description: Viewset for totp authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this TOTP Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TOTPDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TOTPDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_admin_totp_partial_update
description: Viewset for totp authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this TOTP Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedTOTPDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TOTPDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_admin_totp_destroy
description: Viewset for totp authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this TOTP Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/webauthn/:
get:
operationId: authenticators_admin_webauthn_list
description: Viewset for WebAuthn authenticator devices (for admins)
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: authenticators_admin_webauthn_create
description: Viewset for WebAuthn authenticator devices (for admins)
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/WebAuthnDeviceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/WebAuthnDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/admin/webauthn/{id}/:
get:
operationId: authenticators_admin_webauthn_retrieve
description: Viewset for WebAuthn authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this WebAuthn Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/WebAuthnDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_admin_webauthn_update
description: Viewset for WebAuthn authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this WebAuthn Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/WebAuthnDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/WebAuthnDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_admin_webauthn_partial_update
description: Viewset for WebAuthn authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this WebAuthn Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/WebAuthnDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_admin_webauthn_destroy
description: Viewset for WebAuthn authenticator devices (for admins)
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this WebAuthn Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/all/:
get:
operationId: authenticators_all_list
description: Get all devices for current user
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Device'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/duo/:
get:
operationId: authenticators_duo_list
description: Viewset for Duo authenticator devices
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedDuoDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/duo/{id}/:
get:
operationId: authenticators_duo_retrieve
description: Viewset for Duo authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Duo Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DuoDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_duo_update
description: Viewset for Duo authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Duo Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DuoDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DuoDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_duo_partial_update
description: Viewset for Duo authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Duo Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedDuoDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DuoDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_duo_destroy
description: Viewset for Duo authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Duo Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/duo/{id}/used_by/:
get:
operationId: authenticators_duo_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Duo Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/email/:
get:
operationId: authenticators_email_list
description: Viewset for email authenticator devices
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedEmailDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/email/{id}/:
get:
operationId: authenticators_email_retrieve
description: Viewset for email authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Email Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EmailDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_email_update
description: Viewset for email authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Email Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EmailDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EmailDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_email_partial_update
description: Viewset for email authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Email Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedEmailDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EmailDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_email_destroy
description: Viewset for email authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Email Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/email/{id}/used_by/:
get:
operationId: authenticators_email_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Email Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/endpoint/:
get:
operationId: authenticators_endpoint_list
description: Viewset for Endpoint authenticator devices
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedEndpointDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/endpoint/{uuid}/:
get:
operationId: authenticators_endpoint_retrieve
description: Viewset for Endpoint authenticator devices
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Endpoint Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/endpoint/{uuid}/used_by/:
get:
operationId: authenticators_endpoint_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Endpoint Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/sms/:
get:
operationId: authenticators_sms_list
description: Viewset for sms authenticator devices
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSMSDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/sms/{id}/:
get:
operationId: authenticators_sms_retrieve
description: Viewset for sms authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SMS Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SMSDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_sms_update
description: Viewset for sms authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SMS Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SMSDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SMSDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_sms_partial_update
description: Viewset for sms authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SMS Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSMSDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SMSDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_sms_destroy
description: Viewset for sms authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SMS Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/sms/{id}/used_by/:
get:
operationId: authenticators_sms_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SMS Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/static/:
get:
operationId: authenticators_static_list
description: Viewset for static authenticator devices
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedStaticDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/static/{id}/:
get:
operationId: authenticators_static_retrieve
description: Viewset for static authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Static Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/StaticDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_static_update
description: Viewset for static authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Static Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/StaticDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/StaticDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_static_partial_update
description: Viewset for static authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Static Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedStaticDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/StaticDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_static_destroy
description: Viewset for static authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Static Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/static/{id}/used_by/:
get:
operationId: authenticators_static_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Static Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/totp/:
get:
operationId: authenticators_totp_list
description: Viewset for totp authenticator devices
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedTOTPDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/totp/{id}/:
get:
operationId: authenticators_totp_retrieve
description: Viewset for totp authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this TOTP Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TOTPDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_totp_update
description: Viewset for totp authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this TOTP Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TOTPDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TOTPDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_totp_partial_update
description: Viewset for totp authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this TOTP Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedTOTPDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TOTPDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_totp_destroy
description: Viewset for totp authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this TOTP Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/totp/{id}/used_by/:
get:
operationId: authenticators_totp_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this TOTP Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/webauthn/:
get:
operationId: authenticators_webauthn_list
description: Viewset for WebAuthn authenticator devices
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/webauthn/{id}/:
get:
operationId: authenticators_webauthn_retrieve
description: Viewset for WebAuthn authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this WebAuthn Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/WebAuthnDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: authenticators_webauthn_update
description: Viewset for WebAuthn authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this WebAuthn Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/WebAuthnDeviceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/WebAuthnDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: authenticators_webauthn_partial_update
description: Viewset for WebAuthn authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this WebAuthn Device.
required: true
tags:
- authenticators
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/WebAuthnDevice'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: authenticators_webauthn_destroy
description: Viewset for WebAuthn authenticator devices
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this WebAuthn Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/authenticators/webauthn/{id}/used_by/:
get:
operationId: authenticators_webauthn_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this WebAuthn Device.
required: true
tags:
- authenticators
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/application_entitlements/:
get:
operationId: core_application_entitlements_list
description: ApplicationEntitlement Viewset
parameters:
- in: query
name: app
schema:
type: string
format: uuid
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: pbm_uuid
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedApplicationEntitlementList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: core_application_entitlements_create
description: ApplicationEntitlement Viewset
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ApplicationEntitlementRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/ApplicationEntitlement'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/application_entitlements/{pbm_uuid}/:
get:
operationId: core_application_entitlements_retrieve
description: ApplicationEntitlement Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Application Entitlement.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ApplicationEntitlement'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: core_application_entitlements_update
description: ApplicationEntitlement Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Application Entitlement.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ApplicationEntitlementRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ApplicationEntitlement'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: core_application_entitlements_partial_update
description: ApplicationEntitlement Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Application Entitlement.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedApplicationEntitlementRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ApplicationEntitlement'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: core_application_entitlements_destroy
description: ApplicationEntitlement Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Application Entitlement.
required: true
tags:
- core
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/application_entitlements/{pbm_uuid}/used_by/:
get:
operationId: core_application_entitlements_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Application Entitlement.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/applications/:
get:
operationId: core_applications_list
description: Custom list method that checks Policy based access instead of guardian
parameters:
- in: query
name: for_user
schema:
type: integer
- in: query
name: group
schema:
type: string
- in: query
name: meta_description
schema:
type: string
- in: query
name: meta_launch_url
schema:
type: string
- in: query
name: meta_publisher
schema:
type: string
- in: query
name: name
schema:
type: string
- in: query
name: only_with_launch_url
schema:
type: boolean
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: slug
schema:
type: string
- in: query
name: superuser_full_list
schema:
type: boolean
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedApplicationList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: core_applications_create
description: Application Viewset
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ApplicationRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/applications/{slug}/:
get:
operationId: core_applications_retrieve
description: Application Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal application name, used in URLs.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: core_applications_update
description: Application Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal application name, used in URLs.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ApplicationRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: core_applications_partial_update
description: Application Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal application name, used in URLs.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedApplicationRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Application'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: core_applications_destroy
description: Application Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal application name, used in URLs.
required: true
tags:
- core
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/applications/{slug}/check_access/:
get:
operationId: core_applications_check_access_retrieve
description: Check access to a single application by slug
parameters:
- in: query
name: for_user
schema:
type: integer
- in: path
name: slug
schema:
type: string
description: Internal application name, used in URLs.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PolicyTestResult'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/applications/{slug}/metrics/:
get:
operationId: core_applications_metrics_list
description: Metrics for application logins
parameters:
- in: path
name: slug
schema:
type: string
description: Internal application name, used in URLs.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Coordinate'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/applications/{slug}/set_icon/:
post:
operationId: core_applications_set_icon_create
description: Set application icon
parameters:
- in: path
name: slug
schema:
type: string
description: Internal application name, used in URLs.
required: true
tags:
- core
requestBody:
content:
multipart/form-data:
schema:
$ref: '#/components/schemas/FileUploadRequest'
security:
- authentik: []
responses:
'200':
description: Success
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/applications/{slug}/set_icon_url/:
post:
operationId: core_applications_set_icon_url_create
description: Set application icon (as URL)
parameters:
- in: path
name: slug
schema:
type: string
description: Internal application name, used in URLs.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/FilePathRequest'
required: true
security:
- authentik: []
responses:
'200':
description: Success
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/applications/{slug}/used_by/:
get:
operationId: core_applications_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: slug
schema:
type: string
description: Internal application name, used in URLs.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/authenticated_sessions/:
get:
operationId: core_authenticated_sessions_list
description: AuthenticatedSession Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: session__last_ip
schema:
type: string
- in: query
name: session__last_user_agent
schema:
type: string
- in: query
name: user__username
schema:
type: string
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedAuthenticatedSessionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/authenticated_sessions/{uuid}/:
get:
operationId: core_authenticated_sessions_retrieve
description: AuthenticatedSession Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatedSession'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: core_authenticated_sessions_destroy
description: AuthenticatedSession Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
required: true
tags:
- core
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/authenticated_sessions/{uuid}/used_by/:
get:
operationId: core_authenticated_sessions_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/brands/:
get:
operationId: core_brands_list
description: Brand Viewset
parameters:
- in: query
name: brand_uuid
schema:
type: string
format: uuid
- in: query
name: branding_default_flow_background
schema:
type: string
- in: query
name: branding_favicon
schema:
type: string
- in: query
name: branding_logo
schema:
type: string
- in: query
name: branding_title
schema:
type: string
- in: query
name: client_certificates
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- in: query
name: default
schema:
type: boolean
- in: query
name: domain
schema:
type: string
- in: query
name: flow_authentication
schema:
type: string
format: uuid
- in: query
name: flow_device_code
schema:
type: string
format: uuid
- in: query
name: flow_invalidation
schema:
type: string
format: uuid
- in: query
name: flow_recovery
schema:
type: string
format: uuid
- in: query
name: flow_unenrollment
schema:
type: string
format: uuid
- in: query
name: flow_user_settings
schema:
type: string
format: uuid
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: web_certificate
schema:
type: string
format: uuid
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedBrandList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: core_brands_create
description: Brand Viewset
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/BrandRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Brand'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/brands/{brand_uuid}/:
get:
operationId: core_brands_retrieve
description: Brand Viewset
parameters:
- in: path
name: brand_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Brand.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Brand'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: core_brands_update
description: Brand Viewset
parameters:
- in: path
name: brand_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Brand.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/BrandRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Brand'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: core_brands_partial_update
description: Brand Viewset
parameters:
- in: path
name: brand_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Brand.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedBrandRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Brand'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: core_brands_destroy
description: Brand Viewset
parameters:
- in: path
name: brand_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Brand.
required: true
tags:
- core
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/brands/{brand_uuid}/used_by/:
get:
operationId: core_brands_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: brand_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Brand.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/brands/current/:
get:
operationId: core_brands_current_retrieve
description: Get current brand
tags:
- core
security:
- authentik: []
- {}
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/CurrentBrand'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/groups/:
get:
operationId: core_groups_list
description: Group Viewset
parameters:
- in: query
name: attributes
schema:
type: string
description: Attributes
- in: query
name: include_users
schema:
type: boolean
default: true
- in: query
name: is_superuser
schema:
type: boolean
- in: query
name: members_by_pk
schema:
type: array
items:
type: integer
explode: true
style: form
- in: query
name: members_by_username
schema:
type: array
items:
type: string
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
only.
explode: true
style: form
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGroupList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: core_groups_create
description: Group Viewset
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Group'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/groups/{group_uuid}/:
get:
operationId: core_groups_retrieve
description: Group Viewset
parameters:
- in: path
name: group_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Group.
required: true
- in: query
name: include_users
schema:
type: boolean
default: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Group'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: core_groups_update
description: Group Viewset
parameters:
- in: path
name: group_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Group.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Group'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: core_groups_partial_update
description: Group Viewset
parameters:
- in: path
name: group_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Group.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedGroupRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Group'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: core_groups_destroy
description: Group Viewset
parameters:
- in: path
name: group_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Group.
required: true
tags:
- core
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/groups/{group_uuid}/add_user/:
post:
operationId: core_groups_add_user_create
description: Add user to group
parameters:
- in: path
name: group_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Group.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserAccountRequest'
required: true
security:
- authentik: []
responses:
'204':
description: User added
'404':
description: User not found
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/groups/{group_uuid}/remove_user/:
post:
operationId: core_groups_remove_user_create
description: Add user to group
parameters:
- in: path
name: group_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Group.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserAccountRequest'
required: true
security:
- authentik: []
responses:
'204':
description: User added
'404':
description: User not found
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/groups/{group_uuid}/used_by/:
get:
operationId: core_groups_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: group_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Group.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/tokens/:
get:
operationId: core_tokens_list
description: Token Viewset
parameters:
- in: query
name: description
schema:
type: string
- in: query
name: expires
schema:
type: string
format: date-time
- in: query
name: expiring
schema:
type: boolean
- in: query
name: identifier
schema:
type: string
- in: query
name: intent
schema:
type: string
enum:
- api
- app_password
- recovery
- verification
- in: query
name: managed
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: user__username
schema:
type: string
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedTokenList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: core_tokens_create
description: Token Viewset
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TokenRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Token'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/tokens/{identifier}/:
get:
operationId: core_tokens_retrieve
description: Token Viewset
parameters:
- in: path
name: identifier
schema:
type: string
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Token'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: core_tokens_update
description: Token Viewset
parameters:
- in: path
name: identifier
schema:
type: string
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TokenRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Token'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: core_tokens_partial_update
description: Token Viewset
parameters:
- in: path
name: identifier
schema:
type: string
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedTokenRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Token'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: core_tokens_destroy
description: Token Viewset
parameters:
- in: path
name: identifier
schema:
type: string
required: true
tags:
- core
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/tokens/{identifier}/set_key/:
post:
operationId: core_tokens_set_key_create
description: |-
Set token key. Action is logged as event. `authentik_core.set_token_key` permission
is required.
parameters:
- in: path
name: identifier
schema:
type: string
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TokenSetKeyRequest'
required: true
security:
- authentik: []
responses:
'204':
description: Successfully changed key
'400':
description: Missing key
'404':
description: Token not found or expired
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/tokens/{identifier}/used_by/:
get:
operationId: core_tokens_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: identifier
schema:
type: string
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/tokens/{identifier}/view_key/:
get:
operationId: core_tokens_view_key_retrieve
description: Return token key and log access
parameters:
- in: path
name: identifier
schema:
type: string
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TokenView'
description: ''
'404':
description: Token not found or expired
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/transactional/applications/:
put:
operationId: core_transactional_applications_update
description: Convert data into a blueprint, validate it and apply it
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TransactionApplicationRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TransactionApplicationResponse'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/user_consent/:
get:
operationId: core_user_consent_list
description: UserConsent Viewset
parameters:
- in: query
name: application
schema:
type: string
format: uuid
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: user
schema:
type: integer
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserConsentList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/user_consent/{id}/:
get:
operationId: core_user_consent_retrieve
description: UserConsent Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Consent.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserConsent'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: core_user_consent_destroy
description: UserConsent Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Consent.
required: true
tags:
- core
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/user_consent/{id}/used_by/:
get:
operationId: core_user_consent_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Consent.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/:
get:
operationId: core_users_list
description: User Viewset
parameters:
- in: query
name: attributes
schema:
type: string
description: Attributes
- in: query
name: email
schema:
type: string
- in: query
name: groups_by_name
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: groups_by_pk
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- in: query
name: include_groups
schema:
type: boolean
default: true
- in: query
name: is_active
schema:
type: boolean
- in: query
name: is_superuser
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: path
schema:
type: string
- in: query
name: path_startswith
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: type
schema:
type: array
items:
type: string
enum:
- external
- internal
- internal_service_account
- service_account
explode: true
style: form
- in: query
name: username
schema:
type: string
- in: query
name: uuid
schema:
type: string
format: uuid
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: core_users_create
description: User Viewset
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/User'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/{id}/:
get:
operationId: core_users_retrieve
description: User Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/User'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: core_users_update
description: User Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/User'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: core_users_partial_update
description: User Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/User'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: core_users_destroy
description: User Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- core
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/{id}/impersonate/:
post:
operationId: core_users_impersonate_create
description: Impersonate a user
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ImpersonationRequest'
required: true
security:
- authentik: []
responses:
'204':
description: Successfully started impersonation
'401':
description: Access denied
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/{id}/metrics/:
get:
operationId: core_users_metrics_retrieve
description: User metrics per 1h
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserMetrics'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/{id}/recovery/:
post:
operationId: core_users_recovery_create
description: Create a temporary link that a user can use to recover their accounts
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Link'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/{id}/recovery_email/:
post:
operationId: core_users_recovery_email_create
description: Create a temporary link that a user can use to recover their accounts
parameters:
- in: query
name: email_stage
schema:
type: string
required: true
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- core
security:
- authentik: []
responses:
'204':
description: Successfully sent recover email
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/{id}/set_password/:
post:
operationId: core_users_set_password_create
description: Set password for user
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserPasswordSetRequest'
required: true
security:
- authentik: []
responses:
'204':
description: Successfully changed password
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/{id}/used_by/:
get:
operationId: core_users_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/impersonate_end/:
get:
operationId: core_users_impersonate_end_retrieve
description: End Impersonation a user
tags:
- core
security:
- authentik: []
responses:
'204':
description: Successfully started impersonation
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/me/:
get:
operationId: core_users_me_retrieve
description: Get information about current user
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SessionUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/paths/:
get:
operationId: core_users_paths_retrieve
description: Get all user paths
parameters:
- in: query
name: search
schema:
type: string
tags:
- core
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserPath'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/users/service_account/:
post:
operationId: core_users_service_account_create
description: Create a new user account that is marked as a service account
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserServiceAccountRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserServiceAccountResponse'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/crypto/certificatekeypairs/:
get:
operationId: crypto_certificatekeypairs_list
description: CertificateKeyPair Viewset
parameters:
- in: query
name: has_key
schema:
type: boolean
description: Only return certificate-key pairs with keys
- in: query
name: include_details
schema:
type: boolean
default: true
- in: query
name: managed
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- crypto
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedCertificateKeyPairList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: crypto_certificatekeypairs_create
description: CertificateKeyPair Viewset
tags:
- crypto
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CertificateKeyPairRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/CertificateKeyPair'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/crypto/certificatekeypairs/{kp_uuid}/:
get:
operationId: crypto_certificatekeypairs_retrieve
description: CertificateKeyPair Viewset
parameters:
- in: path
name: kp_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Certificate-Key Pair.
required: true
tags:
- crypto
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/CertificateKeyPair'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: crypto_certificatekeypairs_update
description: CertificateKeyPair Viewset
parameters:
- in: path
name: kp_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Certificate-Key Pair.
required: true
tags:
- crypto
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CertificateKeyPairRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/CertificateKeyPair'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: crypto_certificatekeypairs_partial_update
description: CertificateKeyPair Viewset
parameters:
- in: path
name: kp_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Certificate-Key Pair.
required: true
tags:
- crypto
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedCertificateKeyPairRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/CertificateKeyPair'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: crypto_certificatekeypairs_destroy
description: CertificateKeyPair Viewset
parameters:
- in: path
name: kp_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Certificate-Key Pair.
required: true
tags:
- crypto
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/crypto/certificatekeypairs/{kp_uuid}/used_by/:
get:
operationId: crypto_certificatekeypairs_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: kp_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Certificate-Key Pair.
required: true
tags:
- crypto
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/crypto/certificatekeypairs/{kp_uuid}/view_certificate/:
get:
operationId: crypto_certificatekeypairs_view_certificate_retrieve
description: Return certificate-key pairs certificate and log access
parameters:
- in: query
name: download
schema:
type: boolean
- in: path
name: kp_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Certificate-Key Pair.
required: true
tags:
- crypto
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/CertificateData'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/crypto/certificatekeypairs/{kp_uuid}/view_private_key/:
get:
operationId: crypto_certificatekeypairs_view_private_key_retrieve
description: Return certificate-key pairs private key and log access
parameters:
- in: query
name: download
schema:
type: boolean
- in: path
name: kp_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Certificate-Key Pair.
required: true
tags:
- crypto
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/CertificateData'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/crypto/certificatekeypairs/generate/:
post:
operationId: crypto_certificatekeypairs_generate_create
description: Generate a new, self-signed certificate-key pair
tags:
- crypto
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CertificateGenerationRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/CertificateKeyPair'
description: ''
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/enterprise/license/:
get:
operationId: enterprise_license_list
description: License Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- enterprise
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedLicenseList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: enterprise_license_create
description: License Viewset
tags:
- enterprise
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/LicenseRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/License'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/enterprise/license/{license_uuid}/:
get:
operationId: enterprise_license_retrieve
description: License Viewset
parameters:
- in: path
name: license_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this License.
required: true
tags:
- enterprise
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/License'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: enterprise_license_update
description: License Viewset
parameters:
- in: path
name: license_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this License.
required: true
tags:
- enterprise
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/LicenseRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/License'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: enterprise_license_partial_update
description: License Viewset
parameters:
- in: path
name: license_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this License.
required: true
tags:
- enterprise
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedLicenseRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/License'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: enterprise_license_destroy
description: License Viewset
parameters:
- in: path
name: license_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this License.
required: true
tags:
- enterprise
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/enterprise/license/{license_uuid}/used_by/:
get:
operationId: enterprise_license_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: license_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this License.
required: true
tags:
- enterprise
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/enterprise/license/forecast/:
get:
operationId: enterprise_license_forecast_retrieve
description: Forecast how many users will be required in a year
tags:
- enterprise
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LicenseForecast'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/enterprise/license/install_id/:
get:
operationId: enterprise_license_install_id_retrieve
description: Get install_id
tags:
- enterprise
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/InstallID'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/enterprise/license/summary/:
get:
operationId: enterprise_license_summary_retrieve
description: Get the total license status
parameters:
- in: query
name: cached
schema:
type: boolean
default: true
tags:
- enterprise
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LicenseSummary'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/events/:
get:
operationId: events_events_list
description: Event Read-Only Viewset
parameters:
- in: query
name: action
schema:
type: string
- in: query
name: brand_name
schema:
type: string
description: Brand name
- in: query
name: client_ip
schema:
type: string
- in: query
name: context_authorized_app
schema:
type: string
description: Context Authorized application
- in: query
name: context_model_app
schema:
type: string
description: Context Model App
- in: query
name: context_model_name
schema:
type: string
description: Context Model Name
- in: query
name: context_model_pk
schema:
type: string
description: Context Model Primary Key
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: username
schema:
type: string
description: Username
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedEventList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: events_events_create
description: Event Read-Only Viewset
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EventRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Event'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/events/{event_uuid}/:
get:
operationId: events_events_retrieve
description: Event Read-Only Viewset
parameters:
- in: path
name: event_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event.
required: true
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Event'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: events_events_update
description: Event Read-Only Viewset
parameters:
- in: path
name: event_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event.
required: true
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EventRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Event'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: events_events_partial_update
description: Event Read-Only Viewset
parameters:
- in: path
name: event_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event.
required: true
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedEventRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Event'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: events_events_destroy
description: Event Read-Only Viewset
parameters:
- in: path
name: event_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event.
required: true
tags:
- events
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/events/actions/:
get:
operationId: events_events_actions_list
description: Get all actions
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/TypeCreate'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/events/per_month/:
get:
operationId: events_events_per_month_list
description: Get the count of events per month
parameters:
- in: query
name: action
schema:
type: string
- in: query
name: query
schema:
type: string
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Coordinate'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/events/top_per_user/:
get:
operationId: events_events_top_per_user_list
description: Get the top_n events grouped by user count
parameters:
- in: query
name: action
schema:
type: string
- in: query
name: top_n
schema:
type: integer
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/EventTopPerUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/events/volume/:
get:
operationId: events_events_volume_list
description: Get event volume for specified filters and timeframe
parameters:
- in: query
name: action
schema:
type: string
- in: query
name: brand_name
schema:
type: string
description: Brand name
- in: query
name: client_ip
schema:
type: string
- in: query
name: context_authorized_app
schema:
type: string
description: Context Authorized application
- in: query
name: context_model_app
schema:
type: string
description: Context Model App
- in: query
name: context_model_name
schema:
type: string
description: Context Model Name
- in: query
name: context_model_pk
schema:
type: string
description: Context Model Primary Key
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: username
schema:
type: string
description: Username
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Coordinate'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/notifications/:
get:
operationId: events_notifications_list
description: Notification Viewset
parameters:
- in: query
name: body
schema:
type: string
- in: query
name: created
schema:
type: string
format: date-time
- in: query
name: event
schema:
type: string
format: uuid
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: seen
schema:
type: boolean
- in: query
name: severity
schema:
type: string
enum:
- alert
- notice
- warning
- in: query
name: user
schema:
type: integer
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedNotificationList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/notifications/{uuid}/:
get:
operationId: events_notifications_retrieve
description: Notification Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification.
required: true
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Notification'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: events_notifications_update
description: Notification Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification.
required: true
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Notification'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: events_notifications_partial_update
description: Notification Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification.
required: true
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedNotificationRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Notification'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: events_notifications_destroy
description: Notification Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification.
required: true
tags:
- events
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/notifications/{uuid}/used_by/:
get:
operationId: events_notifications_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification.
required: true
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/notifications/mark_all_seen/:
post:
operationId: events_notifications_mark_all_seen_create
description: Mark all the user's notifications as seen
tags:
- events
security:
- authentik: []
responses:
'204':
description: Marked tasks as read successfully.
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/rules/:
get:
operationId: events_rules_list
description: NotificationRule Viewset
parameters:
- in: query
name: group__name
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: severity
schema:
type: string
enum:
- alert
- notice
- warning
description: |+
Controls which severity level the created notifications will have.
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedNotificationRuleList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: events_rules_create
description: NotificationRule Viewset
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationRuleRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationRule'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/rules/{pbm_uuid}/:
get:
operationId: events_rules_retrieve
description: NotificationRule Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification Rule.
required: true
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationRule'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: events_rules_update
description: NotificationRule Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification Rule.
required: true
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationRuleRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationRule'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: events_rules_partial_update
description: NotificationRule Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification Rule.
required: true
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedNotificationRuleRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationRule'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: events_rules_destroy
description: NotificationRule Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification Rule.
required: true
tags:
- events
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/rules/{pbm_uuid}/used_by/:
get:
operationId: events_rules_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification Rule.
required: true
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/system_tasks/:
get:
operationId: events_system_tasks_list
description: Read-only view set that returns all background tasks
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: status
schema:
type: string
enum:
- error
- successful
- unknown
- warning
- in: query
name: uid
schema:
type: string
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSystemTaskList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/system_tasks/{uuid}/:
get:
operationId: events_system_tasks_retrieve
description: Read-only view set that returns all background tasks
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this System Task.
required: true
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SystemTask'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/system_tasks/{uuid}/run/:
post:
operationId: events_system_tasks_run_create
description: Run task
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this System Task.
required: true
tags:
- events
security:
- authentik: []
responses:
'204':
description: Task retried successfully
'404':
description: Task not found
'500':
description: Failed to retry task
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/transports/:
get:
operationId: events_transports_list
description: NotificationTransport Viewset
parameters:
- in: query
name: mode
schema:
type: string
enum:
- email
- local
- webhook
- webhook_slack
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: send_once
schema:
type: boolean
- in: query
name: webhook_url
schema:
type: string
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedNotificationTransportList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: events_transports_create
description: NotificationTransport Viewset
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationTransportRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationTransport'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/transports/{uuid}/:
get:
operationId: events_transports_retrieve
description: NotificationTransport Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification Transport.
required: true
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationTransport'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: events_transports_update
description: NotificationTransport Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification Transport.
required: true
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationTransportRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationTransport'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: events_transports_partial_update
description: NotificationTransport Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification Transport.
required: true
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedNotificationTransportRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationTransport'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: events_transports_destroy
description: NotificationTransport Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification Transport.
required: true
tags:
- events
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/transports/{uuid}/test/:
post:
operationId: events_transports_test_create
description: |-
Send example notification using selected transport. Requires
Modify permissions.
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification Transport.
required: true
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationTransportTest'
description: ''
'500':
description: Failed to test transport
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/events/transports/{uuid}/used_by/:
get:
operationId: events_transports_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Notification Transport.
required: true
tags:
- events
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/bindings/:
get:
operationId: flows_bindings_list
description: FlowStageBinding Viewset
parameters:
- in: query
name: evaluate_on_plan
schema:
type: boolean
- in: query
name: fsb_uuid
schema:
type: string
format: uuid
- in: query
name: invalid_response_action
schema:
type: string
enum:
- restart
- restart_with_context
- retry
description: |+
Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
- in: query
name: order
schema:
type: integer
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: pbm_uuid
schema:
type: string
format: uuid
- in: query
name: policies
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- in: query
name: policy_engine_mode
schema:
type: string
enum:
- all
- any
- in: query
name: re_evaluate_policies
schema:
type: boolean
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage
schema:
type: string
format: uuid
- in: query
name: target
schema:
type: string
format: uuid
tags:
- flows
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedFlowStageBindingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: flows_bindings_create
description: FlowStageBinding Viewset
tags:
- flows
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/FlowStageBindingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/FlowStageBinding'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/bindings/{fsb_uuid}/:
get:
operationId: flows_bindings_retrieve
description: FlowStageBinding Viewset
parameters:
- in: path
name: fsb_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Flow Stage Binding.
required: true
tags:
- flows
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/FlowStageBinding'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: flows_bindings_update
description: FlowStageBinding Viewset
parameters:
- in: path
name: fsb_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Flow Stage Binding.
required: true
tags:
- flows
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/FlowStageBindingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/FlowStageBinding'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: flows_bindings_partial_update
description: FlowStageBinding Viewset
parameters:
- in: path
name: fsb_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Flow Stage Binding.
required: true
tags:
- flows
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedFlowStageBindingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/FlowStageBinding'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: flows_bindings_destroy
description: FlowStageBinding Viewset
parameters:
- in: path
name: fsb_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Flow Stage Binding.
required: true
tags:
- flows
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/bindings/{fsb_uuid}/used_by/:
get:
operationId: flows_bindings_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: fsb_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Flow Stage Binding.
required: true
tags:
- flows
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/executor/{flow_slug}/:
get:
operationId: flows_executor_get
description: Get the next pending challenge from the currently active flow.
parameters:
- in: path
name: flow_slug
schema:
type: string
required: true
- in: query
name: query
schema:
type: string
description: Querystring as received
required: true
tags:
- flows
security:
- authentik: []
- {}
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ChallengeTypes'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: flows_executor_solve
description: Solve the previously retrieved challenge and advanced to the next
stage.
parameters:
- in: path
name: flow_slug
schema:
type: string
required: true
- in: query
name: query
schema:
type: string
description: Querystring as received
required: true
tags:
- flows
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/FlowChallengeResponseRequest'
security:
- authentik: []
- {}
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ChallengeTypes'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/inspector/{flow_slug}/:
get:
operationId: flows_inspector_get
description: Get current flow state and record it
parameters:
- in: path
name: flow_slug
schema:
type: string
required: true
tags:
- flows
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/FlowInspection'
description: ''
'400':
description: No flow plan in session.
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/instances/:
get:
operationId: flows_instances_list
description: Flow Viewset
parameters:
- in: query
name: denied_action
schema:
type: string
enum:
- continue
- message
- message_continue
description: |+
Configure what should happen when a flow denies access to a user.
- in: query
name: designation
schema:
type: string
enum:
- authentication
- authorization
- enrollment
- invalidation
- recovery
- stage_configuration
- unenrollment
description: |+
Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
- in: query
name: flow_uuid
schema:
type: string
format: uuid
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: slug
schema:
type: string
tags:
- flows
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedFlowList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: flows_instances_create
description: Flow Viewset
tags:
- flows
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/FlowRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Flow'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/instances/{slug}/:
get:
operationId: flows_instances_retrieve
description: Flow Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Visible in the URL.
required: true
tags:
- flows
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Flow'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: flows_instances_update
description: Flow Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Visible in the URL.
required: true
tags:
- flows
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/FlowRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Flow'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: flows_instances_partial_update
description: Flow Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Visible in the URL.
required: true
tags:
- flows
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedFlowRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Flow'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: flows_instances_destroy
description: Flow Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Visible in the URL.
required: true
tags:
- flows
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/instances/{slug}/diagram/:
get:
operationId: flows_instances_diagram_retrieve
description: Return diagram for flow with slug `slug`, in the format used by
flowchart.js
parameters:
- in: path
name: slug
schema:
type: string
description: Visible in the URL.
required: true
tags:
- flows
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/FlowDiagram'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/instances/{slug}/execute/:
get:
operationId: flows_instances_execute_retrieve
description: Execute flow for current user
parameters:
- in: path
name: slug
schema:
type: string
description: Visible in the URL.
required: true
tags:
- flows
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Link'
description: ''
'400':
description: Flow not applicable
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/instances/{slug}/export/:
get:
operationId: flows_instances_export_retrieve
description: Export flow to .yaml file
parameters:
- in: path
name: slug
schema:
type: string
description: Visible in the URL.
required: true
tags:
- flows
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: string
format: binary
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/instances/{slug}/set_background/:
post:
operationId: flows_instances_set_background_create
description: Set Flow background
parameters:
- in: path
name: slug
schema:
type: string
description: Visible in the URL.
required: true
tags:
- flows
requestBody:
content:
multipart/form-data:
schema:
$ref: '#/components/schemas/FileUploadRequest'
security:
- authentik: []
responses:
'200':
description: Success
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/instances/{slug}/set_background_url/:
post:
operationId: flows_instances_set_background_url_create
description: Set Flow background (as URL)
parameters:
- in: path
name: slug
schema:
type: string
description: Visible in the URL.
required: true
tags:
- flows
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/FilePathRequest'
required: true
security:
- authentik: []
responses:
'200':
description: Success
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/instances/{slug}/used_by/:
get:
operationId: flows_instances_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: slug
schema:
type: string
description: Visible in the URL.
required: true
tags:
- flows
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/instances/cache_clear/:
post:
operationId: flows_instances_cache_clear_create
description: Clear flow cache
tags:
- flows
security:
- authentik: []
responses:
'204':
description: Successfully cleared cache
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/instances/cache_info/:
get:
operationId: flows_instances_cache_info_retrieve
description: Info about cached flows
tags:
- flows
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Cache'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/flows/instances/import/:
post:
operationId: flows_instances_import_create
description: Import flow from .yaml file
tags:
- flows
requestBody:
content:
multipart/form-data:
schema:
$ref: '#/components/schemas/FileUploadRequest'
security:
- authentik: []
responses:
'204':
content:
application/json:
schema:
$ref: '#/components/schemas/FlowImportResult'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/FlowImportResult'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/managed/blueprints/:
get:
operationId: managed_blueprints_list
description: Blueprint instances
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: path
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- managed
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedBlueprintInstanceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: managed_blueprints_create
description: Blueprint instances
tags:
- managed
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/BlueprintInstanceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/BlueprintInstance'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/managed/blueprints/{instance_uuid}/:
get:
operationId: managed_blueprints_retrieve
description: Blueprint instances
parameters:
- in: path
name: instance_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Blueprint Instance.
required: true
tags:
- managed
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/BlueprintInstance'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: managed_blueprints_update
description: Blueprint instances
parameters:
- in: path
name: instance_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Blueprint Instance.
required: true
tags:
- managed
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/BlueprintInstanceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/BlueprintInstance'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: managed_blueprints_partial_update
description: Blueprint instances
parameters:
- in: path
name: instance_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Blueprint Instance.
required: true
tags:
- managed
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedBlueprintInstanceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/BlueprintInstance'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: managed_blueprints_destroy
description: Blueprint instances
parameters:
- in: path
name: instance_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Blueprint Instance.
required: true
tags:
- managed
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/managed/blueprints/{instance_uuid}/apply/:
post:
operationId: managed_blueprints_apply_create
description: Apply a blueprint
parameters:
- in: path
name: instance_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Blueprint Instance.
required: true
tags:
- managed
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/BlueprintInstance'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/managed/blueprints/{instance_uuid}/used_by/:
get:
operationId: managed_blueprints_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: instance_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Blueprint Instance.
required: true
tags:
- managed
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/managed/blueprints/available/:
get:
operationId: managed_blueprints_available_list
description: Get blueprints
tags:
- managed
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/BlueprintFile'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/oauth2/access_tokens/:
get:
operationId: oauth2_access_tokens_list
description: AccessToken Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: user
schema:
type: integer
tags:
- oauth2
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedTokenModelList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/oauth2/access_tokens/{id}/:
get:
operationId: oauth2_access_tokens_retrieve
description: AccessToken Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2 Access Token.
required: true
tags:
- oauth2
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TokenModel'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: oauth2_access_tokens_destroy
description: AccessToken Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2 Access Token.
required: true
tags:
- oauth2
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/oauth2/access_tokens/{id}/used_by/:
get:
operationId: oauth2_access_tokens_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2 Access Token.
required: true
tags:
- oauth2
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/oauth2/authorization_codes/:
get:
operationId: oauth2_authorization_codes_list
description: AuthorizationCode Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: user
schema:
type: integer
tags:
- oauth2
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/oauth2/authorization_codes/{id}/:
get:
operationId: oauth2_authorization_codes_retrieve
description: AuthorizationCode Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Authorization Code.
required: true
tags:
- oauth2
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ExpiringBaseGrantModel'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: oauth2_authorization_codes_destroy
description: AuthorizationCode Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Authorization Code.
required: true
tags:
- oauth2
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/oauth2/authorization_codes/{id}/used_by/:
get:
operationId: oauth2_authorization_codes_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Authorization Code.
required: true
tags:
- oauth2
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/oauth2/refresh_tokens/:
get:
operationId: oauth2_refresh_tokens_list
description: RefreshToken Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: user
schema:
type: integer
tags:
- oauth2
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedTokenModelList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/oauth2/refresh_tokens/{id}/:
get:
operationId: oauth2_refresh_tokens_retrieve
description: RefreshToken Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2 Refresh Token.
required: true
tags:
- oauth2
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TokenModel'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: oauth2_refresh_tokens_destroy
description: RefreshToken Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2 Refresh Token.
required: true
tags:
- oauth2
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/oauth2/refresh_tokens/{id}/used_by/:
get:
operationId: oauth2_refresh_tokens_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2 Refresh Token.
required: true
tags:
- oauth2
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/instances/:
get:
operationId: outposts_instances_list
description: Outpost Viewset
parameters:
- in: query
name: managed__icontains
schema:
type: string
- in: query
name: managed__iexact
schema:
type: string
- in: query
name: name__icontains
schema:
type: string
- in: query
name: name__iexact
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: providers__isnull
schema:
type: boolean
- in: query
name: providers_by_pk
schema:
type: array
items:
type: integer
explode: true
style: form
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: service_connection__name__icontains
schema:
type: string
- in: query
name: service_connection__name__iexact
schema:
type: string
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedOutpostList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: outposts_instances_create
description: Outpost Viewset
tags:
- outposts
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/OutpostRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Outpost'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/instances/{uuid}/:
get:
operationId: outposts_instances_retrieve
description: Outpost Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Outpost.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Outpost'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: outposts_instances_update
description: Outpost Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Outpost.
required: true
tags:
- outposts
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/OutpostRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Outpost'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: outposts_instances_partial_update
description: Outpost Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Outpost.
required: true
tags:
- outposts
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedOutpostRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Outpost'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: outposts_instances_destroy
description: Outpost Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Outpost.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/instances/{uuid}/health/:
get:
operationId: outposts_instances_health_list
description: Get outposts current health
parameters:
- in: query
name: managed__icontains
schema:
type: string
- in: query
name: managed__iexact
schema:
type: string
- in: query
name: name__icontains
schema:
type: string
- in: query
name: name__iexact
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- in: query
name: providers__isnull
schema:
type: boolean
- in: query
name: providers_by_pk
schema:
type: array
items:
type: integer
explode: true
style: form
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: service_connection__name__icontains
schema:
type: string
- in: query
name: service_connection__name__iexact
schema:
type: string
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Outpost.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/OutpostHealth'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/instances/{uuid}/used_by/:
get:
operationId: outposts_instances_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Outpost.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/instances/default_settings/:
get:
operationId: outposts_instances_default_settings_retrieve
description: Global default outpost config
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/OutpostDefaultConfig'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/ldap/:
get:
operationId: outposts_ldap_list
description: LDAPProvider Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedLDAPOutpostConfigList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/ldap/{id}/check_access/:
get:
operationId: outposts_ldap_access_check
description: Check access to a single application by slug
parameters:
- in: query
name: app_slug
schema:
type: string
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this LDAP Provider.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPCheckAccess'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/proxy/:
get:
operationId: outposts_proxy_list
description: ProxyProvider Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedProxyOutpostConfigList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/radius/:
get:
operationId: outposts_radius_list
description: RadiusProvider Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedRadiusOutpostConfigList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/radius/{id}/check_access/:
get:
operationId: outposts_radius_access_check
description: Check access to a single application by slug
parameters:
- in: query
name: app_slug
schema:
type: string
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Radius Provider.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusCheckAccess'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/service_connections/all/:
get:
operationId: outposts_service_connections_all_list
description: ServiceConnection Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedServiceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/service_connections/all/{uuid}/:
get:
operationId: outposts_service_connections_all_retrieve
description: ServiceConnection Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Outpost Service-Connection.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ServiceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: outposts_service_connections_all_destroy
description: ServiceConnection Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Outpost Service-Connection.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/service_connections/all/{uuid}/state/:
get:
operationId: outposts_service_connections_all_state_retrieve
description: Get the service connection's state
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Outpost Service-Connection.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ServiceConnectionState'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/service_connections/all/{uuid}/used_by/:
get:
operationId: outposts_service_connections_all_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Outpost Service-Connection.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/service_connections/all/types/:
get:
operationId: outposts_service_connections_all_types_list
description: Get all creatable types
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/TypeCreate'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/service_connections/docker/:
get:
operationId: outposts_service_connections_docker_list
description: DockerServiceConnection Viewset
parameters:
- in: query
name: local
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: tls_authentication
schema:
type: string
format: uuid
- in: query
name: tls_verification
schema:
type: string
format: uuid
- in: query
name: url
schema:
type: string
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedDockerServiceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: outposts_service_connections_docker_create
description: DockerServiceConnection Viewset
tags:
- outposts
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DockerServiceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/DockerServiceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/service_connections/docker/{uuid}/:
get:
operationId: outposts_service_connections_docker_retrieve
description: DockerServiceConnection Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Docker Service-Connection.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DockerServiceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: outposts_service_connections_docker_update
description: DockerServiceConnection Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Docker Service-Connection.
required: true
tags:
- outposts
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DockerServiceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DockerServiceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: outposts_service_connections_docker_partial_update
description: DockerServiceConnection Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Docker Service-Connection.
required: true
tags:
- outposts
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedDockerServiceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DockerServiceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: outposts_service_connections_docker_destroy
description: DockerServiceConnection Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Docker Service-Connection.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/service_connections/docker/{uuid}/used_by/:
get:
operationId: outposts_service_connections_docker_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Docker Service-Connection.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/service_connections/kubernetes/:
get:
operationId: outposts_service_connections_kubernetes_list
description: KubernetesServiceConnection Viewset
parameters:
- in: query
name: local
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedKubernetesServiceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: outposts_service_connections_kubernetes_create
description: KubernetesServiceConnection Viewset
tags:
- outposts
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/KubernetesServiceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/KubernetesServiceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/service_connections/kubernetes/{uuid}/:
get:
operationId: outposts_service_connections_kubernetes_retrieve
description: KubernetesServiceConnection Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Kubernetes Service-Connection.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/KubernetesServiceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: outposts_service_connections_kubernetes_update
description: KubernetesServiceConnection Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Kubernetes Service-Connection.
required: true
tags:
- outposts
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/KubernetesServiceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/KubernetesServiceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: outposts_service_connections_kubernetes_partial_update
description: KubernetesServiceConnection Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Kubernetes Service-Connection.
required: true
tags:
- outposts
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/KubernetesServiceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: outposts_service_connections_kubernetes_destroy
description: KubernetesServiceConnection Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Kubernetes Service-Connection.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/outposts/service_connections/kubernetes/{uuid}/used_by/:
get:
operationId: outposts_service_connections_kubernetes_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Kubernetes Service-Connection.
required: true
tags:
- outposts
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/all/:
get:
operationId: policies_all_list
description: Policy Viewset
parameters:
- in: query
name: bindings__isnull
schema:
type: boolean
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: promptstage__isnull
schema:
type: boolean
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedPolicyList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/all/{policy_uuid}/:
get:
operationId: policies_all_retrieve
description: Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Policy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: policies_all_destroy
description: Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/all/{policy_uuid}/test/:
post:
operationId: policies_all_test_create
description: Test policy
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PolicyTestRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PolicyTestResult'
description: ''
'400':
description: Invalid parameters
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/all/{policy_uuid}/used_by/:
get:
operationId: policies_all_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/all/cache_clear/:
post:
operationId: policies_all_cache_clear_create
description: Clear policy cache
tags:
- policies
security:
- authentik: []
responses:
'204':
description: Successfully cleared cache
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/all/cache_info/:
get:
operationId: policies_all_cache_info_retrieve
description: Info about cached policies
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Cache'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/all/types/:
get:
operationId: policies_all_types_list
description: Get all creatable types
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/TypeCreate'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/bindings/:
get:
operationId: policies_bindings_list
description: PolicyBinding Viewset
parameters:
- in: query
name: enabled
schema:
type: boolean
- in: query
name: order
schema:
type: integer
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: policy
schema:
type: string
format: uuid
- in: query
name: policy__isnull
schema:
type: boolean
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: target
schema:
type: string
format: uuid
- in: query
name: target_in
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- in: query
name: timeout
schema:
type: integer
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedPolicyBindingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: policies_bindings_create
description: PolicyBinding Viewset
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PolicyBindingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/PolicyBinding'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/bindings/{policy_binding_uuid}/:
get:
operationId: policies_bindings_retrieve
description: PolicyBinding Viewset
parameters:
- in: path
name: policy_binding_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Policy Binding.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PolicyBinding'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: policies_bindings_update
description: PolicyBinding Viewset
parameters:
- in: path
name: policy_binding_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Policy Binding.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PolicyBindingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PolicyBinding'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: policies_bindings_partial_update
description: PolicyBinding Viewset
parameters:
- in: path
name: policy_binding_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Policy Binding.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedPolicyBindingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PolicyBinding'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: policies_bindings_destroy
description: PolicyBinding Viewset
parameters:
- in: path
name: policy_binding_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Policy Binding.
required: true
tags:
- policies
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/bindings/{policy_binding_uuid}/used_by/:
get:
operationId: policies_bindings_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: policy_binding_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Policy Binding.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/dummy/:
get:
operationId: policies_dummy_list
description: Dummy Viewset
parameters:
- in: query
name: created
schema:
type: string
format: date-time
- in: query
name: execution_logging
schema:
type: boolean
- in: query
name: last_updated
schema:
type: string
format: date-time
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: policy_uuid
schema:
type: string
format: uuid
- in: query
name: result
schema:
type: boolean
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: wait_max
schema:
type: integer
- in: query
name: wait_min
schema:
type: integer
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedDummyPolicyList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: policies_dummy_create
description: Dummy Viewset
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DummyPolicyRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/DummyPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/dummy/{policy_uuid}/:
get:
operationId: policies_dummy_retrieve
description: Dummy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Dummy Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DummyPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: policies_dummy_update
description: Dummy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Dummy Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DummyPolicyRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DummyPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: policies_dummy_partial_update
description: Dummy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Dummy Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedDummyPolicyRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DummyPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: policies_dummy_destroy
description: Dummy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Dummy Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/dummy/{policy_uuid}/used_by/:
get:
operationId: policies_dummy_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Dummy Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/event_matcher/:
get:
operationId: policies_event_matcher_list
description: Event Matcher Policy Viewset
parameters:
- in: query
name: action
schema:
type: string
nullable: true
enum:
- authorize_application
- configuration_error
- custom_
- email_sent
- flow_execution
- impersonation_ended
- impersonation_started
- invitation_used
- login
- login_failed
- logout
- model_created
- model_deleted
- model_updated
- password_set
- policy_exception
- policy_execution
- property_mapping_exception
- secret_rotate
- secret_view
- source_linked
- suspicious_request
- system_exception
- system_task_exception
- system_task_execution
- update_available
- user_write
description: |+
Match created events with this action type. When left empty, all action types will be matched.
- in: query
name: app
schema:
type: string
- in: query
name: client_ip
schema:
type: string
- in: query
name: created
schema:
type: string
format: date-time
- in: query
name: execution_logging
schema:
type: boolean
- in: query
name: last_updated
schema:
type: string
format: date-time
- in: query
name: model
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: policy_uuid
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedEventMatcherPolicyList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: policies_event_matcher_create
description: Event Matcher Policy Viewset
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EventMatcherPolicyRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/EventMatcherPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/event_matcher/{policy_uuid}/:
get:
operationId: policies_event_matcher_retrieve
description: Event Matcher Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event Matcher Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EventMatcherPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: policies_event_matcher_update
description: Event Matcher Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event Matcher Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EventMatcherPolicyRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EventMatcherPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: policies_event_matcher_partial_update
description: Event Matcher Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event Matcher Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedEventMatcherPolicyRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EventMatcherPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: policies_event_matcher_destroy
description: Event Matcher Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event Matcher Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/event_matcher/{policy_uuid}/used_by/:
get:
operationId: policies_event_matcher_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event Matcher Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/expression/:
get:
operationId: policies_expression_list
description: Source Viewset
parameters:
- in: query
name: created
schema:
type: string
format: date-time
- in: query
name: execution_logging
schema:
type: boolean
- in: query
name: expression
schema:
type: string
- in: query
name: last_updated
schema:
type: string
format: date-time
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: policy_uuid
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedExpressionPolicyList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: policies_expression_create
description: Source Viewset
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ExpressionPolicyRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/ExpressionPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/expression/{policy_uuid}/:
get:
operationId: policies_expression_retrieve
description: Source Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Expression Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ExpressionPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: policies_expression_update
description: Source Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Expression Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ExpressionPolicyRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ExpressionPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: policies_expression_partial_update
description: Source Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Expression Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedExpressionPolicyRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ExpressionPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: policies_expression_destroy
description: Source Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Expression Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/expression/{policy_uuid}/used_by/:
get:
operationId: policies_expression_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Expression Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/geoip/:
get:
operationId: policies_geoip_list
description: GeoIP Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGeoIPPolicyList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: policies_geoip_create
description: GeoIP Viewset
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GeoIPPolicyRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/GeoIPPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/geoip/{policy_uuid}/:
get:
operationId: policies_geoip_retrieve
description: GeoIP Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this GeoIP Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GeoIPPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: policies_geoip_update
description: GeoIP Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this GeoIP Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GeoIPPolicyRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GeoIPPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: policies_geoip_partial_update
description: GeoIP Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this GeoIP Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedGeoIPPolicyRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GeoIPPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: policies_geoip_destroy
description: GeoIP Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this GeoIP Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/geoip/{policy_uuid}/used_by/:
get:
operationId: policies_geoip_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this GeoIP Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/geoip_iso3166/:
get:
operationId: policies_geoip_iso3166_list
description: Get all countries in ISO-3166-1
tags:
- policies
security:
- authentik: []
- {}
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/DetailedCountry'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/password/:
get:
operationId: policies_password_list
description: Password Policy Viewset
parameters:
- in: query
name: amount_digits
schema:
type: integer
- in: query
name: amount_lowercase
schema:
type: integer
- in: query
name: amount_symbols
schema:
type: integer
- in: query
name: amount_uppercase
schema:
type: integer
- in: query
name: check_have_i_been_pwned
schema:
type: boolean
- in: query
name: check_static_rules
schema:
type: boolean
- in: query
name: check_zxcvbn
schema:
type: boolean
- in: query
name: created
schema:
type: string
format: date-time
- in: query
name: error_message
schema:
type: string
- in: query
name: execution_logging
schema:
type: boolean
- in: query
name: hibp_allowed_count
schema:
type: integer
- in: query
name: last_updated
schema:
type: string
format: date-time
- in: query
name: length_min
schema:
type: integer
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: password_field
schema:
type: string
- in: query
name: policy_uuid
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: symbol_charset
schema:
type: string
- in: query
name: zxcvbn_score_threshold
schema:
type: integer
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedPasswordPolicyList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: policies_password_create
description: Password Policy Viewset
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordPolicyRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/password/{policy_uuid}/:
get:
operationId: policies_password_retrieve
description: Password Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: policies_password_update
description: Password Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordPolicyRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: policies_password_partial_update
description: Password Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedPasswordPolicyRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: policies_password_destroy
description: Password Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/password/{policy_uuid}/used_by/:
get:
operationId: policies_password_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/password_expiry/:
get:
operationId: policies_password_expiry_list
description: Password Expiry Viewset
parameters:
- in: query
name: created
schema:
type: string
format: date-time
- in: query
name: days
schema:
type: integer
- in: query
name: deny_only
schema:
type: boolean
- in: query
name: execution_logging
schema:
type: boolean
- in: query
name: last_updated
schema:
type: string
format: date-time
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: policy_uuid
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedPasswordExpiryPolicyList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: policies_password_expiry_create
description: Password Expiry Viewset
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordExpiryPolicyRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordExpiryPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/password_expiry/{policy_uuid}/:
get:
operationId: policies_password_expiry_retrieve
description: Password Expiry Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Expiry Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordExpiryPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: policies_password_expiry_update
description: Password Expiry Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Expiry Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordExpiryPolicyRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordExpiryPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: policies_password_expiry_partial_update
description: Password Expiry Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Expiry Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordExpiryPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: policies_password_expiry_destroy
description: Password Expiry Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Expiry Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/password_expiry/{policy_uuid}/used_by/:
get:
operationId: policies_password_expiry_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Expiry Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/reputation/:
get:
operationId: policies_reputation_list
description: Reputation Policy Viewset
parameters:
- in: query
name: check_ip
schema:
type: boolean
- in: query
name: check_username
schema:
type: boolean
- in: query
name: created
schema:
type: string
format: date-time
- in: query
name: execution_logging
schema:
type: boolean
- in: query
name: last_updated
schema:
type: string
format: date-time
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: policy_uuid
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: threshold
schema:
type: integer
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedReputationPolicyList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: policies_reputation_create
description: Reputation Policy Viewset
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ReputationPolicyRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/ReputationPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/reputation/{policy_uuid}/:
get:
operationId: policies_reputation_retrieve
description: Reputation Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Reputation Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ReputationPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: policies_reputation_update
description: Reputation Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Reputation Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ReputationPolicyRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ReputationPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: policies_reputation_partial_update
description: Reputation Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Reputation Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedReputationPolicyRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ReputationPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: policies_reputation_destroy
description: Reputation Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Reputation Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/reputation/{policy_uuid}/used_by/:
get:
operationId: policies_reputation_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Reputation Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/reputation/scores/:
get:
operationId: policies_reputation_scores_list
description: Reputation Viewset
parameters:
- in: query
name: identifier
schema:
type: string
- in: query
name: identifier_in
schema:
type: array
items:
type: string
description: Multiple values may be separated by commas.
explode: false
style: form
- in: query
name: ip
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: score
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedReputationList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/reputation/scores/{reputation_uuid}/:
get:
operationId: policies_reputation_scores_retrieve
description: Reputation Viewset
parameters:
- in: path
name: reputation_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Reputation Score.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Reputation'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: policies_reputation_scores_destroy
description: Reputation Viewset
parameters:
- in: path
name: reputation_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Reputation Score.
required: true
tags:
- policies
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/reputation/scores/{reputation_uuid}/used_by/:
get:
operationId: policies_reputation_scores_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: reputation_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Reputation Score.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/unique_password/:
get:
operationId: policies_unique_password_list
description: Password Uniqueness Policy Viewset
parameters:
- in: query
name: created
schema:
type: string
format: date-time
- in: query
name: execution_logging
schema:
type: boolean
- in: query
name: last_updated
schema:
type: string
format: date-time
- in: query
name: name
schema:
type: string
- in: query
name: num_historical_passwords
schema:
type: integer
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: password_field
schema:
type: string
- in: query
name: policy_uuid
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUniquePasswordPolicyList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: policies_unique_password_create
description: Password Uniqueness Policy Viewset
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UniquePasswordPolicyRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/UniquePasswordPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/unique_password/{policy_uuid}/:
get:
operationId: policies_unique_password_retrieve
description: Password Uniqueness Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Uniqueness Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UniquePasswordPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: policies_unique_password_update
description: Password Uniqueness Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Uniqueness Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UniquePasswordPolicyRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UniquePasswordPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: policies_unique_password_partial_update
description: Password Uniqueness Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Uniqueness Policy.
required: true
tags:
- policies
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUniquePasswordPolicyRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UniquePasswordPolicy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: policies_unique_password_destroy
description: Password Uniqueness Policy Viewset
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Uniqueness Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/policies/unique_password/{policy_uuid}/used_by/:
get:
operationId: policies_unique_password_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: policy_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Uniqueness Policy.
required: true
tags:
- policies
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/all/:
get:
operationId: propertymappings_all_list
description: PropertyMapping Viewset
parameters:
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: managed__isnull
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedPropertyMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/all/{pm_uuid}/:
get:
operationId: propertymappings_all_retrieve
description: PropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_all_destroy
description: PropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/all/{pm_uuid}/test/:
post:
operationId: propertymappings_all_test_create
description: Test Property Mapping
parameters:
- in: query
name: format_result
schema:
type: boolean
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PropertyMappingTestRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PropertyMappingTestResult'
description: ''
'400':
description: Invalid parameters
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/all/{pm_uuid}/used_by/:
get:
operationId: propertymappings_all_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/all/types/:
get:
operationId: propertymappings_all_types_list
description: Get all creatable types
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/TypeCreate'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/notification/:
get:
operationId: propertymappings_notification_list
description: NotificationWebhookMapping Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedNotificationWebhookMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_notification_create
description: NotificationWebhookMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationWebhookMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationWebhookMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/notification/{pm_uuid}/:
get:
operationId: propertymappings_notification_retrieve
description: NotificationWebhookMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Webhook Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationWebhookMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_notification_update
description: NotificationWebhookMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Webhook Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationWebhookMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationWebhookMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_notification_partial_update
description: NotificationWebhookMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Webhook Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedNotificationWebhookMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/NotificationWebhookMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_notification_destroy
description: NotificationWebhookMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Webhook Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/notification/{pm_uuid}/used_by/:
get:
operationId: propertymappings_notification_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Webhook Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/google_workspace/:
get:
operationId: propertymappings_provider_google_workspace_list
description: GoogleWorkspaceProviderMapping Viewset
parameters:
- in: query
name: expression
schema:
type: string
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: pm_uuid
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_provider_google_workspace_create
description: GoogleWorkspaceProviderMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/google_workspace/{pm_uuid}/:
get:
operationId: propertymappings_provider_google_workspace_retrieve
description: GoogleWorkspaceProviderMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Google Workspace Provider Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_provider_google_workspace_update
description: GoogleWorkspaceProviderMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Google Workspace Provider Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_provider_google_workspace_partial_update
description: GoogleWorkspaceProviderMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Google Workspace Provider Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedGoogleWorkspaceProviderMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_provider_google_workspace_destroy
description: GoogleWorkspaceProviderMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Google Workspace Provider Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/google_workspace/{pm_uuid}/used_by/:
get:
operationId: propertymappings_provider_google_workspace_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Google Workspace Provider Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/microsoft_entra/:
get:
operationId: propertymappings_provider_microsoft_entra_list
description: MicrosoftEntraProviderMapping Viewset
parameters:
- in: query
name: expression
schema:
type: string
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: pm_uuid
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_provider_microsoft_entra_create
description: MicrosoftEntraProviderMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/microsoft_entra/{pm_uuid}/:
get:
operationId: propertymappings_provider_microsoft_entra_retrieve
description: MicrosoftEntraProviderMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Microsoft Entra Provider Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_provider_microsoft_entra_update
description: MicrosoftEntraProviderMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Microsoft Entra Provider Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_provider_microsoft_entra_partial_update
description: MicrosoftEntraProviderMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Microsoft Entra Provider Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedMicrosoftEntraProviderMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_provider_microsoft_entra_destroy
description: MicrosoftEntraProviderMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Microsoft Entra Provider Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/microsoft_entra/{pm_uuid}/used_by/:
get:
operationId: propertymappings_provider_microsoft_entra_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Microsoft Entra Provider Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/rac/:
get:
operationId: propertymappings_provider_rac_list
description: RACPropertyMapping Viewset
parameters:
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedRACPropertyMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_provider_rac_create
description: RACPropertyMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RACPropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/RACPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/rac/{pm_uuid}/:
get:
operationId: propertymappings_provider_rac_retrieve
description: RACPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Provider Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RACPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_provider_rac_update
description: RACPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Provider Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RACPropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RACPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_provider_rac_partial_update
description: RACPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Provider Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedRACPropertyMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RACPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_provider_rac_destroy
description: RACPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Provider Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/rac/{pm_uuid}/used_by/:
get:
operationId: propertymappings_provider_rac_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Provider Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/radius/:
get:
operationId: propertymappings_provider_radius_list
description: RadiusProviderPropertyMapping Viewset
parameters:
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: managed__isnull
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedRadiusProviderPropertyMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_provider_radius_create
description: RadiusProviderPropertyMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProviderPropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/radius/{pm_uuid}/:
get:
operationId: propertymappings_provider_radius_retrieve
description: RadiusProviderPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Radius Provider Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_provider_radius_update
description: RadiusProviderPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Radius Provider Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProviderPropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_provider_radius_partial_update
description: RadiusProviderPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Radius Provider Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedRadiusProviderPropertyMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_provider_radius_destroy
description: RadiusProviderPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Radius Provider Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/radius/{pm_uuid}/used_by/:
get:
operationId: propertymappings_provider_radius_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Radius Provider Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/saml/:
get:
operationId: propertymappings_provider_saml_list
description: SAMLPropertyMapping Viewset
parameters:
- in: query
name: friendly_name
schema:
type: string
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: managed__isnull
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: saml_name
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSAMLPropertyMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_provider_saml_create
description: SAMLPropertyMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLPropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/saml/{pm_uuid}/:
get:
operationId: propertymappings_provider_saml_retrieve
description: SAMLPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SAML Provider Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_provider_saml_update
description: SAMLPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SAML Provider Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLPropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_provider_saml_partial_update
description: SAMLPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SAML Provider Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLPropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_provider_saml_destroy
description: SAMLPropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SAML Provider Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/saml/{pm_uuid}/used_by/:
get:
operationId: propertymappings_provider_saml_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SAML Provider Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/scim/:
get:
operationId: propertymappings_provider_scim_list
description: SCIMMapping Viewset
parameters:
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: managed__isnull
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSCIMMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_provider_scim_create
description: SCIMMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/scim/{pm_uuid}/:
get:
operationId: propertymappings_provider_scim_retrieve
description: SCIMMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SCIM Provider Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_provider_scim_update
description: SCIMMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SCIM Provider Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_provider_scim_partial_update
description: SCIMMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SCIM Provider Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSCIMMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_provider_scim_destroy
description: SCIMMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SCIM Provider Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/scim/{pm_uuid}/used_by/:
get:
operationId: propertymappings_provider_scim_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SCIM Provider Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/scope/:
get:
operationId: propertymappings_provider_scope_list
description: ScopeMapping Viewset
parameters:
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: managed__isnull
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: scope_name
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedScopeMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_provider_scope_create
description: ScopeMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ScopeMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/ScopeMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/scope/{pm_uuid}/:
get:
operationId: propertymappings_provider_scope_retrieve
description: ScopeMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Scope Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ScopeMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_provider_scope_update
description: ScopeMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Scope Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ScopeMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ScopeMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_provider_scope_partial_update
description: ScopeMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Scope Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedScopeMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ScopeMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_provider_scope_destroy
description: ScopeMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Scope Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/provider/scope/{pm_uuid}/used_by/:
get:
operationId: propertymappings_provider_scope_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Scope Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/kerberos/:
get:
operationId: propertymappings_source_kerberos_list
description: KerberosSource PropertyMapping Viewset
parameters:
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: managed__isnull
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedKerberosSourcePropertyMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_source_kerberos_create
description: KerberosSource PropertyMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/kerberos/{pm_uuid}/:
get:
operationId: propertymappings_source_kerberos_retrieve
description: KerberosSource PropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Kerberos Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_source_kerberos_update
description: KerberosSource PropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Kerberos Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_source_kerberos_partial_update
description: KerberosSource PropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Kerberos Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedKerberosSourcePropertyMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_source_kerberos_destroy
description: KerberosSource PropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Kerberos Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/kerberos/{pm_uuid}/used_by/:
get:
operationId: propertymappings_source_kerberos_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Kerberos Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/ldap/:
get:
operationId: propertymappings_source_ldap_list
description: LDAP PropertyMapping Viewset
parameters:
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: managed__isnull
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedLDAPSourcePropertyMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_source_ldap_create
description: LDAP PropertyMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/ldap/{pm_uuid}/:
get:
operationId: propertymappings_source_ldap_retrieve
description: LDAP PropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this LDAP Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_source_ldap_update
description: LDAP PropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this LDAP Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_source_ldap_partial_update
description: LDAP PropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this LDAP Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedLDAPSourcePropertyMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_source_ldap_destroy
description: LDAP PropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this LDAP Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/ldap/{pm_uuid}/used_by/:
get:
operationId: propertymappings_source_ldap_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this LDAP Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/oauth/:
get:
operationId: propertymappings_source_oauth_list
description: OAuthSourcePropertyMapping Viewset
parameters:
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: managed__isnull
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedOAuthSourcePropertyMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_source_oauth_create
description: OAuthSourcePropertyMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/oauth/{pm_uuid}/:
get:
operationId: propertymappings_source_oauth_retrieve
description: OAuthSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this OAuth Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_source_oauth_update
description: OAuthSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this OAuth Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_source_oauth_partial_update
description: OAuthSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this OAuth Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedOAuthSourcePropertyMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_source_oauth_destroy
description: OAuthSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this OAuth Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/oauth/{pm_uuid}/used_by/:
get:
operationId: propertymappings_source_oauth_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this OAuth Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/plex/:
get:
operationId: propertymappings_source_plex_list
description: PlexSourcePropertyMapping Viewset
parameters:
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: managed__isnull
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedPlexSourcePropertyMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_source_plex_create
description: PlexSourcePropertyMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/plex/{pm_uuid}/:
get:
operationId: propertymappings_source_plex_retrieve
description: PlexSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Plex Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_source_plex_update
description: PlexSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Plex Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_source_plex_partial_update
description: PlexSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Plex Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedPlexSourcePropertyMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_source_plex_destroy
description: PlexSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Plex Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/plex/{pm_uuid}/used_by/:
get:
operationId: propertymappings_source_plex_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Plex Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/saml/:
get:
operationId: propertymappings_source_saml_list
description: SAMLSourcePropertyMapping Viewset
parameters:
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: managed__isnull
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSAMLSourcePropertyMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_source_saml_create
description: SAMLSourcePropertyMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/saml/{pm_uuid}/:
get:
operationId: propertymappings_source_saml_retrieve
description: SAMLSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SAML Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_source_saml_update
description: SAMLSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SAML Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_source_saml_partial_update
description: SAMLSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SAML Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSAMLSourcePropertyMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_source_saml_destroy
description: SAMLSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SAML Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/saml/{pm_uuid}/used_by/:
get:
operationId: propertymappings_source_saml_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SAML Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/scim/:
get:
operationId: propertymappings_source_scim_list
description: SCIMSourcePropertyMapping Viewset
parameters:
- in: query
name: managed
schema:
type: array
items:
type: string
explode: true
style: form
- in: query
name: managed__isnull
schema:
type: boolean
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSCIMSourcePropertyMappingList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: propertymappings_source_scim_create
description: SCIMSourcePropertyMapping Viewset
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/scim/{pm_uuid}/:
get:
operationId: propertymappings_source_scim_retrieve
description: SCIMSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SCIM Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: propertymappings_source_scim_update
description: SCIMSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SCIM Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourcePropertyMappingRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: propertymappings_source_scim_partial_update
description: SCIMSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SCIM Source Property Mapping.
required: true
tags:
- propertymappings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSCIMSourcePropertyMappingRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: propertymappings_source_scim_destroy
description: SCIMSourcePropertyMapping Viewset
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SCIM Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/propertymappings/source/scim/{pm_uuid}/used_by/:
get:
operationId: propertymappings_source_scim_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SCIM Source Property Mapping.
required: true
tags:
- propertymappings
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/all/:
get:
operationId: providers_all_list
description: Provider Viewset
parameters:
- in: query
name: application__isnull
schema:
type: boolean
- in: query
name: backchannel
schema:
type: boolean
description: When not set all providers are returned. When set to true, only
backchannel providers are returned. When set to false, backchannel providers
are excluded
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedProviderList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/all/{id}/:
get:
operationId: providers_all_retrieve
description: Provider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Provider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_all_destroy
description: Provider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/all/{id}/used_by/:
get:
operationId: providers_all_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/all/types/:
get:
operationId: providers_all_types_list
description: Get all creatable types
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/TypeCreate'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/google_workspace/:
get:
operationId: providers_google_workspace_list
description: GoogleWorkspaceProvider Viewset
parameters:
- in: query
name: delegated_subject
schema:
type: string
- in: query
name: exclude_users_service_account
schema:
type: boolean
- in: query
name: filter_group
schema:
type: string
format: uuid
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_google_workspace_create
description: GoogleWorkspaceProvider Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/google_workspace/{id}/:
get:
operationId: providers_google_workspace_retrieve
description: GoogleWorkspaceProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Google Workspace Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: providers_google_workspace_update
description: GoogleWorkspaceProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Google Workspace Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: providers_google_workspace_partial_update
description: GoogleWorkspaceProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Google Workspace Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedGoogleWorkspaceProviderRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_google_workspace_destroy
description: GoogleWorkspaceProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Google Workspace Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/google_workspace/{id}/sync/object/:
post:
operationId: providers_google_workspace_sync_object_create
description: Sync/Re-sync a single user/group object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Google Workspace Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SyncObjectRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SyncObjectResult'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/google_workspace/{id}/sync/status/:
get:
operationId: providers_google_workspace_sync_status_retrieve
description: Get provider's sync status
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Google Workspace Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SyncStatus'
description: ''
'404':
description: Task not found
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/google_workspace/{id}/used_by/:
get:
operationId: providers_google_workspace_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Google Workspace Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/google_workspace_groups/:
get:
operationId: providers_google_workspace_groups_list
description: GoogleWorkspaceProviderGroup Viewset
parameters:
- in: query
name: group__group_uuid
schema:
type: string
format: uuid
- in: query
name: group__name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider__id
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderGroupList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_google_workspace_groups_create
description: GoogleWorkspaceProviderGroup Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderGroupRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/google_workspace_groups/{id}/:
get:
operationId: providers_google_workspace_groups_retrieve
description: GoogleWorkspaceProviderGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Google Workspace Provider Group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_google_workspace_groups_destroy
description: GoogleWorkspaceProviderGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Google Workspace Provider Group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/google_workspace_groups/{id}/used_by/:
get:
operationId: providers_google_workspace_groups_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Google Workspace Provider Group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/google_workspace_users/:
get:
operationId: providers_google_workspace_users_list
description: GoogleWorkspaceProviderUser Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider__id
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: user__id
schema:
type: integer
- in: query
name: user__username
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderUserList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_google_workspace_users_create
description: GoogleWorkspaceProviderUser Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderUserRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/google_workspace_users/{id}/:
get:
operationId: providers_google_workspace_users_retrieve
description: GoogleWorkspaceProviderUser Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Google Workspace Provider User.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GoogleWorkspaceProviderUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_google_workspace_users_destroy
description: GoogleWorkspaceProviderUser Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Google Workspace Provider User.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/google_workspace_users/{id}/used_by/:
get:
operationId: providers_google_workspace_users_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Google Workspace Provider User.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/ldap/:
get:
operationId: providers_ldap_list
description: LDAPProvider Viewset
parameters:
- in: query
name: application__isnull
schema:
type: boolean
- in: query
name: authorization_flow__slug__iexact
schema:
type: string
- in: query
name: base_dn__iexact
schema:
type: string
- in: query
name: certificate__kp_uuid__iexact
schema:
type: string
format: uuid
- in: query
name: certificate__name__iexact
schema:
type: string
- in: query
name: gid_start_number__iexact
schema:
type: integer
- in: query
name: name__iexact
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: tls_server_name__iexact
schema:
type: string
- in: query
name: uid_start_number__iexact
schema:
type: integer
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedLDAPProviderList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_ldap_create
description: LDAPProvider Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPProviderRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/ldap/{id}/:
get:
operationId: providers_ldap_retrieve
description: LDAPProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this LDAP Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: providers_ldap_update
description: LDAPProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this LDAP Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPProviderRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: providers_ldap_partial_update
description: LDAPProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this LDAP Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedLDAPProviderRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_ldap_destroy
description: LDAPProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this LDAP Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/ldap/{id}/used_by/:
get:
operationId: providers_ldap_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this LDAP Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/microsoft_entra/:
get:
operationId: providers_microsoft_entra_list
description: MicrosoftEntraProvider Viewset
parameters:
- in: query
name: exclude_users_service_account
schema:
type: boolean
- in: query
name: filter_group
schema:
type: string
format: uuid
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_microsoft_entra_create
description: MicrosoftEntraProvider Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/microsoft_entra/{id}/:
get:
operationId: providers_microsoft_entra_retrieve
description: MicrosoftEntraProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Microsoft Entra Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: providers_microsoft_entra_update
description: MicrosoftEntraProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Microsoft Entra Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: providers_microsoft_entra_partial_update
description: MicrosoftEntraProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Microsoft Entra Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedMicrosoftEntraProviderRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_microsoft_entra_destroy
description: MicrosoftEntraProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Microsoft Entra Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/microsoft_entra/{id}/sync/object/:
post:
operationId: providers_microsoft_entra_sync_object_create
description: Sync/Re-sync a single user/group object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Microsoft Entra Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SyncObjectRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SyncObjectResult'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/microsoft_entra/{id}/sync/status/:
get:
operationId: providers_microsoft_entra_sync_status_retrieve
description: Get provider's sync status
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Microsoft Entra Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SyncStatus'
description: ''
'404':
description: Task not found
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/microsoft_entra/{id}/used_by/:
get:
operationId: providers_microsoft_entra_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Microsoft Entra Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/microsoft_entra_groups/:
get:
operationId: providers_microsoft_entra_groups_list
description: MicrosoftEntraProviderGroup Viewset
parameters:
- in: query
name: group__group_uuid
schema:
type: string
format: uuid
- in: query
name: group__name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider__id
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderGroupList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_microsoft_entra_groups_create
description: MicrosoftEntraProviderGroup Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderGroupRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/microsoft_entra_groups/{id}/:
get:
operationId: providers_microsoft_entra_groups_retrieve
description: MicrosoftEntraProviderGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Microsoft Entra Provider Group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_microsoft_entra_groups_destroy
description: MicrosoftEntraProviderGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Microsoft Entra Provider Group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/microsoft_entra_groups/{id}/used_by/:
get:
operationId: providers_microsoft_entra_groups_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Microsoft Entra Provider Group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/microsoft_entra_users/:
get:
operationId: providers_microsoft_entra_users_list
description: MicrosoftEntraProviderUser Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider__id
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: user__id
schema:
type: integer
- in: query
name: user__username
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderUserList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_microsoft_entra_users_create
description: MicrosoftEntraProviderUser Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderUserRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/microsoft_entra_users/{id}/:
get:
operationId: providers_microsoft_entra_users_retrieve
description: MicrosoftEntraProviderUser Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Microsoft Entra Provider User.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/MicrosoftEntraProviderUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_microsoft_entra_users_destroy
description: MicrosoftEntraProviderUser Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Microsoft Entra Provider User.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/microsoft_entra_users/{id}/used_by/:
get:
operationId: providers_microsoft_entra_users_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this Microsoft Entra Provider User.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/oauth2/:
get:
operationId: providers_oauth2_list
description: OAuth2Provider Viewset
parameters:
- in: query
name: access_code_validity
schema:
type: string
- in: query
name: access_token_validity
schema:
type: string
- in: query
name: application
schema:
type: string
format: uuid
- in: query
name: authorization_flow
schema:
type: string
format: uuid
- in: query
name: client_id
schema:
type: string
- in: query
name: client_type
schema:
type: string
enum:
- confidential
- public
description: |+
Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
- in: query
name: include_claims_in_id_token
schema:
type: boolean
- in: query
name: issuer_mode
schema:
type: string
enum:
- global
- per_provider
description: |+
Configure how the issuer field of the ID Token should be filled.
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: property_mappings
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- in: query
name: refresh_token_validity
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: signing_key
schema:
type: string
format: uuid
- in: query
name: sub_mode
schema:
type: string
enum:
- hashed_user_id
- user_email
- user_id
- user_upn
- user_username
- user_uuid
description: |+
Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedOAuth2ProviderList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_oauth2_create
description: OAuth2Provider Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/OAuth2ProviderRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuth2Provider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/oauth2/{id}/:
get:
operationId: providers_oauth2_retrieve
description: OAuth2Provider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2/OpenID Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuth2Provider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: providers_oauth2_update
description: OAuth2Provider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2/OpenID Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/OAuth2ProviderRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuth2Provider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: providers_oauth2_partial_update
description: OAuth2Provider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2/OpenID Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedOAuth2ProviderRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuth2Provider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_oauth2_destroy
description: OAuth2Provider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2/OpenID Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/oauth2/{id}/preview_user/:
get:
operationId: providers_oauth2_preview_user_retrieve
description: Preview user data for provider
parameters:
- in: query
name: for_user
schema:
type: integer
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2/OpenID Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PropertyMappingPreview'
description: ''
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/oauth2/{id}/setup_urls/:
get:
operationId: providers_oauth2_setup_urls_retrieve
description: Get Providers setup URLs
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2/OpenID Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuth2ProviderSetupURLs'
description: ''
'404':
description: Provider has no application assigned
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/oauth2/{id}/used_by/:
get:
operationId: providers_oauth2_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this OAuth2/OpenID Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/proxy/:
get:
operationId: providers_proxy_list
description: ProxyProvider Viewset
parameters:
- in: query
name: application__isnull
schema:
type: boolean
- in: query
name: authorization_flow__slug__iexact
schema:
type: string
- in: query
name: basic_auth_enabled__iexact
schema:
type: boolean
- in: query
name: basic_auth_password_attribute__iexact
schema:
type: string
- in: query
name: basic_auth_user_attribute__iexact
schema:
type: string
- in: query
name: certificate__kp_uuid__iexact
schema:
type: string
format: uuid
- in: query
name: certificate__name__iexact
schema:
type: string
- in: query
name: cookie_domain__iexact
schema:
type: string
- in: query
name: external_host__iexact
schema:
type: string
- in: query
name: internal_host__iexact
schema:
type: string
- in: query
name: internal_host_ssl_validation__iexact
schema:
type: boolean
- in: query
name: mode__iexact
schema:
type: string
- in: query
name: name__iexact
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: property_mappings__iexact
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: skip_path_regex__iexact
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedProxyProviderList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_proxy_create
description: ProxyProvider Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ProxyProviderRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/ProxyProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/proxy/{id}/:
get:
operationId: providers_proxy_retrieve
description: ProxyProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Proxy Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ProxyProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: providers_proxy_update
description: ProxyProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Proxy Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ProxyProviderRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ProxyProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: providers_proxy_partial_update
description: ProxyProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Proxy Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedProxyProviderRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ProxyProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_proxy_destroy
description: ProxyProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Proxy Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/proxy/{id}/used_by/:
get:
operationId: providers_proxy_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Proxy Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/rac/:
get:
operationId: providers_rac_list
description: RACProvider Viewset
parameters:
- in: query
name: application__isnull
schema:
type: boolean
- in: query
name: name__iexact
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedRACProviderList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_rac_create
description: RACProvider Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RACProviderRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/RACProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/rac/{id}/:
get:
operationId: providers_rac_retrieve
description: RACProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this RAC Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RACProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: providers_rac_update
description: RACProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this RAC Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RACProviderRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RACProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: providers_rac_partial_update
description: RACProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this RAC Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedRACProviderRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RACProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_rac_destroy
description: RACProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this RAC Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/rac/{id}/used_by/:
get:
operationId: providers_rac_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this RAC Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/radius/:
get:
operationId: providers_radius_list
description: RadiusProvider Viewset
parameters:
- in: query
name: application__isnull
schema:
type: boolean
- in: query
name: authorization_flow__slug__iexact
schema:
type: string
- in: query
name: client_networks__iexact
schema:
type: string
- in: query
name: name__iexact
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedRadiusProviderList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_radius_create
description: RadiusProvider Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProviderRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/radius/{id}/:
get:
operationId: providers_radius_retrieve
description: RadiusProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Radius Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: providers_radius_update
description: RadiusProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Radius Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProviderRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: providers_radius_partial_update
description: RadiusProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Radius Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedRadiusProviderRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RadiusProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_radius_destroy
description: RadiusProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Radius Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/radius/{id}/used_by/:
get:
operationId: providers_radius_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Radius Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/saml/:
get:
operationId: providers_saml_list
description: SAMLProvider Viewset
parameters:
- in: query
name: acs_url
schema:
type: string
- in: query
name: assertion_valid_not_before
schema:
type: string
- in: query
name: assertion_valid_not_on_or_after
schema:
type: string
- in: query
name: audience
schema:
type: string
- in: query
name: authentication_flow
schema:
type: string
format: uuid
- in: query
name: authn_context_class_ref_mapping
schema:
type: string
format: uuid
- in: query
name: authorization_flow
schema:
type: string
format: uuid
- in: query
name: backchannel_application
schema:
type: string
format: uuid
- in: query
name: default_relay_state
schema:
type: string
- in: query
name: digest_algorithm
schema:
type: string
enum:
- http://www.w3.org/2000/09/xmldsig#sha1
- http://www.w3.org/2001/04/xmldsig-more#sha384
- http://www.w3.org/2001/04/xmlenc#sha256
- http://www.w3.org/2001/04/xmlenc#sha512
- in: query
name: encryption_kp
schema:
type: string
format: uuid
- in: query
name: invalidation_flow
schema:
type: string
format: uuid
- in: query
name: is_backchannel
schema:
type: boolean
- in: query
name: issuer
schema:
type: string
- in: query
name: name
schema:
type: string
- in: query
name: name_id_mapping
schema:
type: string
format: uuid
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: property_mappings
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: session_valid_not_on_or_after
schema:
type: string
- in: query
name: sign_assertion
schema:
type: boolean
- in: query
name: sign_response
schema:
type: boolean
- in: query
name: signature_algorithm
schema:
type: string
enum:
- http://www.w3.org/2000/09/xmldsig#dsa-sha1
- http://www.w3.org/2000/09/xmldsig#rsa-sha1
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
- in: query
name: signing_kp
schema:
type: string
format: uuid
- in: query
name: sp_binding
schema:
type: string
title: Service Provider Binding
enum:
- post
- redirect
description: |+
This determines how authentik sends the response back to the Service Provider.
- in: query
name: verification_kp
schema:
type: string
format: uuid
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSAMLProviderList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_saml_create
description: SAMLProvider Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLProviderRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/saml/{id}/:
get:
operationId: providers_saml_retrieve
description: SAMLProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SAML Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: providers_saml_update
description: SAMLProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SAML Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLProviderRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: providers_saml_partial_update
description: SAMLProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SAML Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSAMLProviderRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_saml_destroy
description: SAMLProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SAML Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/saml/{id}/metadata/:
get:
operationId: providers_saml_metadata_retrieve
description: Return metadata as XML string
parameters:
- in: query
name: download
schema:
type: boolean
- in: query
name: force_binding
schema:
type: string
enum:
- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
description: Optionally force the metadata to only include one binding.
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SAML Provider.
required: true
tags:
- providers
security:
- authentik: []
- {}
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLMetadata'
application/xml:
schema:
$ref: '#/components/schemas/SAMLMetadata'
description: ''
'404':
description: Provider has no application assigned
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/saml/{id}/preview_user/:
get:
operationId: providers_saml_preview_user_retrieve
description: Preview user data for provider
parameters:
- in: query
name: for_user
schema:
type: integer
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SAML Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PropertyMappingPreview'
description: ''
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/saml/{id}/used_by/:
get:
operationId: providers_saml_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SAML Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/saml/import_metadata/:
post:
operationId: providers_saml_import_metadata_create
description: Create provider from SAML Metadata
tags:
- providers
requestBody:
content:
multipart/form-data:
schema:
$ref: '#/components/schemas/SAMLProviderImportRequest'
required: true
security:
- authentik: []
responses:
'204':
description: Successfully imported provider
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim/:
get:
operationId: providers_scim_list
description: SCIMProvider Viewset
parameters:
- in: query
name: exclude_users_service_account
schema:
type: boolean
- in: query
name: filter_group
schema:
type: string
format: uuid
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: url
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSCIMProviderList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_scim_create
description: SCIMProvider Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim/{id}/:
get:
operationId: providers_scim_retrieve
description: SCIMProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SCIM Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: providers_scim_update
description: SCIMProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SCIM Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: providers_scim_partial_update
description: SCIMProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SCIM Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSCIMProviderRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_scim_destroy
description: SCIMProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SCIM Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim/{id}/sync/object/:
post:
operationId: providers_scim_sync_object_create
description: Sync/Re-sync a single user/group object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SCIM Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SyncObjectRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SyncObjectResult'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim/{id}/sync/status/:
get:
operationId: providers_scim_sync_status_retrieve
description: Get provider's sync status
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SCIM Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SyncStatus'
description: ''
'404':
description: Task not found
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim/{id}/used_by/:
get:
operationId: providers_scim_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this SCIM Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_groups/:
get:
operationId: providers_scim_groups_list
description: SCIMProviderGroup Viewset
parameters:
- in: query
name: group__group_uuid
schema:
type: string
format: uuid
- in: query
name: group__name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider__id
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSCIMProviderGroupList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_scim_groups_create
description: SCIMProviderGroup Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderGroupRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_groups/{id}/:
get:
operationId: providers_scim_groups_retrieve
description: SCIMProviderGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_scim_groups_destroy
description: SCIMProviderGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_groups/{id}/used_by/:
get:
operationId: providers_scim_groups_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_users/:
get:
operationId: providers_scim_users_list
description: SCIMProviderUser Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider__id
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: user__id
schema:
type: integer
- in: query
name: user__username
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSCIMProviderUserList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_scim_users_create
description: SCIMProviderUser Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderUserRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_users/{id}/:
get:
operationId: providers_scim_users_retrieve
description: SCIMProviderUser Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider user.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_scim_users_destroy
description: SCIMProviderUser Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider user.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_users/{id}/used_by/:
get:
operationId: providers_scim_users_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider user.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/ssf/:
get:
operationId: providers_ssf_list
description: SSFProvider Viewset
parameters:
- in: query
name: application__isnull
schema:
type: boolean
- in: query
name: name__iexact
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSSFProviderList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_ssf_create
description: SSFProvider Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SSFProviderRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SSFProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/ssf/{id}/:
get:
operationId: providers_ssf_retrieve
description: SSFProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Shared Signals Framework
Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SSFProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: providers_ssf_update
description: SSFProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Shared Signals Framework
Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SSFProviderRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SSFProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: providers_ssf_partial_update
description: SSFProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Shared Signals Framework
Provider.
required: true
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSSFProviderRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SSFProvider'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_ssf_destroy
description: SSFProvider Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Shared Signals Framework
Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/ssf/{id}/used_by/:
get:
operationId: providers_ssf_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Shared Signals Framework
Provider.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rac/connection_tokens/:
get:
operationId: rac_connection_tokens_list
description: ConnectionToken Viewset
parameters:
- in: query
name: endpoint
schema:
type: string
format: uuid
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: session__user
schema:
type: integer
tags:
- rac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedConnectionTokenList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rac/connection_tokens/{connection_token_uuid}/:
get:
operationId: rac_connection_tokens_retrieve
description: ConnectionToken Viewset
parameters:
- in: path
name: connection_token_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Connection token.
required: true
tags:
- rac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ConnectionToken'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: rac_connection_tokens_update
description: ConnectionToken Viewset
parameters:
- in: path
name: connection_token_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Connection token.
required: true
tags:
- rac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ConnectionTokenRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ConnectionToken'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: rac_connection_tokens_partial_update
description: ConnectionToken Viewset
parameters:
- in: path
name: connection_token_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Connection token.
required: true
tags:
- rac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedConnectionTokenRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ConnectionToken'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: rac_connection_tokens_destroy
description: ConnectionToken Viewset
parameters:
- in: path
name: connection_token_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Connection token.
required: true
tags:
- rac
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rac/connection_tokens/{connection_token_uuid}/used_by/:
get:
operationId: rac_connection_tokens_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: connection_token_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Connection token.
required: true
tags:
- rac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rac/endpoints/:
get:
operationId: rac_endpoints_list
description: List accessible endpoints
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider
schema:
type: integer
- in: query
name: search
schema:
type: string
- in: query
name: superuser_full_list
schema:
type: boolean
tags:
- rac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedEndpointList'
description: ''
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: rac_endpoints_create
description: Endpoint Viewset
tags:
- rac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Endpoint'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rac/endpoints/{pbm_uuid}/:
get:
operationId: rac_endpoints_retrieve
description: Endpoint Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Endpoint.
required: true
tags:
- rac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Endpoint'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: rac_endpoints_update
description: Endpoint Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Endpoint.
required: true
tags:
- rac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Endpoint'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: rac_endpoints_partial_update
description: Endpoint Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Endpoint.
required: true
tags:
- rac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedEndpointRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Endpoint'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: rac_endpoints_destroy
description: Endpoint Viewset
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Endpoint.
required: true
tags:
- rac
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rac/endpoints/{pbm_uuid}/used_by/:
get:
operationId: rac_endpoints_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: pbm_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this RAC Endpoint.
required: true
tags:
- rac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/initial_permissions/:
get:
operationId: rbac_initial_permissions_list
description: InitialPermissions viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedInitialPermissionsList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: rbac_initial_permissions_create
description: InitialPermissions viewset
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/InitialPermissionsRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/InitialPermissions'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/initial_permissions/{id}/:
get:
operationId: rbac_initial_permissions_retrieve
description: InitialPermissions viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Initial Permissions.
required: true
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/InitialPermissions'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: rbac_initial_permissions_update
description: InitialPermissions viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Initial Permissions.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/InitialPermissionsRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/InitialPermissions'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: rbac_initial_permissions_partial_update
description: InitialPermissions viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Initial Permissions.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedInitialPermissionsRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/InitialPermissions'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: rbac_initial_permissions_destroy
description: InitialPermissions viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Initial Permissions.
required: true
tags:
- rbac
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/initial_permissions/{id}/used_by/:
get:
operationId: rbac_initial_permissions_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Initial Permissions.
required: true
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/:
get:
operationId: rbac_permissions_list
description: Read-only list of all permissions, filterable by model and app
parameters:
- in: query
name: codename
schema:
type: string
- in: query
name: content_type__app_label
schema:
type: string
- in: query
name: content_type__model
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: role
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: user
schema:
type: integer
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedPermissionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/{id}/:
get:
operationId: rbac_permissions_retrieve
description: Read-only list of all permissions, filterable by model and app
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this permission.
required: true
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Permission'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/assigned_by_roles/:
get:
operationId: rbac_permissions_assigned_by_roles_list
description: Get assigned object permissions for a single object
parameters:
- in: query
name: model
schema:
type: string
enum:
- authentik_blueprints.blueprintinstance
- authentik_brands.brand
- authentik_core.application
- authentik_core.applicationentitlement
- authentik_core.group
- authentik_core.token
- authentik_core.user
- authentik_crypto.certificatekeypair
- authentik_enterprise.license
- authentik_events.event
- authentik_events.notification
- authentik_events.notificationrule
- authentik_events.notificationtransport
- authentik_events.notificationwebhookmapping
- authentik_flows.flow
- authentik_flows.flowstagebinding
- authentik_outposts.dockerserviceconnection
- authentik_outposts.kubernetesserviceconnection
- authentik_outposts.outpost
- authentik_policies.policybinding
- authentik_policies_dummy.dummypolicy
- authentik_policies_event_matcher.eventmatcherpolicy
- authentik_policies_expiry.passwordexpirypolicy
- authentik_policies_expression.expressionpolicy
- authentik_policies_geoip.geoippolicy
- authentik_policies_password.passwordpolicy
- authentik_policies_reputation.reputationpolicy
- authentik_policies_unique_password.uniquepasswordpolicy
- authentik_providers_google_workspace.googleworkspaceprovider
- authentik_providers_google_workspace.googleworkspaceprovidermapping
- authentik_providers_ldap.ldapprovider
- authentik_providers_microsoft_entra.microsoftentraprovider
- authentik_providers_microsoft_entra.microsoftentraprovidermapping
- authentik_providers_oauth2.oauth2provider
- authentik_providers_oauth2.scopemapping
- authentik_providers_proxy.proxyprovider
- authentik_providers_rac.endpoint
- authentik_providers_rac.racpropertymapping
- authentik_providers_rac.racprovider
- authentik_providers_radius.radiusprovider
- authentik_providers_radius.radiusproviderpropertymapping
- authentik_providers_saml.samlpropertymapping
- authentik_providers_saml.samlprovider
- authentik_providers_scim.scimmapping
- authentik_providers_scim.scimprovider
- authentik_providers_ssf.ssfprovider
- authentik_rbac.initialpermissions
- authentik_rbac.role
- authentik_sources_kerberos.groupkerberossourceconnection
- authentik_sources_kerberos.kerberossource
- authentik_sources_kerberos.kerberossourcepropertymapping
- authentik_sources_kerberos.userkerberossourceconnection
- authentik_sources_ldap.groupldapsourceconnection
- authentik_sources_ldap.ldapsource
- authentik_sources_ldap.ldapsourcepropertymapping
- authentik_sources_ldap.userldapsourceconnection
- authentik_sources_oauth.groupoauthsourceconnection
- authentik_sources_oauth.oauthsource
- authentik_sources_oauth.oauthsourcepropertymapping
- authentik_sources_oauth.useroauthsourceconnection
- authentik_sources_plex.groupplexsourceconnection
- authentik_sources_plex.plexsource
- authentik_sources_plex.plexsourcepropertymapping
- authentik_sources_plex.userplexsourceconnection
- authentik_sources_saml.groupsamlsourceconnection
- authentik_sources_saml.samlsource
- authentik_sources_saml.samlsourcepropertymapping
- authentik_sources_saml.usersamlsourceconnection
- authentik_sources_scim.scimsource
- authentik_sources_scim.scimsourcepropertymapping
- authentik_stages_authenticator_duo.authenticatorduostage
- authentik_stages_authenticator_duo.duodevice
- authentik_stages_authenticator_email.authenticatoremailstage
- authentik_stages_authenticator_email.emaildevice
- authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage
- authentik_stages_authenticator_sms.authenticatorsmsstage
- authentik_stages_authenticator_sms.smsdevice
- authentik_stages_authenticator_static.authenticatorstaticstage
- authentik_stages_authenticator_static.staticdevice
- authentik_stages_authenticator_totp.authenticatortotpstage
- authentik_stages_authenticator_totp.totpdevice
- authentik_stages_authenticator_validate.authenticatorvalidatestage
- authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
- authentik_stages_authenticator_webauthn.webauthndevice
- authentik_stages_captcha.captchastage
- authentik_stages_consent.consentstage
- authentik_stages_consent.userconsent
- authentik_stages_deny.denystage
- authentik_stages_dummy.dummystage
- authentik_stages_email.emailstage
- authentik_stages_identification.identificationstage
- authentik_stages_invitation.invitation
- authentik_stages_invitation.invitationstage
- authentik_stages_mtls.mutualtlsstage
- authentik_stages_password.passwordstage
- authentik_stages_prompt.prompt
- authentik_stages_prompt.promptstage
- authentik_stages_redirect.redirectstage
- authentik_stages_source.sourcestage
- authentik_stages_user_delete.userdeletestage
- authentik_stages_user_login.userloginstage
- authentik_stages_user_logout.userlogoutstage
- authentik_stages_user_write.userwritestage
- authentik_tenants.domain
required: true
- in: query
name: object_pk
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedRoleAssignedObjectPermissionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/assigned_by_roles/{uuid}/assign/:
post:
operationId: rbac_permissions_assigned_by_roles_assign
description: |-
Assign permission(s) to role. When `object_pk` is set, the permissions
are only assigned to the specific object, otherwise they are assigned globally.
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Role.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PermissionAssignRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/PermissionAssignResult'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/assigned_by_roles/{uuid}/unassign/:
patch:
operationId: rbac_permissions_assigned_by_roles_unassign_partial_update
description: |-
Unassign permission(s) to role. When `object_pk` is set, the permissions
are only assigned to the specific object, otherwise they are assigned globally.
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Role.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedPermissionAssignRequest'
security:
- authentik: []
responses:
'204':
description: Successfully unassigned
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/assigned_by_users/:
get:
operationId: rbac_permissions_assigned_by_users_list
description: Get assigned object permissions for a single object
parameters:
- in: query
name: model
schema:
type: string
enum:
- authentik_blueprints.blueprintinstance
- authentik_brands.brand
- authentik_core.application
- authentik_core.applicationentitlement
- authentik_core.group
- authentik_core.token
- authentik_core.user
- authentik_crypto.certificatekeypair
- authentik_enterprise.license
- authentik_events.event
- authentik_events.notification
- authentik_events.notificationrule
- authentik_events.notificationtransport
- authentik_events.notificationwebhookmapping
- authentik_flows.flow
- authentik_flows.flowstagebinding
- authentik_outposts.dockerserviceconnection
- authentik_outposts.kubernetesserviceconnection
- authentik_outposts.outpost
- authentik_policies.policybinding
- authentik_policies_dummy.dummypolicy
- authentik_policies_event_matcher.eventmatcherpolicy
- authentik_policies_expiry.passwordexpirypolicy
- authentik_policies_expression.expressionpolicy
- authentik_policies_geoip.geoippolicy
- authentik_policies_password.passwordpolicy
- authentik_policies_reputation.reputationpolicy
- authentik_policies_unique_password.uniquepasswordpolicy
- authentik_providers_google_workspace.googleworkspaceprovider
- authentik_providers_google_workspace.googleworkspaceprovidermapping
- authentik_providers_ldap.ldapprovider
- authentik_providers_microsoft_entra.microsoftentraprovider
- authentik_providers_microsoft_entra.microsoftentraprovidermapping
- authentik_providers_oauth2.oauth2provider
- authentik_providers_oauth2.scopemapping
- authentik_providers_proxy.proxyprovider
- authentik_providers_rac.endpoint
- authentik_providers_rac.racpropertymapping
- authentik_providers_rac.racprovider
- authentik_providers_radius.radiusprovider
- authentik_providers_radius.radiusproviderpropertymapping
- authentik_providers_saml.samlpropertymapping
- authentik_providers_saml.samlprovider
- authentik_providers_scim.scimmapping
- authentik_providers_scim.scimprovider
- authentik_providers_ssf.ssfprovider
- authentik_rbac.initialpermissions
- authentik_rbac.role
- authentik_sources_kerberos.groupkerberossourceconnection
- authentik_sources_kerberos.kerberossource
- authentik_sources_kerberos.kerberossourcepropertymapping
- authentik_sources_kerberos.userkerberossourceconnection
- authentik_sources_ldap.groupldapsourceconnection
- authentik_sources_ldap.ldapsource
- authentik_sources_ldap.ldapsourcepropertymapping
- authentik_sources_ldap.userldapsourceconnection
- authentik_sources_oauth.groupoauthsourceconnection
- authentik_sources_oauth.oauthsource
- authentik_sources_oauth.oauthsourcepropertymapping
- authentik_sources_oauth.useroauthsourceconnection
- authentik_sources_plex.groupplexsourceconnection
- authentik_sources_plex.plexsource
- authentik_sources_plex.plexsourcepropertymapping
- authentik_sources_plex.userplexsourceconnection
- authentik_sources_saml.groupsamlsourceconnection
- authentik_sources_saml.samlsource
- authentik_sources_saml.samlsourcepropertymapping
- authentik_sources_saml.usersamlsourceconnection
- authentik_sources_scim.scimsource
- authentik_sources_scim.scimsourcepropertymapping
- authentik_stages_authenticator_duo.authenticatorduostage
- authentik_stages_authenticator_duo.duodevice
- authentik_stages_authenticator_email.authenticatoremailstage
- authentik_stages_authenticator_email.emaildevice
- authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage
- authentik_stages_authenticator_sms.authenticatorsmsstage
- authentik_stages_authenticator_sms.smsdevice
- authentik_stages_authenticator_static.authenticatorstaticstage
- authentik_stages_authenticator_static.staticdevice
- authentik_stages_authenticator_totp.authenticatortotpstage
- authentik_stages_authenticator_totp.totpdevice
- authentik_stages_authenticator_validate.authenticatorvalidatestage
- authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
- authentik_stages_authenticator_webauthn.webauthndevice
- authentik_stages_captcha.captchastage
- authentik_stages_consent.consentstage
- authentik_stages_consent.userconsent
- authentik_stages_deny.denystage
- authentik_stages_dummy.dummystage
- authentik_stages_email.emailstage
- authentik_stages_identification.identificationstage
- authentik_stages_invitation.invitation
- authentik_stages_invitation.invitationstage
- authentik_stages_mtls.mutualtlsstage
- authentik_stages_password.passwordstage
- authentik_stages_prompt.prompt
- authentik_stages_prompt.promptstage
- authentik_stages_redirect.redirectstage
- authentik_stages_source.sourcestage
- authentik_stages_user_delete.userdeletestage
- authentik_stages_user_login.userloginstage
- authentik_stages_user_logout.userlogoutstage
- authentik_stages_user_write.userwritestage
- authentik_tenants.domain
required: true
- in: query
name: object_pk
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserAssignedObjectPermissionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/assigned_by_users/{id}/assign/:
post:
operationId: rbac_permissions_assigned_by_users_assign
description: Assign permission(s) to user
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PermissionAssignRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/PermissionAssignResult'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/assigned_by_users/{id}/unassign/:
patch:
operationId: rbac_permissions_assigned_by_users_unassign_partial_update
description: |-
Unassign permission(s) to user. When `object_pk` is set, the permissions
are only assigned to the specific object, otherwise they are assigned globally.
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedPermissionAssignRequest'
security:
- authentik: []
responses:
'204':
description: Successfully unassigned
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/roles/:
get:
operationId: rbac_permissions_roles_list
description: Get a role's assigned object permissions
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: uuid
schema:
type: string
format: uuid
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedExtraRoleObjectPermissionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/roles/{id}/:
get:
operationId: rbac_permissions_roles_retrieve
description: Get a role's assigned object permissions
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this group object permission.
required: true
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ExtraRoleObjectPermission'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: rbac_permissions_roles_update
description: Get a role's assigned object permissions
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this group object permission.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ExtraRoleObjectPermissionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ExtraRoleObjectPermission'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: rbac_permissions_roles_partial_update
description: Get a role's assigned object permissions
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this group object permission.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedExtraRoleObjectPermissionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ExtraRoleObjectPermission'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: rbac_permissions_roles_destroy
description: Get a role's assigned object permissions
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this group object permission.
required: true
tags:
- rbac
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/users/:
get:
operationId: rbac_permissions_users_list
description: Get a users's assigned object permissions
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: user_id
schema:
type: integer
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedExtraUserObjectPermissionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/permissions/users/{id}/:
get:
operationId: rbac_permissions_users_retrieve
description: Get a users's assigned object permissions
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user object permission.
required: true
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ExtraUserObjectPermission'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: rbac_permissions_users_update
description: Get a users's assigned object permissions
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user object permission.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ExtraUserObjectPermissionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ExtraUserObjectPermission'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: rbac_permissions_users_partial_update
description: Get a users's assigned object permissions
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user object permission.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedExtraUserObjectPermissionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ExtraUserObjectPermission'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: rbac_permissions_users_destroy
description: Get a users's assigned object permissions
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user object permission.
required: true
tags:
- rbac
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/roles/:
get:
operationId: rbac_roles_list
description: Role viewset
parameters:
- in: query
name: group__name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedRoleList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: rbac_roles_create
description: Role viewset
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RoleRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Role'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/roles/{uuid}/:
get:
operationId: rbac_roles_retrieve
description: Role viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Role.
required: true
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Role'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: rbac_roles_update
description: Role viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Role.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RoleRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Role'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: rbac_roles_partial_update
description: Role viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Role.
required: true
tags:
- rbac
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedRoleRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Role'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: rbac_roles_destroy
description: Role viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Role.
required: true
tags:
- rbac
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rbac/roles/{uuid}/used_by/:
get:
operationId: rbac_roles_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Role.
required: true
tags:
- rbac
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/root/config/:
get:
operationId: root_config_retrieve
description: Retrieve public configuration options
tags:
- root
security:
- authentik: []
- {}
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Config'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/schema/:
get:
operationId: schema_retrieve
description: |-
OpenApi3 schema for this API. Format can be selected via content negotiation.
- YAML: application/vnd.oai.openapi
- JSON: application/vnd.oai.openapi+json
parameters:
- in: query
name: format
schema:
type: string
enum:
- json
- yaml
- in: query
name: lang
schema:
type: string
enum:
- af
- ar
- ar-dz
- ast
- az
- be
- bg
- bn
- br
- bs
- ca
- ckb
- cs
- cy
- da
- de
- dsb
- el
- en
- en-au
- en-gb
- eo
- es
- es-ar
- es-co
- es-mx
- es-ni
- es-ve
- et
- eu
- fa
- fi
- fr
- fy
- ga
- gd
- gl
- he
- hi
- hr
- hsb
- hu
- hy
- ia
- id
- ig
- io
- is
- it
- ja
- ka
- kab
- kk
- km
- kn
- ko
- ky
- lb
- lt
- lv
- mk
- ml
- mn
- mr
- ms
- my
- nb
- ne
- nl
- nn
- os
- pa
- pl
- pt
- pt-br
- ro
- ru
- sk
- sl
- sq
- sr
- sr-latn
- sv
- sw
- ta
- te
- tg
- th
- tk
- tr
- tt
- udm
- ug
- uk
- ur
- uz
- vi
- zh-hans
- zh-hant
tags:
- schema
security:
- authentik: []
- {}
responses:
'200':
content:
application/vnd.oai.openapi:
schema:
type: object
additionalProperties: {}
application/yaml:
schema:
type: object
additionalProperties: {}
application/vnd.oai.openapi+json:
schema:
type: object
additionalProperties: {}
application/json:
schema:
type: object
additionalProperties: {}
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/all/:
get:
operationId: sources_all_list
description: Source Viewset
parameters:
- in: query
name: managed
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: pbm_uuid
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: slug
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSourceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/all/{slug}/:
get:
operationId: sources_all_retrieve
description: Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Source'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_all_destroy
description: Prevent deletion of built-in sources
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/all/{slug}/set_icon/:
post:
operationId: sources_all_set_icon_create
description: Set source icon
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
multipart/form-data:
schema:
$ref: '#/components/schemas/FileUploadRequest'
security:
- authentik: []
responses:
'200':
description: Success
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/all/{slug}/set_icon_url/:
post:
operationId: sources_all_set_icon_url_create
description: Set source icon (as URL)
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/FilePathRequest'
required: true
security:
- authentik: []
responses:
'200':
description: Success
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/all/{slug}/used_by/:
get:
operationId: sources_all_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/all/types/:
get:
operationId: sources_all_types_list
description: Get all creatable types
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/TypeCreate'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/all/user_settings/:
get:
operationId: sources_all_user_settings_list
description: Get all sources the user can configure
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UserSetting'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/all/:
get:
operationId: sources_group_connections_all_list
description: Group-source connection Viewset
parameters:
- in: query
name: group
schema:
type: string
format: uuid
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGroupSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/all/{id}/:
get:
operationId: sources_group_connections_all_retrieve
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this group source connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_group_connections_all_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this group source connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_group_connections_all_partial_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this group source connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedGroupSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_group_connections_all_destroy
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this group source connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/all/{id}/used_by/:
get:
operationId: sources_group_connections_all_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this group source connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/kerberos/:
get:
operationId: sources_group_connections_kerberos_list
description: Group-source connection Viewset
parameters:
- in: query
name: group
schema:
type: string
format: uuid
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGroupKerberosSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_group_connections_kerberos_create
description: Group-source connection Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupKerberosSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupKerberosSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/kerberos/{id}/:
get:
operationId: sources_group_connections_kerberos_retrieve
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group Kerberos Source
Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupKerberosSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_group_connections_kerberos_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group Kerberos Source
Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupKerberosSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupKerberosSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_group_connections_kerberos_partial_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group Kerberos Source
Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedGroupKerberosSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupKerberosSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_group_connections_kerberos_destroy
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group Kerberos Source
Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/kerberos/{id}/used_by/:
get:
operationId: sources_group_connections_kerberos_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group Kerberos Source
Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/ldap/:
get:
operationId: sources_group_connections_ldap_list
description: Group-source connection Viewset
parameters:
- in: query
name: group
schema:
type: string
format: uuid
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGroupLDAPSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_group_connections_ldap_create
description: Group-source connection Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupLDAPSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupLDAPSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/ldap/{id}/:
get:
operationId: sources_group_connections_ldap_retrieve
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group LDAP Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupLDAPSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_group_connections_ldap_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group LDAP Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupLDAPSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupLDAPSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_group_connections_ldap_partial_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group LDAP Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedGroupLDAPSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupLDAPSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_group_connections_ldap_destroy
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group LDAP Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/ldap/{id}/used_by/:
get:
operationId: sources_group_connections_ldap_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group LDAP Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/oauth/:
get:
operationId: sources_group_connections_oauth_list
description: Group-source connection Viewset
parameters:
- in: query
name: group
schema:
type: string
format: uuid
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGroupOAuthSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_group_connections_oauth_create
description: Group-source connection Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupOAuthSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupOAuthSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/oauth/{id}/:
get:
operationId: sources_group_connections_oauth_retrieve
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group OAuth Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupOAuthSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_group_connections_oauth_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group OAuth Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupOAuthSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupOAuthSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_group_connections_oauth_partial_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group OAuth Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedGroupOAuthSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupOAuthSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_group_connections_oauth_destroy
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group OAuth Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/oauth/{id}/used_by/:
get:
operationId: sources_group_connections_oauth_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group OAuth Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/plex/:
get:
operationId: sources_group_connections_plex_list
description: Group-source connection Viewset
parameters:
- in: query
name: group
schema:
type: string
format: uuid
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGroupPlexSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_group_connections_plex_create
description: Group-source connection Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupPlexSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupPlexSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/plex/{id}/:
get:
operationId: sources_group_connections_plex_retrieve
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group Plex Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupPlexSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_group_connections_plex_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group Plex Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupPlexSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupPlexSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_group_connections_plex_partial_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group Plex Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedGroupPlexSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupPlexSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_group_connections_plex_destroy
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group Plex Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/plex/{id}/used_by/:
get:
operationId: sources_group_connections_plex_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group Plex Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/saml/:
get:
operationId: sources_group_connections_saml_list
description: Group-source connection Viewset
parameters:
- in: query
name: group
schema:
type: string
format: uuid
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedGroupSAMLSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_group_connections_saml_create
description: Group-source connection Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupSAMLSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupSAMLSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/saml/{id}/:
get:
operationId: sources_group_connections_saml_retrieve
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group SAML Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupSAMLSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_group_connections_saml_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group SAML Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GroupSAMLSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupSAMLSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_group_connections_saml_partial_update
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group SAML Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedGroupSAMLSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/GroupSAMLSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_group_connections_saml_destroy
description: Group-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group SAML Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/group_connections/saml/{id}/used_by/:
get:
operationId: sources_group_connections_saml_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Group SAML Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/kerberos/:
get:
operationId: sources_kerberos_list
description: Kerberos Source Viewset
parameters:
- in: query
name: enabled
schema:
type: boolean
- in: query
name: kadmin_type
schema:
type: string
enum:
- Heimdal
- MIT
- other
description: |+
KAdmin server type
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: password_login_update_internal_password
schema:
type: boolean
- in: query
name: pbm_uuid
schema:
type: string
format: uuid
- in: query
name: realm
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: slug
schema:
type: string
- in: query
name: spnego_server_name
schema:
type: string
- in: query
name: sync_principal
schema:
type: string
- in: query
name: sync_users
schema:
type: boolean
- in: query
name: sync_users_password
schema:
type: boolean
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedKerberosSourceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_kerberos_create
description: Kerberos Source Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSourceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/kerberos/{slug}/:
get:
operationId: sources_kerberos_retrieve
description: Kerberos Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_kerberos_update
description: Kerberos Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSourceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_kerberos_partial_update
description: Kerberos Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedKerberosSourceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_kerberos_destroy
description: Kerberos Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/kerberos/{slug}/sync/status/:
get:
operationId: sources_kerberos_sync_status_retrieve
description: Get source's sync status
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/KerberosSyncStatus'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/kerberos/{slug}/used_by/:
get:
operationId: sources_kerberos_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/ldap/:
get:
operationId: sources_ldap_list
description: LDAP Source Viewset
parameters:
- in: query
name: additional_group_dn
schema:
type: string
- in: query
name: additional_user_dn
schema:
type: string
- in: query
name: base_dn
schema:
type: string
- in: query
name: bind_cn
schema:
type: string
- in: query
name: client_certificate
schema:
type: string
format: uuid
- in: query
name: delete_not_found_objects
schema:
type: boolean
- in: query
name: enabled
schema:
type: boolean
- in: query
name: group_membership_field
schema:
type: string
- in: query
name: group_object_filter
schema:
type: string
- in: query
name: group_property_mappings
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- in: query
name: lookup_groups_from_user
schema:
type: boolean
- in: query
name: name
schema:
type: string
- in: query
name: object_uniqueness_field
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: password_login_update_internal_password
schema:
type: boolean
- in: query
name: pbm_uuid
schema:
type: string
format: uuid
- in: query
name: peer_certificate
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: server_uri
schema:
type: string
- in: query
name: slug
schema:
type: string
- in: query
name: sni
schema:
type: boolean
- in: query
name: start_tls
schema:
type: boolean
- in: query
name: sync_groups
schema:
type: boolean
- in: query
name: sync_parent_group
schema:
type: string
format: uuid
- in: query
name: sync_users
schema:
type: boolean
- in: query
name: sync_users_password
schema:
type: boolean
- in: query
name: user_membership_attribute
schema:
type: string
- in: query
name: user_object_filter
schema:
type: string
- in: query
name: user_property_mappings
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedLDAPSourceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_ldap_create
description: LDAP Source Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSourceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/ldap/{slug}/:
get:
operationId: sources_ldap_retrieve
description: LDAP Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_ldap_update
description: LDAP Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSourceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_ldap_partial_update
description: LDAP Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedLDAPSourceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_ldap_destroy
description: LDAP Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/ldap/{slug}/debug/:
get:
operationId: sources_ldap_debug_retrieve
description: Get raw LDAP data to debug
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/LDAPDebug'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/ldap/{slug}/sync/status/:
get:
operationId: sources_ldap_sync_status_retrieve
description: Get source's sync status
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SyncStatus'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/ldap/{slug}/used_by/:
get:
operationId: sources_ldap_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/oauth/:
get:
operationId: sources_oauth_list
description: Source Viewset
parameters:
- in: query
name: access_token_url
schema:
type: string
- in: query
name: additional_scopes
schema:
type: string
- in: query
name: authentication_flow
schema:
type: string
format: uuid
- in: query
name: authorization_url
schema:
type: string
- in: query
name: consumer_key
schema:
type: string
- in: query
name: enabled
schema:
type: boolean
- in: query
name: enrollment_flow
schema:
type: string
format: uuid
- in: query
name: group_matching_mode
schema:
type: string
enum:
- identifier
- name_deny
- name_link
description: |+
How the source determines if an existing group should be used or a new group created.
- in: query
name: has_jwks
schema:
type: boolean
description: Only return sources with JWKS data
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: pbm_uuid
schema:
type: string
format: uuid
- in: query
name: policy_engine_mode
schema:
type: string
enum:
- all
- any
- in: query
name: profile_url
schema:
type: string
- in: query
name: provider_type
schema:
type: string
- in: query
name: request_token_url
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: slug
schema:
type: string
- in: query
name: user_matching_mode
schema:
type: string
enum:
- email_deny
- email_link
- identifier
- username_deny
- username_link
description: |+
How the source determines if an existing user should be authenticated or a new user enrolled.
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedOAuthSourceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_oauth_create
description: Source Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSourceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/oauth/{slug}/:
get:
operationId: sources_oauth_retrieve
description: Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_oauth_update
description: Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSourceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_oauth_partial_update
description: Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedOAuthSourceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/OAuthSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_oauth_destroy
description: Source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/oauth/{slug}/used_by/:
get:
operationId: sources_oauth_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/oauth/source_types/:
get:
operationId: sources_oauth_source_types_list
description: |-
Get all creatable source types. If ?name is set, only returns the type for <name>.
If <name> isn't found, returns the default type.
parameters:
- in: query
name: name
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/SourceType'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/plex/:
get:
operationId: sources_plex_list
description: Plex source Viewset
parameters:
- in: query
name: allow_friends
schema:
type: boolean
- in: query
name: authentication_flow
schema:
type: string
format: uuid
- in: query
name: client_id
schema:
type: string
- in: query
name: enabled
schema:
type: boolean
- in: query
name: enrollment_flow
schema:
type: string
format: uuid
- in: query
name: group_matching_mode
schema:
type: string
enum:
- identifier
- name_deny
- name_link
description: |+
How the source determines if an existing group should be used or a new group created.
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: pbm_uuid
schema:
type: string
format: uuid
- in: query
name: policy_engine_mode
schema:
type: string
enum:
- all
- any
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: slug
schema:
type: string
- in: query
name: user_matching_mode
schema:
type: string
enum:
- email_deny
- email_link
- identifier
- username_deny
- username_link
description: |+
How the source determines if an existing user should be authenticated or a new user enrolled.
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedPlexSourceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_plex_create
description: Plex source Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSourceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/plex/{slug}/:
get:
operationId: sources_plex_retrieve
description: Plex source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_plex_update
description: Plex source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSourceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_plex_partial_update
description: Plex source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedPlexSourceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PlexSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_plex_destroy
description: Plex source Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/plex/{slug}/used_by/:
get:
operationId: sources_plex_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/plex/redeem_token/:
post:
operationId: sources_plex_redeem_token_create
description: |-
Redeem a plex token, check it's access to resources against what's allowed
for the source, and redirect to an authentication/enrollment flow.
parameters:
- in: query
name: slug
schema:
type: string
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PlexTokenRedeemRequest'
required: true
security:
- authentik: []
- {}
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RedirectChallenge'
description: ''
'400':
description: Token not found
'403':
description: Access denied
/sources/plex/redeem_token_authenticated/:
post:
operationId: sources_plex_redeem_token_authenticated_create
description: Redeem a plex token for an authenticated user, creating a connection
parameters:
- in: query
name: slug
schema:
type: string
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PlexTokenRedeemRequest'
required: true
security:
- authentik: []
responses:
'204':
description: No response body
'400':
description: Token not found
'403':
description: Access denied
/sources/saml/:
get:
operationId: sources_saml_list
description: SAMLSource Viewset
parameters:
- in: query
name: allow_idp_initiated
schema:
type: boolean
- in: query
name: authentication_flow
schema:
type: string
format: uuid
- in: query
name: binding_type
schema:
type: string
enum:
- POST
- POST_AUTO
- REDIRECT
- in: query
name: digest_algorithm
schema:
type: string
enum:
- http://www.w3.org/2000/09/xmldsig#sha1
- http://www.w3.org/2001/04/xmldsig-more#sha384
- http://www.w3.org/2001/04/xmlenc#sha256
- http://www.w3.org/2001/04/xmlenc#sha512
- in: query
name: enabled
schema:
type: boolean
- in: query
name: enrollment_flow
schema:
type: string
format: uuid
- in: query
name: issuer
schema:
type: string
- in: query
name: managed
schema:
type: string
- in: query
name: name
schema:
type: string
- in: query
name: name_id_policy
schema:
type: string
enum:
- urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
- urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
description: |+
NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: pbm_uuid
schema:
type: string
format: uuid
- in: query
name: policy_engine_mode
schema:
type: string
enum:
- all
- any
- in: query
name: pre_authentication_flow
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: signature_algorithm
schema:
type: string
enum:
- http://www.w3.org/2000/09/xmldsig#dsa-sha1
- http://www.w3.org/2000/09/xmldsig#rsa-sha1
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
- in: query
name: signing_kp
schema:
type: string
format: uuid
- in: query
name: slo_url
schema:
type: string
- in: query
name: slug
schema:
type: string
- in: query
name: sso_url
schema:
type: string
- in: query
name: temporary_user_delete_after
schema:
type: string
- in: query
name: user_matching_mode
schema:
type: string
enum:
- email_deny
- email_link
- identifier
- username_deny
- username_link
description: |+
How the source determines if an existing user should be authenticated or a new user enrolled.
- in: query
name: verification_kp
schema:
type: string
format: uuid
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSAMLSourceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_saml_create
description: SAMLSource Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSourceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/saml/{slug}/:
get:
operationId: sources_saml_retrieve
description: SAMLSource Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_saml_update
description: SAMLSource Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSourceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_saml_partial_update
description: SAMLSource Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSAMLSourceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_saml_destroy
description: SAMLSource Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/saml/{slug}/metadata/:
get:
operationId: sources_saml_metadata_retrieve
description: Return metadata as XML string
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SAMLMetadata'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/saml/{slug}/used_by/:
get:
operationId: sources_saml_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/scim/:
get:
operationId: sources_scim_list
description: SCIMSource Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: pbm_uuid
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: slug
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSCIMSourceList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_scim_create
description: SCIMSource Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/scim/{slug}/:
get:
operationId: sources_scim_retrieve
description: SCIMSource Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_scim_update
description: SCIMSource Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_scim_partial_update
description: SCIMSource Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSCIMSourceRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSource'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_scim_destroy
description: SCIMSource Viewset
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/scim/{slug}/used_by/:
get:
operationId: sources_scim_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: slug
schema:
type: string
description: Internal source name, used in URLs.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/scim_groups/:
get:
operationId: sources_scim_groups_list
description: SCIMSourceGroup Viewset
parameters:
- in: query
name: group__group_uuid
schema:
type: string
format: uuid
- in: query
name: group__name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSCIMSourceGroupList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_scim_groups_create
description: SCIMSourceGroup Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceGroupRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/scim_groups/{id}/:
get:
operationId: sources_scim_groups_retrieve
description: SCIMSourceGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
description: A unique value identifying this scim source group.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_scim_groups_update
description: SCIMSourceGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
description: A unique value identifying this scim source group.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceGroupRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_scim_groups_partial_update
description: SCIMSourceGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
description: A unique value identifying this scim source group.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSCIMSourceGroupRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_scim_groups_destroy
description: SCIMSourceGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
description: A unique value identifying this scim source group.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/scim_groups/{id}/used_by/:
get:
operationId: sources_scim_groups_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: string
description: A unique value identifying this scim source group.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/scim_users/:
get:
operationId: sources_scim_users_list
description: SCIMSourceUser Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
- in: query
name: user__id
schema:
type: integer
- in: query
name: user__username
schema:
type: string
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSCIMSourceUserList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_scim_users_create
description: SCIMSourceUser Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceUserRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/scim_users/{id}/:
get:
operationId: sources_scim_users_retrieve
description: SCIMSourceUser Viewset
parameters:
- in: path
name: id
schema:
type: string
description: A unique value identifying this scim source user.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_scim_users_update
description: SCIMSourceUser Viewset
parameters:
- in: path
name: id
schema:
type: string
description: A unique value identifying this scim source user.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceUserRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_scim_users_partial_update
description: SCIMSourceUser Viewset
parameters:
- in: path
name: id
schema:
type: string
description: A unique value identifying this scim source user.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSCIMSourceUserRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMSourceUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_scim_users_destroy
description: SCIMSourceUser Viewset
parameters:
- in: path
name: id
schema:
type: string
description: A unique value identifying this scim source user.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/scim_users/{id}/used_by/:
get:
operationId: sources_scim_users_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: string
description: A unique value identifying this scim source user.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/all/:
get:
operationId: sources_user_connections_all_list
description: User-source connection Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
- in: query
name: user
schema:
type: integer
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/all/{id}/:
get:
operationId: sources_user_connections_all_retrieve
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user source connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_user_connections_all_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user source connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_user_connections_all_partial_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user source connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_user_connections_all_destroy
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user source connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/all/{id}/used_by/:
get:
operationId: sources_user_connections_all_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this user source connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/kerberos/:
get:
operationId: sources_user_connections_kerberos_list
description: User-source connection Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
- in: query
name: user
schema:
type: integer
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserKerberosSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_user_connections_kerberos_create
description: User-source connection Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserKerberosSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/UserKerberosSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/kerberos/{id}/:
get:
operationId: sources_user_connections_kerberos_retrieve
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Kerberos Source
Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserKerberosSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_user_connections_kerberos_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Kerberos Source
Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserKerberosSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserKerberosSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_user_connections_kerberos_partial_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Kerberos Source
Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserKerberosSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserKerberosSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_user_connections_kerberos_destroy
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Kerberos Source
Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/kerberos/{id}/used_by/:
get:
operationId: sources_user_connections_kerberos_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Kerberos Source
Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/ldap/:
get:
operationId: sources_user_connections_ldap_list
description: User-source connection Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
- in: query
name: user
schema:
type: integer
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserLDAPSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_user_connections_ldap_create
description: User-source connection Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserLDAPSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLDAPSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/ldap/{id}/:
get:
operationId: sources_user_connections_ldap_retrieve
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User LDAP Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLDAPSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_user_connections_ldap_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User LDAP Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserLDAPSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLDAPSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_user_connections_ldap_partial_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User LDAP Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserLDAPSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLDAPSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_user_connections_ldap_destroy
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User LDAP Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/ldap/{id}/used_by/:
get:
operationId: sources_user_connections_ldap_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User LDAP Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/oauth/:
get:
operationId: sources_user_connections_oauth_list
description: User-source connection Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
- in: query
name: user
schema:
type: integer
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserOAuthSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_user_connections_oauth_create
description: User-source connection Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/UserOAuthSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/oauth/{id}/:
get:
operationId: sources_user_connections_oauth_retrieve
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User OAuth Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserOAuthSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_user_connections_oauth_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User OAuth Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserOAuthSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_user_connections_oauth_partial_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User OAuth Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserOAuthSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_user_connections_oauth_destroy
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User OAuth Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/oauth/{id}/used_by/:
get:
operationId: sources_user_connections_oauth_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User OAuth Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/plex/:
get:
operationId: sources_user_connections_plex_list
description: User-source connection Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
- in: query
name: user
schema:
type: integer
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserPlexSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_user_connections_plex_create
description: User-source connection Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserPlexSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/UserPlexSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/plex/{id}/:
get:
operationId: sources_user_connections_plex_retrieve
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Plex Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserPlexSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_user_connections_plex_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Plex Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserPlexSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserPlexSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_user_connections_plex_partial_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Plex Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserPlexSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserPlexSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_user_connections_plex_destroy
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Plex Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/plex/{id}/used_by/:
get:
operationId: sources_user_connections_plex_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User Plex Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/saml/:
get:
operationId: sources_user_connections_saml_list
description: User-source connection Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source__slug
schema:
type: string
- in: query
name: user
schema:
type: integer
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserSAMLSourceConnectionList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: sources_user_connections_saml_create
description: User-source connection Viewset
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/UserSAMLSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/saml/{id}/:
get:
operationId: sources_user_connections_saml_retrieve
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User SAML Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserSAMLSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: sources_user_connections_saml_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User SAML Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserSAMLSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: sources_user_connections_saml_partial_update
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User SAML Source Connection.
required: true
tags:
- sources
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserSAMLSourceConnectionRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserSAMLSourceConnection'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: sources_user_connections_saml_destroy
description: User-source connection Viewset
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User SAML Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/sources/user_connections/saml/{id}/used_by/:
get:
operationId: sources_user_connections_saml_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this User SAML Source Connection.
required: true
tags:
- sources
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/ssf/streams/:
get:
operationId: ssf_streams_list
description: SSFStream Viewset
parameters:
- in: query
name: delivery_method
schema:
type: string
enum:
- https://schemas.openid.net/secevent/risc/delivery-method/poll
- https://schemas.openid.net/secevent/risc/delivery-method/push
- in: query
name: endpoint_url
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- ssf
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSSFStreamList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/ssf/streams/{uuid}/:
get:
operationId: ssf_streams_retrieve
description: SSFStream Viewset
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SSF Stream.
required: true
tags:
- ssf
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SSFStream'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/all/:
get:
operationId: stages_all_list
description: Stage Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/all/{stage_uuid}/:
get:
operationId: stages_all_retrieve
description: Stage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Stage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_all_destroy
description: Stage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/all/{stage_uuid}/used_by/:
get:
operationId: stages_all_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/all/types/:
get:
operationId: stages_all_types_list
description: Get all creatable types
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/TypeCreate'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/all/user_settings/:
get:
operationId: stages_all_user_settings_list
description: Get all stages the user can configure
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UserSetting'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/duo/:
get:
operationId: stages_authenticator_duo_list
description: AuthenticatorDuoStage Viewset
parameters:
- in: query
name: api_hostname
schema:
type: string
- in: query
name: client_id
schema:
type: string
- in: query
name: configure_flow
schema:
type: string
format: uuid
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedAuthenticatorDuoStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_authenticator_duo_create
description: AuthenticatorDuoStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorDuoStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorDuoStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/duo/{stage_uuid}/:
get:
operationId: stages_authenticator_duo_retrieve
description: AuthenticatorDuoStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Duo Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorDuoStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_authenticator_duo_update
description: AuthenticatorDuoStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Duo Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorDuoStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorDuoStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_authenticator_duo_partial_update
description: AuthenticatorDuoStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Duo Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedAuthenticatorDuoStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorDuoStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_authenticator_duo_destroy
description: AuthenticatorDuoStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Duo Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/duo/{stage_uuid}/enrollment_status/:
post:
operationId: stages_authenticator_duo_enrollment_status_create
description: Check enrollment status of user details in current session
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Duo Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DuoDeviceEnrollmentStatus'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/duo/{stage_uuid}/import_device_manual/:
post:
operationId: stages_authenticator_duo_import_device_manual_create
description: Import duo devices into authentik
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Duo Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorDuoStageManualDeviceImportRequest'
required: true
security:
- authentik: []
responses:
'204':
description: Enrollment successful
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/duo/{stage_uuid}/import_devices_automatic/:
post:
operationId: stages_authenticator_duo_import_devices_automatic_create
description: Import duo devices into authentik
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Duo Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorDuoStageDeviceImportResponse'
description: ''
'400':
description: Bad request
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/duo/{stage_uuid}/used_by/:
get:
operationId: stages_authenticator_duo_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Duo Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/email/:
get:
operationId: stages_authenticator_email_list
description: AuthenticatorEmailStage Viewset
parameters:
- in: query
name: configure_flow
schema:
type: string
format: uuid
- in: query
name: friendly_name
schema:
type: string
- in: query
name: from_address
schema:
type: string
- in: query
name: host
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: password
schema:
type: string
- in: query
name: port
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
- in: query
name: subject
schema:
type: string
- in: query
name: template
schema:
type: string
- in: query
name: timeout
schema:
type: integer
- in: query
name: token_expiry
schema:
type: string
- in: query
name: use_global_settings
schema:
type: boolean
- in: query
name: use_ssl
schema:
type: boolean
- in: query
name: use_tls
schema:
type: boolean
- in: query
name: username
schema:
type: string
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedAuthenticatorEmailStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_authenticator_email_create
description: AuthenticatorEmailStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEmailStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEmailStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/email/{stage_uuid}/:
get:
operationId: stages_authenticator_email_retrieve
description: AuthenticatorEmailStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Email Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEmailStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_authenticator_email_update
description: AuthenticatorEmailStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Email Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEmailStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEmailStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_authenticator_email_partial_update
description: AuthenticatorEmailStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Email Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedAuthenticatorEmailStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEmailStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_authenticator_email_destroy
description: AuthenticatorEmailStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Email Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/email/{stage_uuid}/used_by/:
get:
operationId: stages_authenticator_email_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Email Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/endpoint_gdtc/:
get:
operationId: stages_authenticator_endpoint_gdtc_list
description: AuthenticatorEndpointGDTCStage Viewset
parameters:
- in: query
name: configure_flow
schema:
type: string
format: uuid
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedAuthenticatorEndpointGDTCStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_authenticator_endpoint_gdtc_create
description: AuthenticatorEndpointGDTCStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/endpoint_gdtc/{stage_uuid}/:
get:
operationId: stages_authenticator_endpoint_gdtc_retrieve
description: AuthenticatorEndpointGDTCStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Endpoint Authenticator Google
Device Trust Connector Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_authenticator_endpoint_gdtc_update
description: AuthenticatorEndpointGDTCStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Endpoint Authenticator Google
Device Trust Connector Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_authenticator_endpoint_gdtc_partial_update
description: AuthenticatorEndpointGDTCStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Endpoint Authenticator Google
Device Trust Connector Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedAuthenticatorEndpointGDTCStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_authenticator_endpoint_gdtc_destroy
description: AuthenticatorEndpointGDTCStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Endpoint Authenticator Google
Device Trust Connector Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/endpoint_gdtc/{stage_uuid}/used_by/:
get:
operationId: stages_authenticator_endpoint_gdtc_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Endpoint Authenticator Google
Device Trust Connector Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/sms/:
get:
operationId: stages_authenticator_sms_list
description: AuthenticatorSMSStage Viewset
parameters:
- in: query
name: account_sid
schema:
type: string
- in: query
name: auth
schema:
type: string
- in: query
name: auth_password
schema:
type: string
- in: query
name: auth_type
schema:
type: string
enum:
- basic
- bearer
- in: query
name: configure_flow
schema:
type: string
format: uuid
- in: query
name: friendly_name
schema:
type: string
- in: query
name: from_number
schema:
type: string
- in: query
name: mapping
schema:
type: string
format: uuid
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider
schema:
type: string
enum:
- generic
- twilio
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
- in: query
name: verify_only
schema:
type: boolean
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedAuthenticatorSMSStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_authenticator_sms_create
description: AuthenticatorSMSStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorSMSStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorSMSStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/sms/{stage_uuid}/:
get:
operationId: stages_authenticator_sms_retrieve
description: AuthenticatorSMSStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SMS Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorSMSStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_authenticator_sms_update
description: AuthenticatorSMSStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SMS Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorSMSStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorSMSStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_authenticator_sms_partial_update
description: AuthenticatorSMSStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SMS Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedAuthenticatorSMSStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorSMSStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_authenticator_sms_destroy
description: AuthenticatorSMSStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SMS Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/sms/{stage_uuid}/used_by/:
get:
operationId: stages_authenticator_sms_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this SMS Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/static/:
get:
operationId: stages_authenticator_static_list
description: AuthenticatorStaticStage Viewset
parameters:
- in: query
name: configure_flow
schema:
type: string
format: uuid
- in: query
name: friendly_name
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
- in: query
name: token_count
schema:
type: integer
- in: query
name: token_length
schema:
type: integer
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedAuthenticatorStaticStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_authenticator_static_create
description: AuthenticatorStaticStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorStaticStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorStaticStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/static/{stage_uuid}/:
get:
operationId: stages_authenticator_static_retrieve
description: AuthenticatorStaticStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Static Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorStaticStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_authenticator_static_update
description: AuthenticatorStaticStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Static Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorStaticStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorStaticStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_authenticator_static_partial_update
description: AuthenticatorStaticStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Static Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorStaticStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_authenticator_static_destroy
description: AuthenticatorStaticStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Static Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/static/{stage_uuid}/used_by/:
get:
operationId: stages_authenticator_static_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Static Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/totp/:
get:
operationId: stages_authenticator_totp_list
description: AuthenticatorTOTPStage Viewset
parameters:
- in: query
name: configure_flow
schema:
type: string
format: uuid
- in: query
name: digits
schema:
type: string
enum:
- '6'
- '8'
- in: query
name: friendly_name
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_authenticator_totp_create
description: AuthenticatorTOTPStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorTOTPStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/totp/{stage_uuid}/:
get:
operationId: stages_authenticator_totp_retrieve
description: AuthenticatorTOTPStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this TOTP Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorTOTPStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_authenticator_totp_update
description: AuthenticatorTOTPStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this TOTP Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorTOTPStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_authenticator_totp_partial_update
description: AuthenticatorTOTPStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this TOTP Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorTOTPStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_authenticator_totp_destroy
description: AuthenticatorTOTPStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this TOTP Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/totp/{stage_uuid}/used_by/:
get:
operationId: stages_authenticator_totp_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this TOTP Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/validate/:
get:
operationId: stages_authenticator_validate_list
description: AuthenticatorValidateStage Viewset
parameters:
- in: query
name: configuration_stages
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- in: query
name: name
schema:
type: string
- in: query
name: not_configured_action
schema:
type: string
enum:
- configure
- deny
- skip
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_authenticator_validate_create
description: AuthenticatorValidateStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorValidateStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorValidateStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/validate/{stage_uuid}/:
get:
operationId: stages_authenticator_validate_retrieve
description: AuthenticatorValidateStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Authenticator Validation Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorValidateStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_authenticator_validate_update
description: AuthenticatorValidateStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Authenticator Validation Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorValidateStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorValidateStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_authenticator_validate_partial_update
description: AuthenticatorValidateStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Authenticator Validation Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorValidateStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_authenticator_validate_destroy
description: AuthenticatorValidateStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Authenticator Validation Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/validate/{stage_uuid}/used_by/:
get:
operationId: stages_authenticator_validate_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Authenticator Validation Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/webauthn/:
get:
operationId: stages_authenticator_webauthn_list
description: AuthenticatorWebAuthnStage Viewset
parameters:
- in: query
name: authenticator_attachment
schema:
type: string
nullable: true
enum:
- cross-platform
- platform
- in: query
name: configure_flow
schema:
type: string
format: uuid
- in: query
name: device_type_restrictions
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- in: query
name: friendly_name
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: resident_key_requirement
schema:
type: string
enum:
- discouraged
- preferred
- required
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
- in: query
name: user_verification
schema:
type: string
enum:
- discouraged
- preferred
- required
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedAuthenticatorWebAuthnStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_authenticator_webauthn_create
description: AuthenticatorWebAuthnStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorWebAuthnStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/webauthn/{stage_uuid}/:
get:
operationId: stages_authenticator_webauthn_retrieve
description: AuthenticatorWebAuthnStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_authenticator_webauthn_update
description: AuthenticatorWebAuthnStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorWebAuthnStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_authenticator_webauthn_partial_update
description: AuthenticatorWebAuthnStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedAuthenticatorWebAuthnStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_authenticator_webauthn_destroy
description: AuthenticatorWebAuthnStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/webauthn/{stage_uuid}/used_by/:
get:
operationId: stages_authenticator_webauthn_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/webauthn_device_types/:
get:
operationId: stages_authenticator_webauthn_device_types_list
description: WebAuthnDeviceType Viewset
parameters:
- in: query
name: aaguid
schema:
type: string
format: uuid
- in: query
name: description
schema:
type: string
- in: query
name: icon
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedWebAuthnDeviceTypeList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/authenticator/webauthn_device_types/{aaguid}/:
get:
operationId: stages_authenticator_webauthn_device_types_retrieve
description: WebAuthnDeviceType Viewset
parameters:
- in: path
name: aaguid
schema:
type: string
format: uuid
description: A UUID string identifying this WebAuthn Device type.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/WebAuthnDeviceType'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/captcha/:
get:
operationId: stages_captcha_list
description: CaptchaStage Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: public_key
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedCaptchaStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_captcha_create
description: CaptchaStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CaptchaStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/CaptchaStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/captcha/{stage_uuid}/:
get:
operationId: stages_captcha_retrieve
description: CaptchaStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Captcha Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/CaptchaStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_captcha_update
description: CaptchaStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Captcha Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CaptchaStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/CaptchaStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_captcha_partial_update
description: CaptchaStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Captcha Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedCaptchaStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/CaptchaStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_captcha_destroy
description: CaptchaStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Captcha Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/captcha/{stage_uuid}/used_by/:
get:
operationId: stages_captcha_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Captcha Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/consent/:
get:
operationId: stages_consent_list
description: ConsentStage Viewset
parameters:
- in: query
name: consent_expire_in
schema:
type: string
- in: query
name: mode
schema:
type: string
enum:
- always_require
- expiring
- permanent
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedConsentStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_consent_create
description: ConsentStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ConsentStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/ConsentStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/consent/{stage_uuid}/:
get:
operationId: stages_consent_retrieve
description: ConsentStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Consent Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ConsentStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_consent_update
description: ConsentStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Consent Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ConsentStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ConsentStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_consent_partial_update
description: ConsentStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Consent Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedConsentStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/ConsentStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_consent_destroy
description: ConsentStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Consent Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/consent/{stage_uuid}/used_by/:
get:
operationId: stages_consent_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Consent Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/deny/:
get:
operationId: stages_deny_list
description: DenyStage Viewset
parameters:
- in: query
name: deny_message
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedDenyStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_deny_create
description: DenyStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DenyStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/DenyStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/deny/{stage_uuid}/:
get:
operationId: stages_deny_retrieve
description: DenyStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Deny Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DenyStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_deny_update
description: DenyStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Deny Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DenyStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DenyStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_deny_partial_update
description: DenyStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Deny Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedDenyStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DenyStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_deny_destroy
description: DenyStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Deny Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/deny/{stage_uuid}/used_by/:
get:
operationId: stages_deny_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Deny Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/dummy/:
get:
operationId: stages_dummy_list
description: DummyStage Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
- in: query
name: throw_error
schema:
type: boolean
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedDummyStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_dummy_create
description: DummyStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DummyStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/DummyStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/dummy/{stage_uuid}/:
get:
operationId: stages_dummy_retrieve
description: DummyStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Dummy Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DummyStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_dummy_update
description: DummyStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Dummy Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DummyStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DummyStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_dummy_partial_update
description: DummyStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Dummy Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedDummyStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/DummyStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_dummy_destroy
description: DummyStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Dummy Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/dummy/{stage_uuid}/used_by/:
get:
operationId: stages_dummy_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Dummy Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/email/:
get:
operationId: stages_email_list
description: EmailStage Viewset
parameters:
- in: query
name: activate_user_on_success
schema:
type: boolean
- in: query
name: from_address
schema:
type: string
- in: query
name: host
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: port
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: subject
schema:
type: string
- in: query
name: template
schema:
type: string
- in: query
name: timeout
schema:
type: integer
- in: query
name: token_expiry
schema:
type: string
- in: query
name: use_global_settings
schema:
type: boolean
- in: query
name: use_ssl
schema:
type: boolean
- in: query
name: use_tls
schema:
type: boolean
- in: query
name: username
schema:
type: string
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedEmailStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_email_create
description: EmailStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EmailStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/EmailStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/email/{stage_uuid}/:
get:
operationId: stages_email_retrieve
description: EmailStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Email Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EmailStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_email_update
description: EmailStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Email Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EmailStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EmailStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_email_partial_update
description: EmailStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Email Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedEmailStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/EmailStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_email_destroy
description: EmailStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Email Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/email/{stage_uuid}/used_by/:
get:
operationId: stages_email_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Email Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/email/templates/:
get:
operationId: stages_email_templates_list
description: Get all available templates, including custom templates
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/TypeCreate'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/identification/:
get:
operationId: stages_identification_list
description: IdentificationStage Viewset
parameters:
- in: query
name: captcha_stage
schema:
type: string
format: uuid
- in: query
name: case_insensitive_matching
schema:
type: boolean
- in: query
name: enrollment_flow
schema:
type: string
format: uuid
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: password_stage
schema:
type: string
format: uuid
- in: query
name: passwordless_flow
schema:
type: string
format: uuid
- in: query
name: recovery_flow
schema:
type: string
format: uuid
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: show_matched_user
schema:
type: boolean
- in: query
name: show_source_labels
schema:
type: boolean
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedIdentificationStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_identification_create
description: IdentificationStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/IdentificationStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/IdentificationStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/identification/{stage_uuid}/:
get:
operationId: stages_identification_retrieve
description: IdentificationStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Identification Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/IdentificationStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_identification_update
description: IdentificationStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Identification Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/IdentificationStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/IdentificationStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_identification_partial_update
description: IdentificationStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Identification Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedIdentificationStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/IdentificationStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_identification_destroy
description: IdentificationStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Identification Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/identification/{stage_uuid}/used_by/:
get:
operationId: stages_identification_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Identification Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/invitation/invitations/:
get:
operationId: stages_invitation_invitations_list
description: Invitation Viewset
parameters:
- in: query
name: created_by__username
schema:
type: string
- in: query
name: expires
schema:
type: string
format: date-time
- in: query
name: flow__slug
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedInvitationList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_invitation_invitations_create
description: Invitation Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/InvitationRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Invitation'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/invitation/invitations/{invite_uuid}/:
get:
operationId: stages_invitation_invitations_retrieve
description: Invitation Viewset
parameters:
- in: path
name: invite_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Invitation.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Invitation'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_invitation_invitations_update
description: Invitation Viewset
parameters:
- in: path
name: invite_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Invitation.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/InvitationRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Invitation'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_invitation_invitations_partial_update
description: Invitation Viewset
parameters:
- in: path
name: invite_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Invitation.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedInvitationRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Invitation'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_invitation_invitations_destroy
description: Invitation Viewset
parameters:
- in: path
name: invite_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Invitation.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/invitation/invitations/{invite_uuid}/used_by/:
get:
operationId: stages_invitation_invitations_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: invite_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Invitation.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/invitation/stages/:
get:
operationId: stages_invitation_stages_list
description: InvitationStage Viewset
parameters:
- in: query
name: continue_flow_without_invitation
schema:
type: boolean
- in: query
name: name
schema:
type: string
- in: query
name: no_flows
schema:
type: boolean
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedInvitationStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_invitation_stages_create
description: InvitationStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/InvitationStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/InvitationStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/invitation/stages/{stage_uuid}/:
get:
operationId: stages_invitation_stages_retrieve
description: InvitationStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Invitation Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/InvitationStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_invitation_stages_update
description: InvitationStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Invitation Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/InvitationStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/InvitationStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_invitation_stages_partial_update
description: InvitationStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Invitation Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedInvitationStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/InvitationStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_invitation_stages_destroy
description: InvitationStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Invitation Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/invitation/stages/{stage_uuid}/used_by/:
get:
operationId: stages_invitation_stages_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Invitation Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/mtls/:
get:
operationId: stages_mtls_list
description: MutualTLSStage Viewset
parameters:
- in: query
name: cert_attribute
schema:
type: string
enum:
- common_name
- email
- subject
- in: query
name: certificate_authorities
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- in: query
name: mode
schema:
type: string
enum:
- optional
- required
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
- in: query
name: user_attribute
schema:
type: string
enum:
- email
- username
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedMutualTLSStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_mtls_create
description: MutualTLSStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/MutualTLSStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/MutualTLSStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/mtls/{stage_uuid}/:
get:
operationId: stages_mtls_retrieve
description: MutualTLSStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Mutual TLS Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/MutualTLSStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_mtls_update
description: MutualTLSStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Mutual TLS Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/MutualTLSStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/MutualTLSStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_mtls_partial_update
description: MutualTLSStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Mutual TLS Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedMutualTLSStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/MutualTLSStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_mtls_destroy
description: MutualTLSStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Mutual TLS Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/mtls/{stage_uuid}/used_by/:
get:
operationId: stages_mtls_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Mutual TLS Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/password/:
get:
operationId: stages_password_list
description: PasswordStage Viewset
parameters:
- in: query
name: allow_show_password
schema:
type: boolean
- in: query
name: configure_flow
schema:
type: string
format: uuid
- in: query
name: failed_attempts_before_cancel
schema:
type: integer
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedPasswordStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_password_create
description: PasswordStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/password/{stage_uuid}/:
get:
operationId: stages_password_retrieve
description: PasswordStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_password_update
description: PasswordStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_password_partial_update
description: PasswordStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedPasswordStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_password_destroy
description: PasswordStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/password/{stage_uuid}/used_by/:
get:
operationId: stages_password_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Password Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/prompt/prompts/:
get:
operationId: stages_prompt_prompts_list
description: Prompt Viewset
parameters:
- in: query
name: field_key
schema:
type: string
- in: query
name: label
schema:
type: string
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: placeholder
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: type
schema:
type: string
enum:
- ak-locale
- checkbox
- date
- date-time
- dropdown
- email
- file
- hidden
- number
- password
- radio-button-group
- separator
- static
- text
- text_area
- text_area_read_only
- text_read_only
- username
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedPromptList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_prompt_prompts_create
description: Prompt Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PromptRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Prompt'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/prompt/prompts/{prompt_uuid}/:
get:
operationId: stages_prompt_prompts_retrieve
description: Prompt Viewset
parameters:
- in: path
name: prompt_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Prompt.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Prompt'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_prompt_prompts_update
description: Prompt Viewset
parameters:
- in: path
name: prompt_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Prompt.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PromptRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Prompt'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_prompt_prompts_partial_update
description: Prompt Viewset
parameters:
- in: path
name: prompt_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Prompt.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedPromptRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Prompt'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_prompt_prompts_destroy
description: Prompt Viewset
parameters:
- in: path
name: prompt_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Prompt.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/prompt/prompts/{prompt_uuid}/used_by/:
get:
operationId: stages_prompt_prompts_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: prompt_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Prompt.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/prompt/prompts/preview/:
post:
operationId: stages_prompt_prompts_preview_create
description: Preview a prompt as a challenge, just like a flow would receive
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PromptRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PromptChallenge'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/prompt/stages/:
get:
operationId: stages_prompt_stages_list
description: PromptStage Viewset
parameters:
- in: query
name: fields
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
- in: query
name: validation_policies
schema:
type: array
items:
type: string
format: uuid
explode: true
style: form
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedPromptStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_prompt_stages_create
description: PromptStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PromptStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/PromptStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/prompt/stages/{stage_uuid}/:
get:
operationId: stages_prompt_stages_retrieve
description: PromptStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Prompt Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PromptStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_prompt_stages_update
description: PromptStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Prompt Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PromptStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PromptStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_prompt_stages_partial_update
description: PromptStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Prompt Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedPromptStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PromptStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_prompt_stages_destroy
description: PromptStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Prompt Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/prompt/stages/{stage_uuid}/used_by/:
get:
operationId: stages_prompt_stages_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Prompt Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/redirect/:
get:
operationId: stages_redirect_list
description: RedirectStage Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedRedirectStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_redirect_create
description: RedirectStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RedirectStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/RedirectStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/redirect/{stage_uuid}/:
get:
operationId: stages_redirect_retrieve
description: RedirectStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Redirect Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RedirectStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_redirect_update
description: RedirectStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Redirect Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RedirectStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RedirectStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_redirect_partial_update
description: RedirectStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Redirect Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedRedirectStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/RedirectStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_redirect_destroy
description: RedirectStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Redirect Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/redirect/{stage_uuid}/used_by/:
get:
operationId: stages_redirect_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Redirect Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/source/:
get:
operationId: stages_source_list
description: SourceStage Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: resume_timeout
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: source
schema:
type: string
format: uuid
- in: query
name: stage_uuid
schema:
type: string
format: uuid
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSourceStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_source_create
description: SourceStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SourceStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SourceStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/source/{stage_uuid}/:
get:
operationId: stages_source_retrieve
description: SourceStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Source Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SourceStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_source_update
description: SourceStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Source Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SourceStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SourceStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_source_partial_update
description: SourceStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Source Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedSourceStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SourceStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_source_destroy
description: SourceStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Source Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/source/{stage_uuid}/used_by/:
get:
operationId: stages_source_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Source Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_delete/:
get:
operationId: stages_user_delete_list
description: UserDeleteStage Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserDeleteStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_user_delete_create
description: UserDeleteStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserDeleteStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/UserDeleteStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_delete/{stage_uuid}/:
get:
operationId: stages_user_delete_retrieve
description: UserDeleteStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Delete Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserDeleteStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_user_delete_update
description: UserDeleteStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Delete Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserDeleteStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserDeleteStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_user_delete_partial_update
description: UserDeleteStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Delete Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserDeleteStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserDeleteStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_user_delete_destroy
description: UserDeleteStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Delete Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_delete/{stage_uuid}/used_by/:
get:
operationId: stages_user_delete_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Delete Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_login/:
get:
operationId: stages_user_login_list
description: UserLoginStage Viewset
parameters:
- in: query
name: geoip_binding
schema:
type: string
enum:
- bind_continent
- bind_continent_country
- bind_continent_country_city
- no_binding
description: |+
Bind sessions created by this stage to the configured GeoIP location
- in: query
name: name
schema:
type: string
- in: query
name: network_binding
schema:
type: string
enum:
- bind_asn
- bind_asn_network
- bind_asn_network_ip
- no_binding
description: |+
Bind sessions created by this stage to the configured network
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: remember_me_offset
schema:
type: string
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: session_duration
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
- in: query
name: terminate_other_sessions
schema:
type: boolean
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserLoginStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_user_login_create
description: UserLoginStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserLoginStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLoginStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_login/{stage_uuid}/:
get:
operationId: stages_user_login_retrieve
description: UserLoginStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Login Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLoginStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_user_login_update
description: UserLoginStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Login Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserLoginStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLoginStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_user_login_partial_update
description: UserLoginStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Login Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserLoginStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLoginStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_user_login_destroy
description: UserLoginStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Login Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_login/{stage_uuid}/used_by/:
get:
operationId: stages_user_login_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Login Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_logout/:
get:
operationId: stages_user_logout_list
description: UserLogoutStage Viewset
parameters:
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserLogoutStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_user_logout_create
description: UserLogoutStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserLogoutStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLogoutStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_logout/{stage_uuid}/:
get:
operationId: stages_user_logout_retrieve
description: UserLogoutStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Logout Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLogoutStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_user_logout_update
description: UserLogoutStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Logout Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserLogoutStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLogoutStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_user_logout_partial_update
description: UserLogoutStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Logout Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserLogoutStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserLogoutStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_user_logout_destroy
description: UserLogoutStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Logout Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_logout/{stage_uuid}/used_by/:
get:
operationId: stages_user_logout_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Logout Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_write/:
get:
operationId: stages_user_write_list
description: UserWriteStage Viewset
parameters:
- in: query
name: create_users_as_inactive
schema:
type: boolean
- in: query
name: create_users_group
schema:
type: string
format: uuid
- in: query
name: name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: stage_uuid
schema:
type: string
format: uuid
- in: query
name: user_creation_mode
schema:
type: string
enum:
- always_create
- create_when_required
- never_create
- in: query
name: user_path_template
schema:
type: string
- in: query
name: user_type
schema:
type: string
enum:
- external
- internal
- internal_service_account
- service_account
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedUserWriteStageList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: stages_user_write_create
description: UserWriteStage Viewset
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserWriteStageRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/UserWriteStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_write/{stage_uuid}/:
get:
operationId: stages_user_write_retrieve
description: UserWriteStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Write Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserWriteStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: stages_user_write_update
description: UserWriteStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Write Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserWriteStageRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserWriteStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: stages_user_write_partial_update
description: UserWriteStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Write Stage.
required: true
tags:
- stages
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedUserWriteStageRequest'
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/UserWriteStage'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: stages_user_write_destroy
description: UserWriteStage Viewset
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Write Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/stages/user_write/{stage_uuid}/used_by/:
get:
operationId: stages_user_write_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: stage_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this User Write Stage.
required: true
tags:
- stages
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/tenants/domains/:
get:
operationId: tenants_domains_list
description: Domain ViewSet
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- tenants
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedDomainList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: tenants_domains_create
description: Domain ViewSet
tags:
- tenants
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DomainRequest'
required: true
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Domain'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/tenants/domains/{id}/:
get:
operationId: tenants_domains_retrieve
description: Domain ViewSet
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Domain.
required: true
tags:
- tenants
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Domain'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: tenants_domains_update
description: Domain ViewSet
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Domain.
required: true
tags:
- tenants
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/DomainRequest'
required: true
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Domain'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: tenants_domains_partial_update
description: Domain ViewSet
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Domain.
required: true
tags:
- tenants
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedDomainRequest'
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Domain'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: tenants_domains_destroy
description: Domain ViewSet
parameters:
- in: path
name: id
schema:
type: integer
description: A unique integer value identifying this Domain.
required: true
tags:
- tenants
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/tenants/tenants/:
get:
operationId: tenants_tenants_list
description: Tenant Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- tenants
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedTenantList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: tenants_tenants_create
description: Tenant Viewset
tags:
- tenants
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TenantRequest'
required: true
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Tenant'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/tenants/tenants/{tenant_uuid}/:
get:
operationId: tenants_tenants_retrieve
description: Tenant Viewset
parameters:
- in: path
name: tenant_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Tenant.
required: true
tags:
- tenants
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Tenant'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
put:
operationId: tenants_tenants_update
description: Tenant Viewset
parameters:
- in: path
name: tenant_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Tenant.
required: true
tags:
- tenants
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TenantRequest'
required: true
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Tenant'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
patch:
operationId: tenants_tenants_partial_update
description: Tenant Viewset
parameters:
- in: path
name: tenant_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Tenant.
required: true
tags:
- tenants
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedTenantRequest'
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Tenant'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: tenants_tenants_destroy
description: Tenant Viewset
parameters:
- in: path
name: tenant_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Tenant.
required: true
tags:
- tenants
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/tenants/tenants/{tenant_uuid}/create_admin_group/:
post:
operationId: tenants_tenants_create_admin_group_create
description: Create admin group and add user to it.
parameters:
- in: path
name: tenant_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Tenant.
required: true
tags:
- tenants
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TenantAdminGroupRequestRequest'
required: true
responses:
'204':
description: Group created successfully.
'400':
description: Bad request
'404':
description: User not found
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/tenants/tenants/{tenant_uuid}/create_recovery_key/:
post:
operationId: tenants_tenants_create_recovery_key_create
description: Create recovery key for user.
parameters:
- in: path
name: tenant_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Tenant.
required: true
tags:
- tenants
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TenantRecoveryKeyRequestRequest'
required: true
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TenantRecoveryKeyResponse'
description: ''
'400':
description: Bad request
'404':
description: User not found
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
components:
schemas:
AccessDeniedChallenge:
type: object
description: Challenge when a flow's active stage calls `stage_invalid()`.
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-access-denied
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
error_message:
type: string
required:
- pending_user
- pending_user_avatar
AlgEnum:
enum:
- rsa
- ecdsa
type: string
App:
type: object
description: Serialize Application info
properties:
name:
type: string
label:
type: string
required:
- label
- name
AppEnum:
enum:
- authentik.tenants
- authentik.admin
- authentik.api
- authentik.crypto
- authentik.flows
- authentik.outposts
- authentik.policies.dummy
- authentik.policies.event_matcher
- authentik.policies.expiry
- authentik.policies.expression
- authentik.policies.geoip
- authentik.policies.password
- authentik.policies.reputation
- authentik.policies
- authentik.providers.ldap
- authentik.providers.oauth2
- authentik.providers.proxy
- authentik.providers.rac
- authentik.providers.radius
- authentik.providers.saml
- authentik.providers.scim
- authentik.rbac
- authentik.recovery
- authentik.sources.kerberos
- authentik.sources.ldap
- authentik.sources.oauth
- authentik.sources.plex
- authentik.sources.saml
- authentik.sources.scim
- authentik.stages.authenticator
- authentik.stages.authenticator_duo
- authentik.stages.authenticator_email
- authentik.stages.authenticator_sms
- authentik.stages.authenticator_static
- authentik.stages.authenticator_totp
- authentik.stages.authenticator_validate
- authentik.stages.authenticator_webauthn
- authentik.stages.captcha
- authentik.stages.consent
- authentik.stages.deny
- authentik.stages.dummy
- authentik.stages.email
- authentik.stages.identification
- authentik.stages.invitation
- authentik.stages.password
- authentik.stages.prompt
- authentik.stages.redirect
- authentik.stages.user_delete
- authentik.stages.user_login
- authentik.stages.user_logout
- authentik.stages.user_write
- authentik.brands
- authentik.blueprints
- authentik.core
- authentik.enterprise
- authentik.enterprise.audit
- authentik.enterprise.policies.unique_password
- authentik.enterprise.providers.google_workspace
- authentik.enterprise.providers.microsoft_entra
- authentik.enterprise.providers.ssf
- authentik.enterprise.stages.authenticator_endpoint_gdtc
- authentik.enterprise.stages.mtls
- authentik.enterprise.stages.source
- authentik.events
type: string
AppleChallengeResponseRequest:
type: object
description: Pseudo class for apple response
properties:
component:
type: string
minLength: 1
default: ak-source-oauth-apple
AppleLoginChallenge:
type: object
description: Special challenge for apple-native authentication flow, which happens
on the client.
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-source-oauth-apple
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
client_id:
type: string
scope:
type: string
redirect_uri:
type: string
state:
type: string
required:
- client_id
- redirect_uri
- scope
- state
Application:
type: object
description: Application Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pbm uuid
name:
type: string
description: Application's display Name.
slug:
type: string
description: Internal application name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
provider:
type: integer
nullable: true
provider_obj:
allOf:
- $ref: '#/components/schemas/Provider'
readOnly: true
backchannel_providers:
type: array
items:
type: integer
backchannel_providers_obj:
type: array
items:
$ref: '#/components/schemas/Provider'
readOnly: true
launch_url:
type: string
nullable: true
description: Allow formatting of launch URL
readOnly: true
open_in_new_tab:
type: boolean
description: Open launch URL in a new browser tab or window.
meta_launch_url:
type: string
format: uri
meta_icon:
type: string
nullable: true
description: |-
Get the URL to the App Icon image. If the name is /static or starts with http
it is returned as-is
readOnly: true
meta_description:
type: string
meta_publisher:
type: string
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
group:
type: string
required:
- backchannel_providers_obj
- launch_url
- meta_icon
- name
- pk
- provider_obj
- slug
ApplicationEntitlement:
type: object
description: ApplicationEntitlement Serializer
properties:
pbm_uuid:
type: string
format: uuid
readOnly: true
name:
type: string
app:
type: string
format: uuid
attributes: {}
required:
- app
- name
- pbm_uuid
ApplicationEntitlementRequest:
type: object
description: ApplicationEntitlement Serializer
properties:
name:
type: string
minLength: 1
app:
type: string
format: uuid
attributes: {}
required:
- app
- name
ApplicationRequest:
type: object
description: Application Serializer
properties:
name:
type: string
minLength: 1
description: Application's display Name.
slug:
type: string
minLength: 1
description: Internal application name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
provider:
type: integer
nullable: true
backchannel_providers:
type: array
items:
type: integer
open_in_new_tab:
type: boolean
description: Open launch URL in a new browser tab or window.
meta_launch_url:
type: string
format: uri
meta_description:
type: string
meta_publisher:
type: string
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
group:
type: string
required:
- name
- slug
AuthModeEnum:
enum:
- static
- prompt
type: string
AuthTypeEnum:
enum:
- basic
- bearer
type: string
AuthenticatedSession:
type: object
description: AuthenticatedSession Serializer
properties:
uuid:
type: string
format: uuid
current:
type: boolean
description: Check if session is currently active session
readOnly: true
user_agent:
type: object
description: Get parsed user agent
properties:
device:
type: object
description: User agent device
properties:
brand:
type: string
family:
type: string
model:
type: string
required:
- brand
- family
- model
os:
type: object
description: User agent os
properties:
family:
type: string
major:
type: string
minor:
type: string
patch:
type: string
patch_minor:
type: string
required:
- family
- major
- minor
- patch
- patch_minor
user_agent:
type: object
description: User agent browser
properties:
family:
type: string
major:
type: string
minor:
type: string
patch:
type: string
required:
- family
- major
- minor
- patch
string:
type: string
required:
- device
- os
- string
- user_agent
readOnly: true
geo_ip:
type: object
description: Get GeoIP Data
properties:
continent:
type: string
country:
type: string
lat:
type: number
format: double
long:
type: number
format: double
city:
type: string
required:
- city
- continent
- country
- lat
- long
nullable: true
readOnly: true
asn:
type: object
description: Get ASN Data
properties:
asn:
type: integer
as_org:
type: string
nullable: true
network:
type: string
nullable: true
required:
- as_org
- asn
- network
nullable: true
readOnly: true
user:
type: integer
last_ip:
type: string
readOnly: true
last_user_agent:
type: string
readOnly: true
last_used:
type: string
format: date-time
readOnly: true
expires:
type: string
format: date-time
readOnly: true
required:
- asn
- current
- expires
- geo_ip
- last_ip
- last_used
- last_user_agent
- user
- user_agent
AuthenticationEnum:
enum:
- none
- require_authenticated
- require_unauthenticated
- require_superuser
- require_redirect
- require_outpost
type: string
AuthenticatorAttachmentEnum:
enum:
- platform
- cross-platform
type: string
AuthenticatorDuoChallenge:
type: object
description: Duo Challenge
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-duo
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
activation_barcode:
type: string
activation_code:
type: string
stage_uuid:
type: string
required:
- activation_barcode
- activation_code
- pending_user
- pending_user_avatar
- stage_uuid
AuthenticatorDuoChallengeResponseRequest:
type: object
description: Pseudo class for duo response
properties:
component:
type: string
minLength: 1
default: ak-stage-authenticator-duo
AuthenticatorDuoStage:
type: object
description: AuthenticatorDuoStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
client_id:
type: string
api_hostname:
type: string
admin_integration_key:
type: string
required:
- api_hostname
- client_id
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
AuthenticatorDuoStageDeviceImportResponse:
type: object
properties:
count:
type: integer
readOnly: true
error:
type: string
readOnly: true
required:
- count
- error
AuthenticatorDuoStageManualDeviceImportRequest:
type: object
properties:
duo_user_id:
type: string
minLength: 1
username:
type: string
minLength: 1
required:
- duo_user_id
- username
AuthenticatorDuoStageRequest:
type: object
description: AuthenticatorDuoStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
client_id:
type: string
minLength: 1
client_secret:
type: string
writeOnly: true
minLength: 1
api_hostname:
type: string
minLength: 1
admin_integration_key:
type: string
admin_secret_key:
type: string
writeOnly: true
required:
- api_hostname
- client_id
- client_secret
- name
AuthenticatorEmailChallenge:
type: object
description: Authenticator Email Setup challenge
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-email
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
email:
type: string
nullable: true
email_required:
type: boolean
default: true
required:
- pending_user
- pending_user_avatar
AuthenticatorEmailChallengeResponseRequest:
type: object
description: Authenticator Email Challenge response, device is set by get_response_instance
properties:
component:
type: string
minLength: 1
default: ak-stage-authenticator-email
code:
type: integer
email:
type: string
minLength: 1
AuthenticatorEmailStage:
type: object
description: AuthenticatorEmailStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
use_global_settings:
type: boolean
description: When enabled, global Email connection settings will be used
and connection settings below will be ignored.
host:
type: string
port:
type: integer
maximum: 2147483647
minimum: -2147483648
username:
type: string
password:
type: string
use_tls:
type: boolean
use_ssl:
type: boolean
timeout:
type: integer
maximum: 2147483647
minimum: -2147483648
from_address:
type: string
format: email
maxLength: 254
subject:
type: string
token_expiry:
type: string
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
template:
type: string
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
AuthenticatorEmailStageRequest:
type: object
description: AuthenticatorEmailStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
use_global_settings:
type: boolean
description: When enabled, global Email connection settings will be used
and connection settings below will be ignored.
host:
type: string
minLength: 1
port:
type: integer
maximum: 2147483647
minimum: -2147483648
username:
type: string
password:
type: string
use_tls:
type: boolean
use_ssl:
type: boolean
timeout:
type: integer
maximum: 2147483647
minimum: -2147483648
from_address:
type: string
format: email
minLength: 1
maxLength: 254
subject:
type: string
minLength: 1
token_expiry:
type: string
minLength: 1
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
template:
type: string
minLength: 1
required:
- name
AuthenticatorEndpointGDTCStage:
type: object
description: AuthenticatorEndpointGDTCStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
credentials: {}
required:
- component
- credentials
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
AuthenticatorEndpointGDTCStageRequest:
type: object
description: AuthenticatorEndpointGDTCStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
credentials: {}
required:
- credentials
- name
AuthenticatorSMSChallenge:
type: object
description: SMS Setup challenge
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-sms
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
phone_number_required:
type: boolean
default: true
required:
- pending_user
- pending_user_avatar
AuthenticatorSMSChallengeResponseRequest:
type: object
description: SMS Challenge response, device is set by get_response_instance
properties:
component:
type: string
minLength: 1
default: ak-stage-authenticator-sms
code:
type: integer
phone_number:
type: string
minLength: 1
AuthenticatorSMSStage:
type: object
description: AuthenticatorSMSStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
provider:
$ref: '#/components/schemas/ProviderEnum'
from_number:
type: string
account_sid:
type: string
auth:
type: string
auth_password:
type: string
auth_type:
$ref: '#/components/schemas/AuthTypeEnum'
verify_only:
type: boolean
description: When enabled, the Phone number is only used during enrollment
to verify the users authenticity. Only a hash of the phone number is saved
to ensure it is not reused in the future.
mapping:
type: string
format: uuid
nullable: true
description: Optionally modify the payload being sent to custom providers.
required:
- account_sid
- auth
- component
- from_number
- meta_model_name
- name
- pk
- provider
- verbose_name
- verbose_name_plural
AuthenticatorSMSStageRequest:
type: object
description: AuthenticatorSMSStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
provider:
$ref: '#/components/schemas/ProviderEnum'
from_number:
type: string
minLength: 1
account_sid:
type: string
minLength: 1
auth:
type: string
minLength: 1
auth_password:
type: string
auth_type:
$ref: '#/components/schemas/AuthTypeEnum'
verify_only:
type: boolean
description: When enabled, the Phone number is only used during enrollment
to verify the users authenticity. Only a hash of the phone number is saved
to ensure it is not reused in the future.
mapping:
type: string
format: uuid
nullable: true
description: Optionally modify the payload being sent to custom providers.
required:
- account_sid
- auth
- from_number
- name
- provider
AuthenticatorStaticChallenge:
type: object
description: Static authenticator challenge
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-static
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
codes:
type: array
items:
type: string
required:
- codes
- pending_user
- pending_user_avatar
AuthenticatorStaticChallengeResponseRequest:
type: object
description: Pseudo class for static response
properties:
component:
type: string
minLength: 1
default: ak-stage-authenticator-static
AuthenticatorStaticStage:
type: object
description: AuthenticatorStaticStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
token_count:
type: integer
maximum: 2147483647
minimum: 0
token_length:
type: integer
maximum: 2147483647
minimum: 0
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
AuthenticatorStaticStageRequest:
type: object
description: AuthenticatorStaticStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
token_count:
type: integer
maximum: 2147483647
minimum: 0
token_length:
type: integer
maximum: 2147483647
minimum: 0
required:
- name
AuthenticatorTOTPChallenge:
type: object
description: TOTP Setup challenge
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-totp
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
config_url:
type: string
required:
- config_url
- pending_user
- pending_user_avatar
AuthenticatorTOTPChallengeResponseRequest:
type: object
description: TOTP Challenge response, device is set by get_response_instance
properties:
component:
type: string
minLength: 1
default: ak-stage-authenticator-totp
code:
type: integer
required:
- code
AuthenticatorTOTPStage:
type: object
description: AuthenticatorTOTPStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
digits:
$ref: '#/components/schemas/DigitsEnum'
required:
- component
- digits
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
AuthenticatorTOTPStageRequest:
type: object
description: AuthenticatorTOTPStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
digits:
$ref: '#/components/schemas/DigitsEnum'
required:
- digits
- name
AuthenticatorValidateStage:
type: object
description: AuthenticatorValidateStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
not_configured_action:
$ref: '#/components/schemas/NotConfiguredActionEnum'
device_classes:
type: array
items:
$ref: '#/components/schemas/DeviceClassesEnum'
description: Device classes which can be used to authenticate
configuration_stages:
type: array
items:
type: string
format: uuid
description: Stages used to configure Authenticator when user doesn't have
any compatible devices. After this configuration Stage passes, the user
is not prompted again.
last_auth_threshold:
type: string
description: If any of the user's device has been used within this threshold,
this stage will be skipped
webauthn_user_verification:
allOf:
- $ref: '#/components/schemas/UserVerificationEnum'
description: Enforce user verification for WebAuthn devices.
webauthn_allowed_device_types:
type: array
items:
type: string
format: uuid
webauthn_allowed_device_types_obj:
type: array
items:
$ref: '#/components/schemas/WebAuthnDeviceType'
readOnly: true
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
- webauthn_allowed_device_types_obj
AuthenticatorValidateStageRequest:
type: object
description: AuthenticatorValidateStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
not_configured_action:
$ref: '#/components/schemas/NotConfiguredActionEnum'
device_classes:
type: array
items:
$ref: '#/components/schemas/DeviceClassesEnum'
description: Device classes which can be used to authenticate
configuration_stages:
type: array
items:
type: string
format: uuid
description: Stages used to configure Authenticator when user doesn't have
any compatible devices. After this configuration Stage passes, the user
is not prompted again.
last_auth_threshold:
type: string
minLength: 1
description: If any of the user's device has been used within this threshold,
this stage will be skipped
webauthn_user_verification:
allOf:
- $ref: '#/components/schemas/UserVerificationEnum'
description: Enforce user verification for WebAuthn devices.
webauthn_allowed_device_types:
type: array
items:
type: string
format: uuid
required:
- name
AuthenticatorValidationChallenge:
type: object
description: Authenticator challenge
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-validate
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
device_challenges:
type: array
items:
$ref: '#/components/schemas/DeviceChallenge'
configuration_stages:
type: array
items:
$ref: '#/components/schemas/SelectableStage'
required:
- configuration_stages
- device_challenges
- pending_user
- pending_user_avatar
AuthenticatorValidationChallengeResponseRequest:
type: object
description: Challenge used for Code-based and WebAuthn authenticators
properties:
component:
type: string
minLength: 1
default: ak-stage-authenticator-validate
selected_challenge:
$ref: '#/components/schemas/DeviceChallengeRequest'
selected_stage:
type: string
minLength: 1
code:
type: string
minLength: 1
webauthn:
type: object
additionalProperties: {}
duo:
type: integer
AuthenticatorWebAuthnChallenge:
type: object
description: WebAuthn Challenge
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-authenticator-webauthn
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
registration:
type: object
additionalProperties: {}
required:
- pending_user
- pending_user_avatar
- registration
AuthenticatorWebAuthnChallengeResponseRequest:
type: object
description: WebAuthn Challenge response
properties:
component:
type: string
minLength: 1
default: ak-stage-authenticator-webauthn
response:
type: object
additionalProperties: {}
required:
- response
AuthenticatorWebAuthnStage:
type: object
description: AuthenticatorWebAuthnStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
user_verification:
$ref: '#/components/schemas/UserVerificationEnum'
authenticator_attachment:
allOf:
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
nullable: true
resident_key_requirement:
$ref: '#/components/schemas/ResidentKeyRequirementEnum'
device_type_restrictions:
type: array
items:
type: string
format: uuid
device_type_restrictions_obj:
type: array
items:
$ref: '#/components/schemas/WebAuthnDeviceType'
readOnly: true
required:
- component
- device_type_restrictions_obj
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
AuthenticatorWebAuthnStageRequest:
type: object
description: AuthenticatorWebAuthnStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
user_verification:
$ref: '#/components/schemas/UserVerificationEnum'
authenticator_attachment:
allOf:
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
nullable: true
resident_key_requirement:
$ref: '#/components/schemas/ResidentKeyRequirementEnum'
device_type_restrictions:
type: array
items:
type: string
format: uuid
required:
- name
AuthorizationCodeAuthMethodEnum:
enum:
- basic_auth
- post_body
type: string
AutoSubmitChallengeResponseRequest:
type: object
description: Pseudo class for autosubmit response
properties:
component:
type: string
minLength: 1
default: ak-stage-autosubmit
AutosubmitChallenge:
type: object
description: Autosubmit challenge used to send and navigate a POST request
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-autosubmit
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
url:
type: string
attrs:
type: object
additionalProperties:
type: string
title:
type: string
required:
- attrs
- url
BackendsEnum:
enum:
- authentik.core.auth.InbuiltBackend
- authentik.core.auth.TokenBackend
- authentik.sources.ldap.auth.LDAPBackend
- authentik.sources.kerberos.auth.KerberosBackend
type: string
BindingTypeEnum:
enum:
- REDIRECT
- POST
- POST_AUTO
type: string
BlueprintFile:
type: object
properties:
path:
type: string
last_m:
type: string
format: date-time
hash:
type: string
meta:
allOf:
- $ref: '#/components/schemas/Metadata'
readOnly: true
required:
- hash
- last_m
- meta
- path
BlueprintInstance:
type: object
description: Info about a single blueprint instance file
properties:
pk:
type: string
format: uuid
readOnly: true
title: Instance uuid
name:
type: string
path:
type: string
default: ''
context: {}
last_applied:
type: string
format: date-time
readOnly: true
last_applied_hash:
type: string
readOnly: true
status:
allOf:
- $ref: '#/components/schemas/BlueprintInstanceStatusEnum'
readOnly: true
enabled:
type: boolean
managed_models:
type: array
items:
type: string
readOnly: true
metadata:
readOnly: true
content:
type: string
required:
- last_applied
- last_applied_hash
- managed_models
- metadata
- name
- pk
- status
BlueprintInstanceRequest:
type: object
description: Info about a single blueprint instance file
properties:
name:
type: string
minLength: 1
path:
type: string
default: ''
context: {}
enabled:
type: boolean
content:
type: string
required:
- name
BlueprintInstanceStatusEnum:
enum:
- successful
- warning
- error
- orphaned
- unknown
type: string
Brand:
type: object
description: Brand Serializer
properties:
brand_uuid:
type: string
format: uuid
readOnly: true
domain:
type: string
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
for `aa.b` and `ba.b`
default:
type: boolean
branding_title:
type: string
branding_logo:
type: string
branding_favicon:
type: string
branding_custom_css:
type: string
branding_default_flow_background:
type: string
flow_authentication:
type: string
format: uuid
nullable: true
flow_invalidation:
type: string
format: uuid
nullable: true
flow_recovery:
type: string
format: uuid
nullable: true
flow_unenrollment:
type: string
format: uuid
nullable: true
flow_user_settings:
type: string
format: uuid
nullable: true
flow_device_code:
type: string
format: uuid
nullable: true
default_application:
type: string
format: uuid
nullable: true
description: When set, external users will be redirected to this application
after authenticating.
web_certificate:
type: string
format: uuid
nullable: true
description: Web Certificate used by the authentik Core webserver.
client_certificates:
type: array
items:
type: string
format: uuid
description: Certificates used for client authentication.
attributes: {}
required:
- brand_uuid
- domain
BrandRequest:
type: object
description: Brand Serializer
properties:
domain:
type: string
minLength: 1
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
for `aa.b` and `ba.b`
default:
type: boolean
branding_title:
type: string
minLength: 1
branding_logo:
type: string
minLength: 1
branding_favicon:
type: string
minLength: 1
branding_custom_css:
type: string
branding_default_flow_background:
type: string
minLength: 1
flow_authentication:
type: string
format: uuid
nullable: true
flow_invalidation:
type: string
format: uuid
nullable: true
flow_recovery:
type: string
format: uuid
nullable: true
flow_unenrollment:
type: string
format: uuid
nullable: true
flow_user_settings:
type: string
format: uuid
nullable: true
flow_device_code:
type: string
format: uuid
nullable: true
default_application:
type: string
format: uuid
nullable: true
description: When set, external users will be redirected to this application
after authenticating.
web_certificate:
type: string
format: uuid
nullable: true
description: Web Certificate used by the authentik Core webserver.
client_certificates:
type: array
items:
type: string
format: uuid
description: Certificates used for client authentication.
attributes: {}
required:
- domain
Cache:
type: object
description: Generic cache stats for an object
properties:
count:
type: integer
readOnly: true
required:
- count
CapabilitiesEnum:
enum:
- can_save_media
- can_geo_ip
- can_asn
- can_impersonate
- can_debug
- is_enterprise
type: string
CaptchaChallenge:
type: object
description: Site public key
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-captcha
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
site_key:
type: string
js_url:
type: string
interactive:
type: boolean
required:
- interactive
- js_url
- pending_user
- pending_user_avatar
- site_key
CaptchaChallengeResponseRequest:
type: object
description: Validate captcha token
properties:
component:
type: string
minLength: 1
default: ak-stage-captcha
token:
type: string
minLength: 1
required:
- token
CaptchaStage:
type: object
description: CaptchaStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
public_key:
type: string
description: Public key, acquired your captcha Provider.
js_url:
type: string
api_url:
type: string
interactive:
type: boolean
score_min_threshold:
type: number
format: double
score_max_threshold:
type: number
format: double
error_on_invalid_score:
type: boolean
description: When enabled and the received captcha score is outside of the
given threshold, the stage will show an error message. When not enabled,
the flow will continue, but the data from the captcha will be available
in the context for policy decisions
required:
- component
- meta_model_name
- name
- pk
- public_key
- verbose_name
- verbose_name_plural
CaptchaStageRequest:
type: object
description: CaptchaStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
public_key:
type: string
minLength: 1
description: Public key, acquired your captcha Provider.
private_key:
type: string
writeOnly: true
minLength: 1
description: Private key, acquired your captcha Provider.
js_url:
type: string
minLength: 1
api_url:
type: string
minLength: 1
interactive:
type: boolean
score_min_threshold:
type: number
format: double
score_max_threshold:
type: number
format: double
error_on_invalid_score:
type: boolean
description: When enabled and the received captcha score is outside of the
given threshold, the stage will show an error message. When not enabled,
the flow will continue, but the data from the captcha will be available
in the context for policy decisions
required:
- name
- private_key
- public_key
CertAttributeEnum:
enum:
- subject
- common_name
- email
type: string
CertificateData:
type: object
description: Get CertificateKeyPair's data
properties:
data:
type: string
readOnly: true
required:
- data
CertificateGenerationRequest:
type: object
description: Certificate generation parameters
properties:
common_name:
type: string
minLength: 1
subject_alt_name:
type: string
validity_days:
type: integer
alg:
allOf:
- $ref: '#/components/schemas/AlgEnum'
default: rsa
required:
- common_name
- validity_days
CertificateKeyPair:
type: object
description: CertificateKeyPair Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Kp uuid
name:
type: string
fingerprint_sha256:
type: string
nullable: true
description: Get certificate Hash (SHA256)
readOnly: true
fingerprint_sha1:
type: string
nullable: true
description: Get certificate Hash (SHA1)
readOnly: true
cert_expiry:
type: string
format: date-time
nullable: true
description: Get certificate expiry
readOnly: true
cert_subject:
type: string
nullable: true
description: Get certificate subject as full rfc4514
readOnly: true
private_key_available:
type: boolean
description: Show if this keypair has a private key configured or not
readOnly: true
private_key_type:
type: string
nullable: true
description: Get the private key's type, if set
readOnly: true
certificate_download_url:
type: string
description: Get URL to download certificate
readOnly: true
private_key_download_url:
type: string
description: Get URL to download private key
readOnly: true
managed:
type: string
readOnly: true
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
required:
- cert_expiry
- cert_subject
- certificate_download_url
- fingerprint_sha1
- fingerprint_sha256
- managed
- name
- pk
- private_key_available
- private_key_download_url
- private_key_type
CertificateKeyPairRequest:
type: object
description: CertificateKeyPair Serializer
properties:
name:
type: string
minLength: 1
certificate_data:
type: string
writeOnly: true
minLength: 1
description: PEM-encoded Certificate data
key_data:
type: string
writeOnly: true
description: Optional Private Key. If this is set, you can use this keypair
for encryption.
required:
- certificate_data
- name
ChallengeTypes:
oneOf:
- $ref: '#/components/schemas/AccessDeniedChallenge'
- $ref: '#/components/schemas/AppleLoginChallenge'
- $ref: '#/components/schemas/AuthenticatorDuoChallenge'
- $ref: '#/components/schemas/AuthenticatorEmailChallenge'
- $ref: '#/components/schemas/AuthenticatorSMSChallenge'
- $ref: '#/components/schemas/AuthenticatorStaticChallenge'
- $ref: '#/components/schemas/AuthenticatorTOTPChallenge'
- $ref: '#/components/schemas/AuthenticatorValidationChallenge'
- $ref: '#/components/schemas/AuthenticatorWebAuthnChallenge'
- $ref: '#/components/schemas/AutosubmitChallenge'
- $ref: '#/components/schemas/CaptchaChallenge'
- $ref: '#/components/schemas/ConsentChallenge'
- $ref: '#/components/schemas/DummyChallenge'
- $ref: '#/components/schemas/EmailChallenge'
- $ref: '#/components/schemas/FlowErrorChallenge'
- $ref: '#/components/schemas/FrameChallenge'
- $ref: '#/components/schemas/IdentificationChallenge'
- $ref: '#/components/schemas/OAuthDeviceCodeChallenge'
- $ref: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
- $ref: '#/components/schemas/PasswordChallenge'
- $ref: '#/components/schemas/PlexAuthenticationChallenge'
- $ref: '#/components/schemas/PromptChallenge'
- $ref: '#/components/schemas/RedirectChallenge'
- $ref: '#/components/schemas/SessionEndChallenge'
- $ref: '#/components/schemas/ShellChallenge'
- $ref: '#/components/schemas/UserLoginChallenge'
discriminator:
propertyName: component
mapping:
ak-stage-access-denied: '#/components/schemas/AccessDeniedChallenge'
ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallenge'
ak-stage-authenticator-email: '#/components/schemas/AuthenticatorEmailChallenge'
ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallenge'
ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallenge'
ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallenge'
ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallenge'
ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallenge'
ak-stage-autosubmit: '#/components/schemas/AutosubmitChallenge'
ak-stage-captcha: '#/components/schemas/CaptchaChallenge'
ak-stage-consent: '#/components/schemas/ConsentChallenge'
ak-stage-dummy: '#/components/schemas/DummyChallenge'
ak-stage-email: '#/components/schemas/EmailChallenge'
ak-stage-flow-error: '#/components/schemas/FlowErrorChallenge'
xak-flow-frame: '#/components/schemas/FrameChallenge'
ak-stage-identification: '#/components/schemas/IdentificationChallenge'
ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallenge'
ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
ak-stage-password: '#/components/schemas/PasswordChallenge'
ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
ak-stage-prompt: '#/components/schemas/PromptChallenge'
xak-flow-redirect: '#/components/schemas/RedirectChallenge'
ak-stage-session-end: '#/components/schemas/SessionEndChallenge'
xak-flow-shell: '#/components/schemas/ShellChallenge'
ak-stage-user-login: '#/components/schemas/UserLoginChallenge'
ClientTypeEnum:
enum:
- confidential
- public
type: string
CompatibilityModeEnum:
enum:
- default
- aws
- slack
type: string
Config:
type: object
description: Serialize authentik Config into DRF Object
properties:
error_reporting:
$ref: '#/components/schemas/ErrorReportingConfig'
capabilities:
type: array
items:
$ref: '#/components/schemas/CapabilitiesEnum'
cache_timeout:
type: integer
cache_timeout_flows:
type: integer
cache_timeout_policies:
type: integer
cache_timeout_reputation:
type: integer
required:
- cache_timeout
- cache_timeout_flows
- cache_timeout_policies
- cache_timeout_reputation
- capabilities
- error_reporting
ConnectionToken:
type: object
description: ConnectionToken Serializer
properties:
pk:
type: string
format: uuid
title: Connection token uuid
provider:
type: integer
provider_obj:
allOf:
- $ref: '#/components/schemas/RACProvider'
readOnly: true
endpoint:
type: string
format: uuid
endpoint_obj:
allOf:
- $ref: '#/components/schemas/Endpoint'
readOnly: true
user:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
required:
- endpoint
- endpoint_obj
- provider
- provider_obj
- user
ConnectionTokenRequest:
type: object
description: ConnectionToken Serializer
properties:
pk:
type: string
format: uuid
title: Connection token uuid
provider:
type: integer
endpoint:
type: string
format: uuid
required:
- endpoint
- provider
ConsentChallenge:
type: object
description: Challenge info for consent screens
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-consent
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
header_text:
type: string
permissions:
type: array
items:
$ref: '#/components/schemas/ConsentPermission'
additional_permissions:
type: array
items:
$ref: '#/components/schemas/ConsentPermission'
token:
type: string
required:
- additional_permissions
- pending_user
- pending_user_avatar
- permissions
- token
ConsentChallengeResponseRequest:
type: object
description: Consent challenge response, any valid response request is valid
properties:
component:
type: string
minLength: 1
default: ak-stage-consent
token:
type: string
minLength: 1
required:
- token
ConsentPermission:
type: object
description: Permission used for consent
properties:
name:
type: string
id:
type: string
required:
- id
- name
ConsentStage:
type: object
description: ConsentStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
mode:
$ref: '#/components/schemas/ConsentStageModeEnum'
consent_expire_in:
type: string
title: Consent expires in
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
ConsentStageModeEnum:
enum:
- always_require
- permanent
- expiring
type: string
ConsentStageRequest:
type: object
description: ConsentStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
mode:
$ref: '#/components/schemas/ConsentStageModeEnum'
consent_expire_in:
type: string
minLength: 1
title: Consent expires in
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
required:
- name
ContextualFlowInfo:
type: object
description: Contextual flow information for a challenge
properties:
title:
type: string
background:
type: string
cancel_url:
type: string
layout:
$ref: '#/components/schemas/ContextualFlowInfoLayoutEnum'
required:
- cancel_url
- layout
ContextualFlowInfoLayoutEnum:
enum:
- stacked
- content_left
- content_right
- sidebar_left
- sidebar_right
type: string
Coordinate:
type: object
description: Coordinates for diagrams
properties:
x_cord:
type: integer
readOnly: true
y_cord:
type: integer
readOnly: true
required:
- x_cord
- y_cord
CountryCodeEnum:
enum:
- AF
- AX
- AL
- DZ
- AS
- AD
- AO
- AI
- AQ
- AG
- AR
- AM
- AW
- AU
- AT
- AZ
- BS
- BH
- BD
- BB
- BY
- BE
- BZ
- BJ
- BM
- BT
- BO
- BQ
- BA
- BW
- BV
- BR
- IO
- BN
- BG
- BF
- BI
- CV
- KH
- CM
- CA
- KY
- CF
- TD
- CL
- CN
- CX
- CC
- CO
- KM
- CG
- CD
- CK
- CR
- CI
- HR
- CU
- CW
- CY
- CZ
- DK
- DJ
- DM
- DO
- EC
- EG
- SV
- GQ
- ER
- EE
- SZ
- ET
- FK
- FO
- FJ
- FI
- FR
- GF
- PF
- TF
- GA
- GM
- GE
- DE
- GH
- GI
- GR
- GL
- GD
- GP
- GU
- GT
- GG
- GN
- GW
- GY
- HT
- HM
- VA
- HN
- HK
- HU
- IS
- IN
- ID
- IR
- IQ
- IE
- IM
- IL
- IT
- JM
- JP
- JE
- JO
- KZ
- KE
- KI
- KW
- KG
- LA
- LV
- LB
- LS
- LR
- LY
- LI
- LT
- LU
- MO
- MG
- MW
- MY
- MV
- ML
- MT
- MH
- MQ
- MR
- MU
- YT
- MX
- FM
- MD
- MC
- MN
- ME
- MS
- MA
- MZ
- MM
- NA
- NR
- NP
- NL
- NC
- NZ
- NI
- NE
- NG
- NU
- NF
- KP
- MK
- MP
- 'NO'
- OM
- PK
- PW
- PS
- PA
- PG
- PY
- PE
- PH
- PN
- PL
- PT
- PR
- QA
- RE
- RO
- RU
- RW
- BL
- SH
- KN
- LC
- MF
- PM
- VC
- WS
- SM
- ST
- SA
- SN
- RS
- SC
- SL
- SG
- SX
- SK
- SI
- SB
- SO
- ZA
- GS
- KR
- SS
- ES
- LK
- SD
- SR
- SJ
- SE
- CH
- SY
- TW
- TJ
- TZ
- TH
- TL
- TG
- TK
- TO
- TT
- TN
- TR
- TM
- TC
- TV
- UG
- UA
- AE
- GB
- UM
- US
- UY
- UZ
- VU
- VE
- VN
- VG
- VI
- WF
- EH
- YE
- ZM
- ZW
type: string
CurrentBrand:
type: object
description: Partial brand information for styling
properties:
matched_domain:
type: string
branding_title:
type: string
branding_logo:
type: string
branding_favicon:
type: string
branding_custom_css:
type: string
ui_footer_links:
type: array
items:
$ref: '#/components/schemas/FooterLink'
readOnly: true
ui_theme:
allOf:
- $ref: '#/components/schemas/UiThemeEnum'
readOnly: true
default: automatic
flow_authentication:
type: string
flow_invalidation:
type: string
flow_recovery:
type: string
flow_unenrollment:
type: string
flow_user_settings:
type: string
flow_device_code:
type: string
default_locale:
type: string
readOnly: true
required:
- branding_custom_css
- branding_favicon
- branding_logo
- branding_title
- default_locale
- matched_domain
- ui_footer_links
- ui_theme
DeliveryMethodEnum:
enum:
- https://schemas.openid.net/secevent/risc/delivery-method/push
- https://schemas.openid.net/secevent/risc/delivery-method/poll
type: string
DeniedActionEnum:
enum:
- message_continue
- message
- continue
type: string
DenyStage:
type: object
description: DenyStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
deny_message:
type: string
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
DenyStageRequest:
type: object
description: DenyStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
deny_message:
type: string
required:
- name
DetailedCountry:
type: object
properties:
code:
$ref: '#/components/schemas/CountryCodeEnum'
name:
type: string
required:
- code
- name
DetailedCountryField:
type: object
properties:
code:
$ref: '#/components/schemas/CountryCodeEnum'
name:
type: string
required:
- code
- name
DetailedCountryFieldRequest:
type: object
properties:
code:
$ref: '#/components/schemas/CountryCodeEnum'
name:
type: string
minLength: 1
required:
- code
- name
Device:
type: object
description: Serializer for Duo authenticator devices
properties:
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
pk:
type: string
name:
type: string
type:
type: string
description: Get type of device
readOnly: true
confirmed:
type: boolean
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
last_used:
type: string
format: date-time
readOnly: true
nullable: true
extra_description:
type: string
description: Get extra description
readOnly: true
required:
- confirmed
- created
- extra_description
- last_updated
- last_used
- meta_model_name
- name
- pk
- type
- verbose_name
- verbose_name_plural
DeviceChallenge:
type: object
description: Single device challenge
properties:
device_class:
type: string
device_uid:
type: string
challenge:
type: object
additionalProperties: {}
last_used:
type: string
format: date-time
nullable: true
required:
- challenge
- device_class
- device_uid
- last_used
DeviceChallengeRequest:
type: object
description: Single device challenge
properties:
device_class:
type: string
minLength: 1
device_uid:
type: string
minLength: 1
challenge:
type: object
additionalProperties: {}
last_used:
type: string
format: date-time
nullable: true
required:
- challenge
- device_class
- device_uid
- last_used
DeviceClassesEnum:
enum:
- static
- totp
- webauthn
- duo
- sms
- email
type: string
DigestAlgorithmEnum:
enum:
- http://www.w3.org/2000/09/xmldsig#sha1
- http://www.w3.org/2001/04/xmlenc#sha256
- http://www.w3.org/2001/04/xmldsig-more#sha384
- http://www.w3.org/2001/04/xmlenc#sha512
type: string
DigitsEnum:
enum:
- '6'
- '8'
type: string
DockerServiceConnection:
type: object
description: DockerServiceConnection Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Uuid
name:
type: string
local:
type: boolean
description: If enabled, use the local connection. Required Docker socket/Kubernetes
Integration
component:
type: string
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
url:
type: string
description: Can be in the format of 'unix://<path>' when connecting to
a local docker daemon, or 'https://<hostname>:2376' when connecting to
a remote system.
tls_verification:
type: string
format: uuid
nullable: true
description: CA which the endpoint's Certificate is verified against. Can
be left empty for no validation.
tls_authentication:
type: string
format: uuid
nullable: true
description: Certificate/Key used for authentication. Can be left empty
for no authentication.
required:
- component
- meta_model_name
- name
- pk
- url
- verbose_name
- verbose_name_plural
DockerServiceConnectionRequest:
type: object
description: DockerServiceConnection Serializer
properties:
name:
type: string
minLength: 1
local:
type: boolean
description: If enabled, use the local connection. Required Docker socket/Kubernetes
Integration
url:
type: string
minLength: 1
description: Can be in the format of 'unix://<path>' when connecting to
a local docker daemon, or 'https://<hostname>:2376' when connecting to
a remote system.
tls_verification:
type: string
format: uuid
nullable: true
description: CA which the endpoint's Certificate is verified against. Can
be left empty for no validation.
tls_authentication:
type: string
format: uuid
nullable: true
description: Certificate/Key used for authentication. Can be left empty
for no authentication.
required:
- name
- url
Domain:
type: object
description: Domain Serializer
properties:
id:
type: integer
readOnly: true
domain:
type: string
maxLength: 253
is_primary:
type: boolean
tenant:
type: string
format: uuid
required:
- domain
- id
- tenant
DomainRequest:
type: object
description: Domain Serializer
properties:
domain:
type: string
minLength: 1
maxLength: 253
is_primary:
type: boolean
tenant:
type: string
format: uuid
required:
- domain
- tenant
DummyChallenge:
type: object
description: Dummy challenge
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-dummy
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
name:
type: string
required:
- name
DummyChallengeResponseRequest:
type: object
description: Dummy challenge response
properties:
component:
type: string
minLength: 1
default: ak-stage-dummy
DummyPolicy:
type: object
description: Dummy Policy Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Policy uuid
name:
type: string
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
bound_to:
type: integer
description: Return objects policy is bound to
readOnly: true
result:
type: boolean
wait_min:
type: integer
maximum: 2147483647
minimum: -2147483648
wait_max:
type: integer
maximum: 2147483647
minimum: -2147483648
required:
- bound_to
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
DummyPolicyRequest:
type: object
description: Dummy Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
result:
type: boolean
wait_min:
type: integer
maximum: 2147483647
minimum: -2147483648
wait_max:
type: integer
maximum: 2147483647
minimum: -2147483648
required:
- name
DummyStage:
type: object
description: DummyStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
throw_error:
type: boolean
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
DummyStageRequest:
type: object
description: DummyStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
throw_error:
type: boolean
required:
- name
DuoDevice:
type: object
description: Serializer for Duo authenticator devices
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
description: The human-readable name of this device.
maxLength: 64
user:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
required:
- name
- pk
- user
DuoDeviceEnrollmentStatus:
type: object
properties:
duo_response:
$ref: '#/components/schemas/DuoResponseEnum'
required:
- duo_response
DuoDeviceRequest:
type: object
description: Serializer for Duo authenticator devices
properties:
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
required:
- name
DuoResponseEnum:
enum:
- success
- waiting
- invalid
type: string
EmailChallenge:
type: object
description: Email challenge
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-email
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
EmailChallengeResponseRequest:
type: object
description: |-
Email challenge resposen. No fields. This challenge is
always declared invalid to give the user a chance to retry
properties:
component:
type: string
minLength: 1
default: ak-stage-email
EmailDevice:
type: object
description: Serializer for email authenticator devices
properties:
name:
type: string
description: The human-readable name of this device.
maxLength: 64
pk:
type: integer
readOnly: true
title: ID
email:
type: string
format: email
readOnly: true
user:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
required:
- email
- name
- pk
- user
EmailDeviceRequest:
type: object
description: Serializer for email authenticator devices
properties:
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
required:
- name
EmailStage:
type: object
description: EmailStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
use_global_settings:
type: boolean
description: When enabled, global Email connection settings will be used
and connection settings below will be ignored.
host:
type: string
port:
type: integer
maximum: 2147483647
minimum: -2147483648
username:
type: string
use_tls:
type: boolean
use_ssl:
type: boolean
timeout:
type: integer
maximum: 2147483647
minimum: -2147483648
from_address:
type: string
format: email
maxLength: 254
token_expiry:
type: string
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
subject:
type: string
template:
type: string
activate_user_on_success:
type: boolean
description: Activate users upon completion of stage.
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
EmailStageRequest:
type: object
description: EmailStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
use_global_settings:
type: boolean
description: When enabled, global Email connection settings will be used
and connection settings below will be ignored.
host:
type: string
minLength: 1
port:
type: integer
maximum: 2147483647
minimum: -2147483648
username:
type: string
password:
type: string
writeOnly: true
use_tls:
type: boolean
use_ssl:
type: boolean
timeout:
type: integer
maximum: 2147483647
minimum: -2147483648
from_address:
type: string
format: email
minLength: 1
maxLength: 254
token_expiry:
type: string
minLength: 1
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
subject:
type: string
minLength: 1
template:
type: string
minLength: 1
activate_user_on_success:
type: boolean
description: Activate users upon completion of stage.
required:
- name
Endpoint:
type: object
description: Endpoint Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pbm uuid
name:
type: string
provider:
type: integer
provider_obj:
allOf:
- $ref: '#/components/schemas/RACProvider'
readOnly: true
protocol:
$ref: '#/components/schemas/ProtocolEnum'
host:
type: string
settings: {}
property_mappings:
type: array
items:
type: string
format: uuid
auth_mode:
$ref: '#/components/schemas/AuthModeEnum'
launch_url:
type: string
nullable: true
description: |-
Build actual launch URL (the provider itself does not have one, just
individual endpoints)
readOnly: true
maximum_connections:
type: integer
maximum: 2147483647
minimum: -2147483648
required:
- auth_mode
- host
- launch_url
- name
- pk
- protocol
- provider
- provider_obj
EndpointDevice:
type: object
description: Serializer for Endpoint authenticator devices
properties:
pk:
type: string
format: uuid
title: Uuid
name:
type: string
description: The human-readable name of this device.
maxLength: 64
required:
- name
EndpointDeviceRequest:
type: object
description: Serializer for Endpoint authenticator devices
properties:
pk:
type: string
format: uuid
title: Uuid
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
required:
- name
EndpointRequest:
type: object
description: Endpoint Serializer
properties:
name:
type: string
minLength: 1
provider:
type: integer
protocol:
$ref: '#/components/schemas/ProtocolEnum'
host:
type: string
minLength: 1
settings: {}
property_mappings:
type: array
items:
type: string
format: uuid
auth_mode:
$ref: '#/components/schemas/AuthModeEnum'
maximum_connections:
type: integer
maximum: 2147483647
minimum: -2147483648
required:
- auth_mode
- host
- name
- protocol
- provider
ErrorDetail:
type: object
description: Serializer for rest_framework's error messages
properties:
string:
type: string
code:
type: string
required:
- code
- string
ErrorReportingConfig:
type: object
description: Config for error reporting
properties:
enabled:
type: boolean
readOnly: true
sentry_dsn:
type: string
readOnly: true
environment:
type: string
readOnly: true
send_pii:
type: boolean
readOnly: true
traces_sample_rate:
type: number
format: double
readOnly: true
required:
- enabled
- environment
- send_pii
- sentry_dsn
- traces_sample_rate
Event:
type: object
description: Event Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Event uuid
user: {}
action:
$ref: '#/components/schemas/EventActions'
app:
type: string
context: {}
client_ip:
type: string
nullable: true
created:
type: string
format: date-time
readOnly: true
expires:
type: string
format: date-time
brand: {}
required:
- action
- app
- created
- pk
EventActions:
enum:
- login
- login_failed
- logout
- user_write
- suspicious_request
- password_set
- secret_view
- secret_rotate
- invitation_used
- authorize_application
- source_linked
- impersonation_started
- impersonation_ended
- flow_execution
- policy_execution
- policy_exception
- property_mapping_exception
- system_task_execution
- system_task_exception
- system_exception
- configuration_error
- model_created
- model_updated
- model_deleted
- email_sent
- update_available
- custom_
type: string
EventMatcherPolicy:
type: object
description: Event Matcher Policy Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Policy uuid
name:
type: string
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
bound_to:
type: integer
description: Return objects policy is bound to
readOnly: true
action:
allOf:
- $ref: '#/components/schemas/EventActions'
nullable: true
description: Match created events with this action type. When left empty,
all action types will be matched.
client_ip:
type: string
nullable: true
description: Matches Event's Client IP (strict matching, for network matching
use an Expression Policy)
app:
allOf:
- $ref: '#/components/schemas/AppEnum'
nullable: true
description: Match events created by selected application. When left empty,
all applications are matched.
model:
allOf:
- $ref: '#/components/schemas/ModelEnum'
nullable: true
description: Match events created by selected model. When left empty, all
models are matched. When an app is selected, all the application's models
are matched.
required:
- bound_to
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
EventMatcherPolicyRequest:
type: object
description: Event Matcher Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
action:
allOf:
- $ref: '#/components/schemas/EventActions'
nullable: true
description: Match created events with this action type. When left empty,
all action types will be matched.
client_ip:
type: string
nullable: true
minLength: 1
description: Matches Event's Client IP (strict matching, for network matching
use an Expression Policy)
app:
allOf:
- $ref: '#/components/schemas/AppEnum'
nullable: true
description: Match events created by selected application. When left empty,
all applications are matched.
model:
allOf:
- $ref: '#/components/schemas/ModelEnum'
nullable: true
description: Match events created by selected model. When left empty, all
models are matched. When an app is selected, all the application's models
are matched.
required:
- name
EventRequest:
type: object
description: Event Serializer
properties:
user: {}
action:
$ref: '#/components/schemas/EventActions'
app:
type: string
minLength: 1
context: {}
client_ip:
type: string
nullable: true
minLength: 1
expires:
type: string
format: date-time
brand: {}
required:
- action
- app
EventTopPerUser:
type: object
description: Response object of Event's top_per_user
properties:
application:
type: object
additionalProperties: {}
counted_events:
type: integer
unique_users:
type: integer
required:
- application
- counted_events
- unique_users
EventsRequestedEnum:
enum:
- https://schemas.openid.net/secevent/caep/event-type/session-revoked
- https://schemas.openid.net/secevent/caep/event-type/credential-change
- https://schemas.openid.net/secevent/ssf/event-type/verification
type: string
ExpiringBaseGrantModel:
type: object
description: Serializer for BaseGrantModel and ExpiringBaseGrant
properties:
pk:
type: integer
readOnly: true
title: ID
provider:
$ref: '#/components/schemas/OAuth2Provider'
user:
$ref: '#/components/schemas/User'
is_expired:
type: boolean
description: Check if token is expired yet.
readOnly: true
expires:
type: string
format: date-time
nullable: true
scope:
type: array
items:
type: string
required:
- is_expired
- pk
- provider
- scope
- user
ExpressionPolicy:
type: object
description: Group Membership Policy Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Policy uuid
name:
type: string
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
bound_to:
type: integer
description: Return objects policy is bound to
readOnly: true
expression:
type: string
required:
- bound_to
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
ExpressionPolicyRequest:
type: object
description: Group Membership Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
expression:
type: string
minLength: 1
required:
- expression
- name
ExtraRoleObjectPermission:
type: object
description: User permission with additional object-related data
properties:
id:
type: integer
readOnly: true
codename:
type: string
readOnly: true
model:
type: string
title: Python model class name
readOnly: true
app_label:
type: string
readOnly: true
object_pk:
type: string
name:
type: string
readOnly: true
app_label_verbose:
type: string
description: Get app label from permission's model
readOnly: true
model_verbose:
type: string
description: Get model label from permission's model
readOnly: true
object_description:
type: string
nullable: true
description: |-
Get model description from attached model. This operation takes at least
one additional query, and the description is only shown if the user/role has the
view_ permission on the object
readOnly: true
required:
- app_label
- app_label_verbose
- codename
- id
- model
- model_verbose
- name
- object_description
- object_pk
ExtraRoleObjectPermissionRequest:
type: object
description: User permission with additional object-related data
properties:
object_pk:
type: string
minLength: 1
required:
- object_pk
ExtraUserObjectPermission:
type: object
description: User permission with additional object-related data
properties:
id:
type: integer
readOnly: true
codename:
type: string
readOnly: true
model:
type: string
title: Python model class name
readOnly: true
app_label:
type: string
readOnly: true
object_pk:
type: string
name:
type: string
readOnly: true
app_label_verbose:
type: string
description: Get app label from permission's model
readOnly: true
model_verbose:
type: string
description: Get model label from permission's model
readOnly: true
object_description:
type: string
nullable: true
description: |-
Get model description from attached model. This operation takes at least
one additional query, and the description is only shown if the user/role has the
view_ permission on the object
readOnly: true
required:
- app_label
- app_label_verbose
- codename
- id
- model
- model_verbose
- name
- object_description
- object_pk
ExtraUserObjectPermissionRequest:
type: object
description: User permission with additional object-related data
properties:
object_pk:
type: string
minLength: 1
required:
- object_pk
FilePathRequest:
type: object
description: Serializer to upload file
properties:
url:
type: string
minLength: 1
required:
- url
FileUploadRequest:
type: object
description: Serializer to upload file
properties:
file:
type: string
format: binary
clear:
type: boolean
default: false
Flow:
type: object
description: Flow Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Flow uuid
policybindingmodel_ptr_id:
type: string
format: uuid
readOnly: true
name:
type: string
slug:
type: string
description: Visible in the URL.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
title:
type: string
description: Shown as the Title in Flow pages.
designation:
allOf:
- $ref: '#/components/schemas/FlowDesignationEnum'
description: Decides what this Flow is used for. For example, the Authentication
flow is redirect to when an un-authenticated user visits authentik.
background:
type: string
description: |-
Get the URL to the background image. If the name is /static or starts with http
it is returned as-is
readOnly: true
stages:
type: array
items:
type: string
format: uuid
readOnly: true
policies:
type: array
items:
type: string
format: uuid
readOnly: true
cache_count:
type: integer
description: Get count of cached flows
readOnly: true
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
compatibility_mode:
type: boolean
description: Enable compatibility mode, increases compatibility with password
managers on mobile devices.
export_url:
type: string
description: Get export URL for flow
readOnly: true
layout:
$ref: '#/components/schemas/FlowLayoutEnum'
denied_action:
allOf:
- $ref: '#/components/schemas/DeniedActionEnum'
description: Configure what should happen when a flow denies access to a
user.
authentication:
allOf:
- $ref: '#/components/schemas/AuthenticationEnum'
description: Required level of authentication and authorization to access
a flow.
required:
- background
- cache_count
- designation
- export_url
- name
- pk
- policies
- policybindingmodel_ptr_id
- slug
- stages
- title
FlowChallengeResponseRequest:
oneOf:
- $ref: '#/components/schemas/AppleChallengeResponseRequest'
- $ref: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
- $ref: '#/components/schemas/AuthenticatorEmailChallengeResponseRequest'
- $ref: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
- $ref: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
- $ref: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
- $ref: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
- $ref: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
- $ref: '#/components/schemas/AutoSubmitChallengeResponseRequest'
- $ref: '#/components/schemas/CaptchaChallengeResponseRequest'
- $ref: '#/components/schemas/ConsentChallengeResponseRequest'
- $ref: '#/components/schemas/DummyChallengeResponseRequest'
- $ref: '#/components/schemas/EmailChallengeResponseRequest'
- $ref: '#/components/schemas/FrameChallengeResponseRequest'
- $ref: '#/components/schemas/IdentificationChallengeResponseRequest'
- $ref: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
- $ref: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
- $ref: '#/components/schemas/PasswordChallengeResponseRequest'
- $ref: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
- $ref: '#/components/schemas/PromptChallengeResponseRequest'
- $ref: '#/components/schemas/RedirectChallengeResponseRequest'
- $ref: '#/components/schemas/UserLoginChallengeResponseRequest'
discriminator:
propertyName: component
mapping:
ak-source-oauth-apple: '#/components/schemas/AppleChallengeResponseRequest'
ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
ak-stage-authenticator-email: '#/components/schemas/AuthenticatorEmailChallengeResponseRequest'
ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
ak-stage-autosubmit: '#/components/schemas/AutoSubmitChallengeResponseRequest'
ak-stage-captcha: '#/components/schemas/CaptchaChallengeResponseRequest'
ak-stage-consent: '#/components/schemas/ConsentChallengeResponseRequest'
ak-stage-dummy: '#/components/schemas/DummyChallengeResponseRequest'
ak-stage-email: '#/components/schemas/EmailChallengeResponseRequest'
xak-flow-frame: '#/components/schemas/FrameChallengeResponseRequest'
ak-stage-identification: '#/components/schemas/IdentificationChallengeResponseRequest'
ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
ak-stage-password: '#/components/schemas/PasswordChallengeResponseRequest'
ak-source-plex: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
ak-stage-prompt: '#/components/schemas/PromptChallengeResponseRequest'
xak-flow-redirect: '#/components/schemas/RedirectChallengeResponseRequest'
ak-stage-user-login: '#/components/schemas/UserLoginChallengeResponseRequest'
FlowDesignationEnum:
enum:
- authentication
- authorization
- invalidation
- enrollment
- unenrollment
- recovery
- stage_configuration
type: string
FlowDiagram:
type: object
description: response of the flow's diagram action
properties:
diagram:
type: string
readOnly: true
required:
- diagram
FlowErrorChallenge:
type: object
description: |-
Challenge class when an unhandled error occurs during a stage. Normal users
are shown an error message, superusers are shown a full stacktrace.
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-flow-error
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
request_id:
type: string
error:
type: string
traceback:
type: string
required:
- request_id
FlowImportResult:
type: object
description: Logs of an attempted flow import
properties:
logs:
type: array
items:
$ref: '#/components/schemas/LogEvent'
readOnly: true
success:
type: boolean
readOnly: true
required:
- logs
- success
FlowInspection:
type: object
description: Serializer for inspect endpoint
properties:
plans:
type: array
items:
$ref: '#/components/schemas/FlowInspectorPlan'
current_plan:
$ref: '#/components/schemas/FlowInspectorPlan'
is_completed:
type: boolean
required:
- is_completed
- plans
FlowInspectorPlan:
type: object
description: Serializer for an active FlowPlan
properties:
current_stage:
allOf:
- $ref: '#/components/schemas/FlowStageBinding'
readOnly: true
next_planned_stage:
allOf:
- $ref: '#/components/schemas/FlowStageBinding'
readOnly: true
plan_context:
type: object
additionalProperties: {}
description: Get the plan's context, sanitized
readOnly: true
session_id:
type: string
description: Get a unique session ID
readOnly: true
required:
- current_stage
- next_planned_stage
- plan_context
- session_id
FlowLayoutEnum:
enum:
- stacked
- content_left
- content_right
- sidebar_left
- sidebar_right
type: string
FlowRequest:
type: object
description: Flow Serializer
properties:
name:
type: string
minLength: 1
slug:
type: string
minLength: 1
description: Visible in the URL.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
title:
type: string
minLength: 1
description: Shown as the Title in Flow pages.
designation:
allOf:
- $ref: '#/components/schemas/FlowDesignationEnum'
description: Decides what this Flow is used for. For example, the Authentication
flow is redirect to when an un-authenticated user visits authentik.
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
compatibility_mode:
type: boolean
description: Enable compatibility mode, increases compatibility with password
managers on mobile devices.
layout:
$ref: '#/components/schemas/FlowLayoutEnum'
denied_action:
allOf:
- $ref: '#/components/schemas/DeniedActionEnum'
description: Configure what should happen when a flow denies access to a
user.
authentication:
allOf:
- $ref: '#/components/schemas/AuthenticationEnum'
description: Required level of authentication and authorization to access
a flow.
required:
- designation
- name
- slug
- title
FlowSet:
type: object
description: Stripped down flow serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Flow uuid
policybindingmodel_ptr_id:
type: string
format: uuid
readOnly: true
name:
type: string
slug:
type: string
description: Visible in the URL.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
title:
type: string
description: Shown as the Title in Flow pages.
designation:
allOf:
- $ref: '#/components/schemas/FlowDesignationEnum'
description: Decides what this Flow is used for. For example, the Authentication
flow is redirect to when an un-authenticated user visits authentik.
background:
type: string
description: |-
Get the URL to the background image. If the name is /static or starts with http
it is returned as-is
readOnly: true
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
compatibility_mode:
type: boolean
description: Enable compatibility mode, increases compatibility with password
managers on mobile devices.
export_url:
type: string
description: Get export URL for flow
readOnly: true
layout:
$ref: '#/components/schemas/FlowLayoutEnum'
denied_action:
allOf:
- $ref: '#/components/schemas/DeniedActionEnum'
description: Configure what should happen when a flow denies access to a
user.
required:
- background
- designation
- export_url
- name
- pk
- policybindingmodel_ptr_id
- slug
- title
FlowSetRequest:
type: object
description: Stripped down flow serializer
properties:
name:
type: string
minLength: 1
slug:
type: string
minLength: 1
description: Visible in the URL.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
title:
type: string
minLength: 1
description: Shown as the Title in Flow pages.
designation:
allOf:
- $ref: '#/components/schemas/FlowDesignationEnum'
description: Decides what this Flow is used for. For example, the Authentication
flow is redirect to when an un-authenticated user visits authentik.
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
compatibility_mode:
type: boolean
description: Enable compatibility mode, increases compatibility with password
managers on mobile devices.
layout:
$ref: '#/components/schemas/FlowLayoutEnum'
denied_action:
allOf:
- $ref: '#/components/schemas/DeniedActionEnum'
description: Configure what should happen when a flow denies access to a
user.
required:
- designation
- name
- slug
- title
FlowStageBinding:
type: object
description: FlowStageBinding Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Fsb uuid
policybindingmodel_ptr_id:
type: string
format: uuid
readOnly: true
target:
type: string
format: uuid
stage:
type: string
format: uuid
stage_obj:
allOf:
- $ref: '#/components/schemas/Stage'
readOnly: true
evaluate_on_plan:
type: boolean
description: Evaluate policies during the Flow planning process.
re_evaluate_policies:
type: boolean
description: Evaluate policies when the Stage is presented to the user.
order:
type: integer
maximum: 2147483647
minimum: -2147483648
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
invalid_response_action:
allOf:
- $ref: '#/components/schemas/InvalidResponseActionEnum'
description: Configure how the flow executor should handle an invalid response
to a challenge. RETRY returns the error message and a similar challenge
to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
restarts the flow while keeping the current context.
required:
- order
- pk
- policybindingmodel_ptr_id
- stage
- stage_obj
- target
FlowStageBindingRequest:
type: object
description: FlowStageBinding Serializer
properties:
target:
type: string
format: uuid
stage:
type: string
format: uuid
evaluate_on_plan:
type: boolean
description: Evaluate policies during the Flow planning process.
re_evaluate_policies:
type: boolean
description: Evaluate policies when the Stage is presented to the user.
order:
type: integer
maximum: 2147483647
minimum: -2147483648
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
invalid_response_action:
allOf:
- $ref: '#/components/schemas/InvalidResponseActionEnum'
description: Configure how the flow executor should handle an invalid response
to a challenge. RETRY returns the error message and a similar challenge
to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
restarts the flow while keeping the current context.
required:
- order
- stage
- target
FooterLink:
type: object
description: Links returned in Config API
properties:
href:
type: string
readOnly: true
nullable: true
name:
type: string
readOnly: true
required:
- href
- name
FrameChallenge:
type: object
description: Challenge type to render a frame
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: xak-flow-frame
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
url:
type: string
loading_overlay:
type: boolean
default: false
loading_text:
type: string
required:
- loading_text
- url
FrameChallengeResponseRequest:
type: object
description: Base class for all challenge responses
properties:
component:
type: string
minLength: 1
default: xak-flow-frame
GenericError:
type: object
description: Generic API Error
properties:
detail:
type: string
code:
type: string
required:
- detail
GeoIPPolicy:
type: object
description: GeoIP Policy Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Policy uuid
name:
type: string
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
bound_to:
type: integer
description: Return objects policy is bound to
readOnly: true
asns:
type: array
items:
type: integer
maximum: 2147483647
minimum: -2147483648
countries:
type: array
items:
$ref: '#/components/schemas/CountryCodeEnum'
maxItems: 249
countries_obj:
type: array
items:
$ref: '#/components/schemas/DetailedCountryField'
readOnly: true
check_history_distance:
type: boolean
history_max_distance_km:
type: integer
maximum: 9223372036854775807
minimum: 0
format: int64
distance_tolerance_km:
type: integer
maximum: 2147483647
minimum: 0
history_login_count:
type: integer
maximum: 2147483647
minimum: 0
check_impossible_travel:
type: boolean
impossible_tolerance_km:
type: integer
maximum: 2147483647
minimum: 0
required:
- bound_to
- component
- countries
- countries_obj
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
GeoIPPolicyRequest:
type: object
description: GeoIP Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
asns:
type: array
items:
type: integer
maximum: 2147483647
minimum: -2147483648
countries:
type: array
items:
$ref: '#/components/schemas/CountryCodeEnum'
maxItems: 249
check_history_distance:
type: boolean
history_max_distance_km:
type: integer
maximum: 9223372036854775807
minimum: 0
format: int64
distance_tolerance_km:
type: integer
maximum: 2147483647
minimum: 0
history_login_count:
type: integer
maximum: 2147483647
minimum: 0
check_impossible_travel:
type: boolean
impossible_tolerance_km:
type: integer
maximum: 2147483647
minimum: 0
required:
- countries
- name
GeoipBindingEnum:
enum:
- no_binding
- bind_continent
- bind_continent_country
- bind_continent_country_city
type: string
GoogleWorkspaceProvider:
type: object
description: GoogleWorkspaceProvider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
property_mappings:
type: array
items:
type: string
format: uuid
property_mappings_group:
type: array
items:
type: string
format: uuid
description: Property mappings used for group creation/updating.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
assigned_backchannel_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_backchannel_application_name:
type: string
description: Application's display Name.
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
delegated_subject:
type: string
format: email
maxLength: 254
credentials: {}
scopes:
type: string
exclude_users_service_account:
type: boolean
filter_group:
type: string
format: uuid
nullable: true
user_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
group_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
default_group_email_domain:
type: string
dry_run:
type: boolean
description: When enabled, provider will not modify or create objects in
the remote system.
required:
- assigned_backchannel_application_name
- assigned_backchannel_application_slug
- component
- credentials
- default_group_email_domain
- delegated_subject
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
GoogleWorkspaceProviderGroup:
type: object
description: GoogleWorkspaceProviderGroup Serializer
properties:
id:
type: string
format: uuid
readOnly: true
google_id:
type: string
group:
type: string
format: uuid
group_obj:
allOf:
- $ref: '#/components/schemas/UserGroup'
readOnly: true
provider:
type: integer
attributes:
readOnly: true
required:
- attributes
- google_id
- group
- group_obj
- id
- provider
GoogleWorkspaceProviderGroupRequest:
type: object
description: GoogleWorkspaceProviderGroup Serializer
properties:
google_id:
type: string
minLength: 1
group:
type: string
format: uuid
provider:
type: integer
required:
- google_id
- group
- provider
GoogleWorkspaceProviderMapping:
type: object
description: GoogleWorkspaceProviderMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
GoogleWorkspaceProviderMappingRequest:
type: object
description: GoogleWorkspaceProviderMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
required:
- expression
- name
GoogleWorkspaceProviderRequest:
type: object
description: GoogleWorkspaceProvider Serializer
properties:
name:
type: string
minLength: 1
property_mappings:
type: array
items:
type: string
format: uuid
property_mappings_group:
type: array
items:
type: string
format: uuid
description: Property mappings used for group creation/updating.
delegated_subject:
type: string
format: email
minLength: 1
maxLength: 254
credentials: {}
scopes:
type: string
minLength: 1
exclude_users_service_account:
type: boolean
filter_group:
type: string
format: uuid
nullable: true
user_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
group_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
default_group_email_domain:
type: string
minLength: 1
dry_run:
type: boolean
description: When enabled, provider will not modify or create objects in
the remote system.
required:
- credentials
- default_group_email_domain
- delegated_subject
- name
GoogleWorkspaceProviderUser:
type: object
description: GoogleWorkspaceProviderUser Serializer
properties:
id:
type: string
format: uuid
readOnly: true
google_id:
type: string
user:
type: integer
user_obj:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
provider:
type: integer
attributes:
readOnly: true
required:
- attributes
- google_id
- id
- provider
- user
- user_obj
GoogleWorkspaceProviderUserRequest:
type: object
description: GoogleWorkspaceProviderUser Serializer
properties:
google_id:
type: string
minLength: 1
user:
type: integer
provider:
type: integer
required:
- google_id
- provider
- user
Group:
type: object
description: Group Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Group uuid
num_pk:
type: integer
readOnly: true
name:
type: string
is_superuser:
type: boolean
description: Users added to this group will be superusers.
parent:
type: string
format: uuid
nullable: true
parent_name:
type: string
readOnly: true
nullable: true
users:
type: array
items:
type: integer
users_obj:
type: array
items:
$ref: '#/components/schemas/GroupMember'
readOnly: true
nullable: true
attributes:
type: object
additionalProperties: {}
roles:
type: array
items:
type: string
format: uuid
roles_obj:
type: array
items:
$ref: '#/components/schemas/Role'
readOnly: true
required:
- name
- num_pk
- parent_name
- pk
- roles_obj
- users_obj
GroupKerberosSourceConnection:
type: object
description: Group Source Connection
properties:
pk:
type: integer
readOnly: true
title: ID
group:
type: string
format: uuid
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- group
- identifier
- last_updated
- pk
- source
- source_obj
GroupKerberosSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
required:
- group
- identifier
- source
GroupLDAPSourceConnection:
type: object
description: Group Source Connection
properties:
pk:
type: integer
readOnly: true
title: ID
group:
type: string
format: uuid
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- group
- identifier
- last_updated
- pk
- source
- source_obj
GroupLDAPSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
required:
- group
- identifier
- source
GroupMatchingModeEnum:
enum:
- identifier
- name_link
- name_deny
type: string
GroupMember:
type: object
description: Stripped down user serializer to show relevant users for groups
properties:
pk:
type: integer
readOnly: true
title: ID
username:
type: string
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
only.
pattern: ^[\w.@+-]+$
maxLength: 150
name:
type: string
description: User's display name.
is_active:
type: boolean
title: Active
description: Designates whether this user should be treated as active. Unselect
this instead of deleting accounts.
last_login:
type: string
format: date-time
nullable: true
email:
type: string
format: email
title: Email address
maxLength: 254
attributes:
type: object
additionalProperties: {}
uid:
type: string
readOnly: true
required:
- name
- pk
- uid
- username
GroupMemberRequest:
type: object
description: Stripped down user serializer to show relevant users for groups
properties:
username:
type: string
minLength: 1
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
only.
pattern: ^[\w.@+-]+$
maxLength: 150
name:
type: string
minLength: 1
description: User's display name.
is_active:
type: boolean
title: Active
description: Designates whether this user should be treated as active. Unselect
this instead of deleting accounts.
last_login:
type: string
format: date-time
nullable: true
email:
type: string
format: email
title: Email address
maxLength: 254
attributes:
type: object
additionalProperties: {}
required:
- name
- username
GroupOAuthSourceConnection:
type: object
description: Group Source Connection
properties:
pk:
type: integer
readOnly: true
title: ID
group:
type: string
format: uuid
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- group
- identifier
- last_updated
- pk
- source
- source_obj
GroupOAuthSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
required:
- group
- identifier
- source
GroupPlexSourceConnection:
type: object
description: Group Source Connection
properties:
pk:
type: integer
readOnly: true
title: ID
group:
type: string
format: uuid
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- group
- identifier
- last_updated
- pk
- source
- source_obj
GroupPlexSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
required:
- group
- identifier
- source
GroupRequest:
type: object
description: Group Serializer
properties:
name:
type: string
minLength: 1
is_superuser:
type: boolean
description: Users added to this group will be superusers.
parent:
type: string
format: uuid
nullable: true
users:
type: array
items:
type: integer
attributes:
type: object
additionalProperties: {}
roles:
type: array
items:
type: string
format: uuid
required:
- name
GroupSAMLSourceConnection:
type: object
description: Group Source Connection
properties:
pk:
type: integer
readOnly: true
title: ID
group:
type: string
format: uuid
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- group
- identifier
- last_updated
- pk
- source
- source_obj
GroupSAMLSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
required:
- group
- identifier
- source
GroupSourceConnection:
type: object
description: Group Source Connection
properties:
pk:
type: integer
readOnly: true
title: ID
group:
type: string
format: uuid
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- group
- identifier
- last_updated
- pk
- source
- source_obj
GroupSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
required:
- group
- identifier
- source
IdentificationChallenge:
type: object
description: Identification challenges with all UI elements
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-identification
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
user_fields:
type: array
items:
type: string
nullable: true
password_fields:
type: boolean
allow_show_password:
type: boolean
default: false
application_pre:
type: string
flow_designation:
$ref: '#/components/schemas/FlowDesignationEnum'
captcha_stage:
allOf:
- $ref: '#/components/schemas/CaptchaChallenge'
nullable: true
enroll_url:
type: string
recovery_url:
type: string
passwordless_url:
type: string
primary_action:
type: string
sources:
type: array
items:
$ref: '#/components/schemas/LoginSource'
show_source_labels:
type: boolean
enable_remember_me:
type: boolean
default: true
required:
- flow_designation
- password_fields
- primary_action
- show_source_labels
- user_fields
IdentificationChallengeResponseRequest:
type: object
description: Identification challenge
properties:
component:
type: string
minLength: 1
default: ak-stage-identification
uid_field:
type: string
minLength: 1
password:
type: string
nullable: true
captcha_token:
type: string
nullable: true
required:
- uid_field
IdentificationStage:
type: object
description: IdentificationStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
user_fields:
type: array
items:
$ref: '#/components/schemas/UserFieldsEnum'
description: Fields of the user object to match against. (Hold shift to
select multiple options)
password_stage:
type: string
format: uuid
nullable: true
description: When set, shows a password field, instead of showing the password
field as separate step.
captcha_stage:
type: string
format: uuid
nullable: true
description: When set, adds functionality exactly like a Captcha stage,
but baked into the Identification stage.
case_insensitive_matching:
type: boolean
description: When enabled, user fields are matched regardless of their casing.
show_matched_user:
type: boolean
description: When a valid username/email has been entered, and this option
is enabled, the user's username and avatar will be shown. Otherwise, the
text that the user entered will be shown
enrollment_flow:
type: string
format: uuid
nullable: true
description: Optional enrollment flow, which is linked at the bottom of
the page.
recovery_flow:
type: string
format: uuid
nullable: true
description: Optional recovery flow, which is linked at the bottom of the
page.
passwordless_flow:
type: string
format: uuid
nullable: true
description: Optional passwordless flow, which is linked at the bottom of
the page.
sources:
type: array
items:
type: string
format: uuid
description: Specify which sources should be shown.
show_source_labels:
type: boolean
pretend_user_exists:
type: boolean
description: When enabled, the stage will succeed and continue even when
incorrect user info is entered.
enable_remember_me:
type: boolean
description: Show the user the 'Remember me on this device' toggle, allowing
repeat users to skip straight to entering their password.
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
IdentificationStageRequest:
type: object
description: IdentificationStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
user_fields:
type: array
items:
$ref: '#/components/schemas/UserFieldsEnum'
description: Fields of the user object to match against. (Hold shift to
select multiple options)
password_stage:
type: string
format: uuid
nullable: true
description: When set, shows a password field, instead of showing the password
field as separate step.
captcha_stage:
type: string
format: uuid
nullable: true
description: When set, adds functionality exactly like a Captcha stage,
but baked into the Identification stage.
case_insensitive_matching:
type: boolean
description: When enabled, user fields are matched regardless of their casing.
show_matched_user:
type: boolean
description: When a valid username/email has been entered, and this option
is enabled, the user's username and avatar will be shown. Otherwise, the
text that the user entered will be shown
enrollment_flow:
type: string
format: uuid
nullable: true
description: Optional enrollment flow, which is linked at the bottom of
the page.
recovery_flow:
type: string
format: uuid
nullable: true
description: Optional recovery flow, which is linked at the bottom of the
page.
passwordless_flow:
type: string
format: uuid
nullable: true
description: Optional passwordless flow, which is linked at the bottom of
the page.
sources:
type: array
items:
type: string
format: uuid
description: Specify which sources should be shown.
show_source_labels:
type: boolean
pretend_user_exists:
type: boolean
description: When enabled, the stage will succeed and continue even when
incorrect user info is entered.
enable_remember_me:
type: boolean
description: Show the user the 'Remember me on this device' toggle, allowing
repeat users to skip straight to entering their password.
required:
- name
ImpersonationRequest:
type: object
properties:
reason:
type: string
minLength: 1
required:
- reason
InitialPermissions:
type: object
description: InitialPermissions serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
maxLength: 150
mode:
$ref: '#/components/schemas/InitialPermissionsModeEnum'
role:
type: string
format: uuid
permissions:
type: array
items:
type: integer
permissions_obj:
type: array
items:
$ref: '#/components/schemas/Permission'
readOnly: true
required:
- mode
- name
- permissions_obj
- pk
- role
InitialPermissionsModeEnum:
enum:
- user
- role
type: string
InitialPermissionsRequest:
type: object
description: InitialPermissions serializer
properties:
name:
type: string
minLength: 1
maxLength: 150
mode:
$ref: '#/components/schemas/InitialPermissionsModeEnum'
role:
type: string
format: uuid
permissions:
type: array
items:
type: integer
required:
- mode
- name
- role
InstallID:
type: object
properties:
install_id:
type: string
required:
- install_id
IntentEnum:
enum:
- verification
- api
- recovery
- app_password
type: string
InvalidResponseActionEnum:
enum:
- retry
- restart
- restart_with_context
type: string
Invitation:
type: object
description: Invitation Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Invite uuid
name:
type: string
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
expires:
type: string
format: date-time
nullable: true
fixed_data:
type: object
additionalProperties: {}
created_by:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
single_use:
type: boolean
description: When enabled, the invitation will be deleted after usage.
flow:
type: string
format: uuid
nullable: true
description: When set, only the configured flow can use this invitation.
flow_obj:
allOf:
- $ref: '#/components/schemas/Flow'
readOnly: true
required:
- created_by
- flow_obj
- name
- pk
InvitationRequest:
type: object
description: Invitation Serializer
properties:
name:
type: string
minLength: 1
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
expires:
type: string
format: date-time
nullable: true
fixed_data:
type: object
additionalProperties: {}
single_use:
type: boolean
description: When enabled, the invitation will be deleted after usage.
flow:
type: string
format: uuid
nullable: true
description: When set, only the configured flow can use this invitation.
required:
- name
InvitationStage:
type: object
description: InvitationStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
continue_flow_without_invitation:
type: boolean
description: If this flag is set, this Stage will jump to the next Stage
when no Invitation is given. By default this Stage will cancel the Flow
when no invitation is given.
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
InvitationStageRequest:
type: object
description: InvitationStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
continue_flow_without_invitation:
type: boolean
description: If this flag is set, this Stage will jump to the next Stage
when no Invitation is given. By default this Stage will cancel the Flow
when no invitation is given.
required:
- name
IssuerModeEnum:
enum:
- global
- per_provider
type: string
KadminTypeEnum:
enum:
- MIT
- Heimdal
- other
type: string
KerberosSource:
type: object
description: Kerberos Source Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pbm uuid
name:
type: string
description: Source's display Name.
slug:
type: string
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
readOnly: true
user_path_template:
type: string
icon:
type: string
readOnly: true
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
realm:
type: string
description: Kerberos realm
krb5_conf:
type: string
description: Custom krb5.conf to use. Uses the system one by default
kadmin_type:
allOf:
- $ref: '#/components/schemas/KadminTypeEnum'
description: KAdmin server type
sync_users:
type: boolean
description: Sync users from Kerberos into authentik
sync_users_password:
type: boolean
description: When a user changes their password, sync it back to Kerberos
sync_principal:
type: string
description: Principal to authenticate to kadmin for sync.
sync_ccache:
type: string
description: Credentials cache to authenticate to kadmin for sync. Must
be in the form TYPE:residual
connectivity:
type: object
additionalProperties:
type: string
nullable: true
description: Get cached source connectivity
readOnly: true
spnego_server_name:
type: string
description: Force the use of a specific server name for SPNEGO. Must be
in the form HTTP@hostname
spnego_ccache:
type: string
description: Credential cache to use for SPNEGO in form type:residual
password_login_update_internal_password:
type: boolean
description: If enabled, the authentik-stored password will be updated upon
login with the Kerberos password backend
required:
- component
- connectivity
- icon
- managed
- meta_model_name
- name
- pk
- realm
- slug
- verbose_name
- verbose_name_plural
KerberosSourcePropertyMapping:
type: object
description: Kerberos PropertyMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
KerberosSourcePropertyMappingRequest:
type: object
description: Kerberos PropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
required:
- expression
- name
KerberosSourceRequest:
type: object
description: Kerberos Source Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
user_path_template:
type: string
minLength: 1
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
realm:
type: string
minLength: 1
description: Kerberos realm
krb5_conf:
type: string
description: Custom krb5.conf to use. Uses the system one by default
kadmin_type:
allOf:
- $ref: '#/components/schemas/KadminTypeEnum'
description: KAdmin server type
sync_users:
type: boolean
description: Sync users from Kerberos into authentik
sync_users_password:
type: boolean
description: When a user changes their password, sync it back to Kerberos
sync_principal:
type: string
description: Principal to authenticate to kadmin for sync.
sync_password:
type: string
writeOnly: true
description: Password to authenticate to kadmin for sync
sync_keytab:
type: string
writeOnly: true
description: Keytab to authenticate to kadmin for sync. Must be base64-encoded
or in the form TYPE:residual
sync_ccache:
type: string
description: Credentials cache to authenticate to kadmin for sync. Must
be in the form TYPE:residual
spnego_server_name:
type: string
description: Force the use of a specific server name for SPNEGO. Must be
in the form HTTP@hostname
spnego_keytab:
type: string
writeOnly: true
description: SPNEGO keytab base64-encoded or path to keytab in the form
FILE:path
spnego_ccache:
type: string
description: Credential cache to use for SPNEGO in form type:residual
password_login_update_internal_password:
type: boolean
description: If enabled, the authentik-stored password will be updated upon
login with the Kerberos password backend
required:
- name
- realm
- slug
KerberosSyncStatus:
type: object
description: Kerberos Source sync status
properties:
is_running:
type: boolean
readOnly: true
tasks:
type: array
items:
$ref: '#/components/schemas/SystemTask'
readOnly: true
required:
- is_running
- tasks
KubernetesServiceConnection:
type: object
description: KubernetesServiceConnection Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Uuid
name:
type: string
local:
type: boolean
description: If enabled, use the local connection. Required Docker socket/Kubernetes
Integration
component:
type: string
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
kubeconfig:
description: Paste your kubeconfig here. authentik will automatically use
the currently selected context.
verify_ssl:
type: boolean
description: Verify SSL Certificates of the Kubernetes API endpoint
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
KubernetesServiceConnectionRequest:
type: object
description: KubernetesServiceConnection Serializer
properties:
name:
type: string
minLength: 1
local:
type: boolean
description: If enabled, use the local connection. Required Docker socket/Kubernetes
Integration
kubeconfig:
description: Paste your kubeconfig here. authentik will automatically use
the currently selected context.
verify_ssl:
type: boolean
description: Verify SSL Certificates of the Kubernetes API endpoint
required:
- name
LDAPAPIAccessMode:
enum:
- direct
- cached
type: string
LDAPCheckAccess:
type: object
description: Base serializer class which doesn't implement create/update methods
properties:
has_search_permission:
type: boolean
access:
$ref: '#/components/schemas/PolicyTestResult'
required:
- access
LDAPDebug:
type: object
properties:
user:
type: array
items:
type: object
additionalProperties: {}
readOnly: true
group:
type: array
items:
type: object
additionalProperties: {}
readOnly: true
membership:
type: array
items:
type: object
additionalProperties: {}
readOnly: true
required:
- group
- membership
- user
LDAPOutpostConfig:
type: object
description: LDAPProvider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
base_dn:
type: string
description: DN under which objects are accessible.
bind_flow_slug:
type: string
unbind_flow_slug:
type: string
nullable: true
description: Get slug for unbind flow, defaulting to brand's default flow.
readOnly: true
application_slug:
type: string
description: Prioritise backchannel slug over direct application slug
readOnly: true
certificate:
type: string
format: uuid
nullable: true
tls_server_name:
type: string
uid_start_number:
type: integer
maximum: 2147483647
minimum: -2147483648
description: The start for uidNumbers, this number is added to the user.pk
to make sure that the numbers aren't too low for POSIX users. Default
is 2000 to ensure that we don't collide with local users uidNumber
gid_start_number:
type: integer
maximum: 2147483647
minimum: -2147483648
description: The start for gidNumbers, this number is added to a number
generated from the group.pk to make sure that the numbers aren't too low
for POSIX groups. Default is 4000 to ensure that we don't collide with
local groups or users primary groups gidNumber
search_mode:
$ref: '#/components/schemas/LDAPAPIAccessMode'
bind_mode:
$ref: '#/components/schemas/LDAPAPIAccessMode'
mfa_support:
type: boolean
description: When enabled, code-based multi-factor authentication can be
used by appending a semicolon and the TOTP code to the password. This
should only be enabled if all users that will bind to this provider have
a TOTP device configured, as otherwise a password may incorrectly be rejected
if it contains a semicolon.
required:
- application_slug
- bind_flow_slug
- name
- pk
- unbind_flow_slug
LDAPProvider:
type: object
description: LDAPProvider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
assigned_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_application_name:
type: string
description: Application's display Name.
readOnly: true
assigned_backchannel_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_backchannel_application_name:
type: string
description: Application's display Name.
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
base_dn:
type: string
description: DN under which objects are accessible.
certificate:
type: string
format: uuid
nullable: true
tls_server_name:
type: string
uid_start_number:
type: integer
maximum: 2147483647
minimum: -2147483648
description: The start for uidNumbers, this number is added to the user.pk
to make sure that the numbers aren't too low for POSIX users. Default
is 2000 to ensure that we don't collide with local users uidNumber
gid_start_number:
type: integer
maximum: 2147483647
minimum: -2147483648
description: The start for gidNumbers, this number is added to a number
generated from the group.pk to make sure that the numbers aren't too low
for POSIX groups. Default is 4000 to ensure that we don't collide with
local groups or users primary groups gidNumber
outpost_set:
type: array
items:
type: string
readOnly: true
search_mode:
$ref: '#/components/schemas/LDAPAPIAccessMode'
bind_mode:
$ref: '#/components/schemas/LDAPAPIAccessMode'
mfa_support:
type: boolean
description: When enabled, code-based multi-factor authentication can be
used by appending a semicolon and the TOTP code to the password. This
should only be enabled if all users that will bind to this provider have
a TOTP device configured, as otherwise a password may incorrectly be rejected
if it contains a semicolon.
required:
- assigned_application_name
- assigned_application_slug
- assigned_backchannel_application_name
- assigned_backchannel_application_slug
- authorization_flow
- component
- invalidation_flow
- meta_model_name
- name
- outpost_set
- pk
- verbose_name
- verbose_name_plural
LDAPProviderRequest:
type: object
description: LDAPProvider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
base_dn:
type: string
minLength: 1
description: DN under which objects are accessible.
certificate:
type: string
format: uuid
nullable: true
tls_server_name:
type: string
uid_start_number:
type: integer
maximum: 2147483647
minimum: -2147483648
description: The start for uidNumbers, this number is added to the user.pk
to make sure that the numbers aren't too low for POSIX users. Default
is 2000 to ensure that we don't collide with local users uidNumber
gid_start_number:
type: integer
maximum: 2147483647
minimum: -2147483648
description: The start for gidNumbers, this number is added to a number
generated from the group.pk to make sure that the numbers aren't too low
for POSIX groups. Default is 4000 to ensure that we don't collide with
local groups or users primary groups gidNumber
search_mode:
$ref: '#/components/schemas/LDAPAPIAccessMode'
bind_mode:
$ref: '#/components/schemas/LDAPAPIAccessMode'
mfa_support:
type: boolean
description: When enabled, code-based multi-factor authentication can be
used by appending a semicolon and the TOTP code to the password. This
should only be enabled if all users that will bind to this provider have
a TOTP device configured, as otherwise a password may incorrectly be rejected
if it contains a semicolon.
required:
- authorization_flow
- invalidation_flow
- name
LDAPSource:
type: object
description: LDAP Source Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pbm uuid
name:
type: string
description: Source's display Name.
slug:
type: string
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
readOnly: true
user_path_template:
type: string
icon:
type: string
readOnly: true
server_uri:
type: string
format: uri
peer_certificate:
type: string
format: uuid
nullable: true
description: Optionally verify the LDAP Server's Certificate against the
CA Chain in this keypair.
client_certificate:
type: string
format: uuid
nullable: true
description: Client certificate to authenticate against the LDAP Server's
Certificate.
bind_cn:
type: string
start_tls:
type: boolean
title: Enable Start TLS
sni:
type: boolean
title: Use Server URI for SNI verification
base_dn:
type: string
additional_user_dn:
type: string
title: Addition User DN
description: Prepended to Base DN for User-queries.
additional_group_dn:
type: string
title: Addition Group DN
description: Prepended to Base DN for Group-queries.
user_object_filter:
type: string
description: Consider Objects matching this filter to be Users.
group_object_filter:
type: string
description: Consider Objects matching this filter to be Groups.
group_membership_field:
type: string
description: Field which contains members of a group.
user_membership_attribute:
type: string
description: Attribute which matches the value of `group_membership_field`.
object_uniqueness_field:
type: string
description: Field which contains a unique Identifier.
password_login_update_internal_password:
type: boolean
description: Update internal authentik password when login succeeds with
LDAP
sync_users:
type: boolean
sync_users_password:
type: boolean
description: When a user changes their password, sync it back to LDAP. This
can only be enabled on a single LDAP source.
sync_groups:
type: boolean
sync_parent_group:
type: string
format: uuid
nullable: true
connectivity:
type: object
additionalProperties:
type: object
additionalProperties:
type: string
nullable: true
description: Get cached source connectivity
readOnly: true
lookup_groups_from_user:
type: boolean
description: Lookup group membership based on a user attribute instead of
a group attribute. This allows nested group resolution on systems like
FreeIPA and Active Directory
delete_not_found_objects:
type: boolean
description: Delete authentik users and groups which were previously supplied
by this source, but are now missing from it.
required:
- base_dn
- component
- connectivity
- icon
- managed
- meta_model_name
- name
- pk
- server_uri
- slug
- verbose_name
- verbose_name_plural
LDAPSourcePropertyMapping:
type: object
description: LDAP PropertyMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
LDAPSourcePropertyMappingRequest:
type: object
description: LDAP PropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
required:
- expression
- name
LDAPSourceRequest:
type: object
description: LDAP Source Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
user_path_template:
type: string
minLength: 1
server_uri:
type: string
minLength: 1
format: uri
peer_certificate:
type: string
format: uuid
nullable: true
description: Optionally verify the LDAP Server's Certificate against the
CA Chain in this keypair.
client_certificate:
type: string
format: uuid
nullable: true
description: Client certificate to authenticate against the LDAP Server's
Certificate.
bind_cn:
type: string
bind_password:
type: string
writeOnly: true
start_tls:
type: boolean
title: Enable Start TLS
sni:
type: boolean
title: Use Server URI for SNI verification
base_dn:
type: string
minLength: 1
additional_user_dn:
type: string
title: Addition User DN
description: Prepended to Base DN for User-queries.
additional_group_dn:
type: string
title: Addition Group DN
description: Prepended to Base DN for Group-queries.
user_object_filter:
type: string
minLength: 1
description: Consider Objects matching this filter to be Users.
group_object_filter:
type: string
minLength: 1
description: Consider Objects matching this filter to be Groups.
group_membership_field:
type: string
minLength: 1
description: Field which contains members of a group.
user_membership_attribute:
type: string
minLength: 1
description: Attribute which matches the value of `group_membership_field`.
object_uniqueness_field:
type: string
minLength: 1
description: Field which contains a unique Identifier.
password_login_update_internal_password:
type: boolean
description: Update internal authentik password when login succeeds with
LDAP
sync_users:
type: boolean
sync_users_password:
type: boolean
description: When a user changes their password, sync it back to LDAP. This
can only be enabled on a single LDAP source.
sync_groups:
type: boolean
sync_parent_group:
type: string
format: uuid
nullable: true
lookup_groups_from_user:
type: boolean
description: Lookup group membership based on a user attribute instead of
a group attribute. This allows nested group resolution on systems like
FreeIPA and Active Directory
delete_not_found_objects:
type: boolean
description: Delete authentik users and groups which were previously supplied
by this source, but are now missing from it.
required:
- base_dn
- name
- server_uri
- slug
License:
type: object
description: License Serializer
properties:
license_uuid:
type: string
format: uuid
readOnly: true
name:
type: string
readOnly: true
key:
type: string
expiry:
type: string
format: date-time
readOnly: true
internal_users:
type: integer
readOnly: true
external_users:
type: integer
readOnly: true
required:
- expiry
- external_users
- internal_users
- key
- license_uuid
- name
LicenseFlagsEnum:
enum:
- trial
- non_production
type: string
LicenseForecast:
type: object
description: Serializer for license forecast
properties:
internal_users:
type: integer
external_users:
type: integer
forecasted_internal_users:
type: integer
forecasted_external_users:
type: integer
required:
- external_users
- forecasted_external_users
- forecasted_internal_users
- internal_users
LicenseRequest:
type: object
description: License Serializer
properties:
key:
type: string
minLength: 1
required:
- key
LicenseSummary:
type: object
description: Serializer for license status
properties:
internal_users:
type: integer
external_users:
type: integer
status:
$ref: '#/components/schemas/LicenseSummaryStatusEnum'
latest_valid:
type: string
format: date-time
license_flags:
type: array
items:
$ref: '#/components/schemas/LicenseFlagsEnum'
required:
- external_users
- internal_users
- latest_valid
- license_flags
- status
LicenseSummaryStatusEnum:
enum:
- unlicensed
- valid
- expired
- expiry_soon
- limit_exceeded_admin
- limit_exceeded_user
- read_only
type: string
Link:
type: object
description: Returns a single link
properties:
link:
type: string
required:
- link
LogEvent:
type: object
description: Single log message with all context logged.
properties:
timestamp:
type: string
format: date-time
log_level:
$ref: '#/components/schemas/LogLevelEnum'
logger:
type: string
event:
type: string
attributes:
type: object
additionalProperties: {}
required:
- attributes
- event
- log_level
- logger
- timestamp
LogLevelEnum:
enum:
- critical
- exception
- error
- warn
- warning
- info
- debug
- notset
type: string
LoginChallengeTypes:
oneOf:
- $ref: '#/components/schemas/RedirectChallenge'
- $ref: '#/components/schemas/AppleLoginChallenge'
- $ref: '#/components/schemas/PlexAuthenticationChallenge'
discriminator:
propertyName: component
mapping:
xak-flow-redirect: '#/components/schemas/RedirectChallenge'
ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
LoginMetrics:
type: object
description: Login Metrics per 1h
properties:
logins:
type: array
items:
$ref: '#/components/schemas/Coordinate'
readOnly: true
logins_failed:
type: array
items:
$ref: '#/components/schemas/Coordinate'
readOnly: true
authorizations:
type: array
items:
$ref: '#/components/schemas/Coordinate'
readOnly: true
required:
- authorizations
- logins
- logins_failed
LoginSource:
type: object
description: Serializer for Login buttons of sources
properties:
name:
type: string
icon_url:
type: string
nullable: true
challenge:
$ref: '#/components/schemas/LoginChallengeTypes'
required:
- challenge
- name
MatchingModeEnum:
enum:
- strict
- regex
type: string
Metadata:
type: object
description: Serializer for blueprint metadata
properties:
name:
type: string
labels:
type: object
additionalProperties: {}
required:
- labels
- name
MicrosoftEntraProvider:
type: object
description: MicrosoftEntraProvider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
property_mappings:
type: array
items:
type: string
format: uuid
property_mappings_group:
type: array
items:
type: string
format: uuid
description: Property mappings used for group creation/updating.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
assigned_backchannel_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_backchannel_application_name:
type: string
description: Application's display Name.
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
client_id:
type: string
client_secret:
type: string
tenant_id:
type: string
exclude_users_service_account:
type: boolean
filter_group:
type: string
format: uuid
nullable: true
user_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
group_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
dry_run:
type: boolean
description: When enabled, provider will not modify or create objects in
the remote system.
required:
- assigned_backchannel_application_name
- assigned_backchannel_application_slug
- client_id
- client_secret
- component
- meta_model_name
- name
- pk
- tenant_id
- verbose_name
- verbose_name_plural
MicrosoftEntraProviderGroup:
type: object
description: MicrosoftEntraProviderGroup Serializer
properties:
id:
type: string
format: uuid
readOnly: true
microsoft_id:
type: string
group:
type: string
format: uuid
group_obj:
allOf:
- $ref: '#/components/schemas/UserGroup'
readOnly: true
provider:
type: integer
attributes:
readOnly: true
required:
- attributes
- group
- group_obj
- id
- microsoft_id
- provider
MicrosoftEntraProviderGroupRequest:
type: object
description: MicrosoftEntraProviderGroup Serializer
properties:
microsoft_id:
type: string
minLength: 1
group:
type: string
format: uuid
provider:
type: integer
required:
- group
- microsoft_id
- provider
MicrosoftEntraProviderMapping:
type: object
description: MicrosoftEntraProviderMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
MicrosoftEntraProviderMappingRequest:
type: object
description: MicrosoftEntraProviderMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
required:
- expression
- name
MicrosoftEntraProviderRequest:
type: object
description: MicrosoftEntraProvider Serializer
properties:
name:
type: string
minLength: 1
property_mappings:
type: array
items:
type: string
format: uuid
property_mappings_group:
type: array
items:
type: string
format: uuid
description: Property mappings used for group creation/updating.
client_id:
type: string
minLength: 1
client_secret:
type: string
minLength: 1
tenant_id:
type: string
minLength: 1
exclude_users_service_account:
type: boolean
filter_group:
type: string
format: uuid
nullable: true
user_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
group_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
dry_run:
type: boolean
description: When enabled, provider will not modify or create objects in
the remote system.
required:
- client_id
- client_secret
- name
- tenant_id
MicrosoftEntraProviderUser:
type: object
description: MicrosoftEntraProviderUser Serializer
properties:
id:
type: string
format: uuid
readOnly: true
microsoft_id:
type: string
user:
type: integer
user_obj:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
provider:
type: integer
attributes:
readOnly: true
required:
- attributes
- id
- microsoft_id
- provider
- user
- user_obj
MicrosoftEntraProviderUserRequest:
type: object
description: MicrosoftEntraProviderUser Serializer
properties:
microsoft_id:
type: string
minLength: 1
user:
type: integer
provider:
type: integer
required:
- microsoft_id
- provider
- user
ModelEnum:
enum:
- authentik_tenants.domain
- authentik_crypto.certificatekeypair
- authentik_flows.flow
- authentik_flows.flowstagebinding
- authentik_outposts.dockerserviceconnection
- authentik_outposts.kubernetesserviceconnection
- authentik_outposts.outpost
- authentik_policies_dummy.dummypolicy
- authentik_policies_event_matcher.eventmatcherpolicy
- authentik_policies_expiry.passwordexpirypolicy
- authentik_policies_expression.expressionpolicy
- authentik_policies_geoip.geoippolicy
- authentik_policies_password.passwordpolicy
- authentik_policies_reputation.reputationpolicy
- authentik_policies.policybinding
- authentik_providers_ldap.ldapprovider
- authentik_providers_oauth2.scopemapping
- authentik_providers_oauth2.oauth2provider
- authentik_providers_proxy.proxyprovider
- authentik_providers_rac.racprovider
- authentik_providers_rac.endpoint
- authentik_providers_rac.racpropertymapping
- authentik_providers_radius.radiusprovider
- authentik_providers_radius.radiusproviderpropertymapping
- authentik_providers_saml.samlprovider
- authentik_providers_saml.samlpropertymapping
- authentik_providers_scim.scimprovider
- authentik_providers_scim.scimmapping
- authentik_rbac.role
- authentik_rbac.initialpermissions
- authentik_sources_kerberos.kerberossource
- authentik_sources_kerberos.kerberossourcepropertymapping
- authentik_sources_kerberos.userkerberossourceconnection
- authentik_sources_kerberos.groupkerberossourceconnection
- authentik_sources_ldap.ldapsource
- authentik_sources_ldap.ldapsourcepropertymapping
- authentik_sources_ldap.userldapsourceconnection
- authentik_sources_ldap.groupldapsourceconnection
- authentik_sources_oauth.oauthsource
- authentik_sources_oauth.oauthsourcepropertymapping
- authentik_sources_oauth.useroauthsourceconnection
- authentik_sources_oauth.groupoauthsourceconnection
- authentik_sources_plex.plexsource
- authentik_sources_plex.plexsourcepropertymapping
- authentik_sources_plex.userplexsourceconnection
- authentik_sources_plex.groupplexsourceconnection
- authentik_sources_saml.samlsource
- authentik_sources_saml.samlsourcepropertymapping
- authentik_sources_saml.usersamlsourceconnection
- authentik_sources_saml.groupsamlsourceconnection
- authentik_sources_scim.scimsource
- authentik_sources_scim.scimsourcepropertymapping
- authentik_stages_authenticator_duo.authenticatorduostage
- authentik_stages_authenticator_duo.duodevice
- authentik_stages_authenticator_email.authenticatoremailstage
- authentik_stages_authenticator_email.emaildevice
- authentik_stages_authenticator_sms.authenticatorsmsstage
- authentik_stages_authenticator_sms.smsdevice
- authentik_stages_authenticator_static.authenticatorstaticstage
- authentik_stages_authenticator_static.staticdevice
- authentik_stages_authenticator_totp.authenticatortotpstage
- authentik_stages_authenticator_totp.totpdevice
- authentik_stages_authenticator_validate.authenticatorvalidatestage
- authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
- authentik_stages_authenticator_webauthn.webauthndevice
- authentik_stages_captcha.captchastage
- authentik_stages_consent.consentstage
- authentik_stages_consent.userconsent
- authentik_stages_deny.denystage
- authentik_stages_dummy.dummystage
- authentik_stages_email.emailstage
- authentik_stages_identification.identificationstage
- authentik_stages_invitation.invitationstage
- authentik_stages_invitation.invitation
- authentik_stages_password.passwordstage
- authentik_stages_prompt.prompt
- authentik_stages_prompt.promptstage
- authentik_stages_redirect.redirectstage
- authentik_stages_user_delete.userdeletestage
- authentik_stages_user_login.userloginstage
- authentik_stages_user_logout.userlogoutstage
- authentik_stages_user_write.userwritestage
- authentik_brands.brand
- authentik_blueprints.blueprintinstance
- authentik_core.group
- authentik_core.user
- authentik_core.application
- authentik_core.applicationentitlement
- authentik_core.token
- authentik_enterprise.license
- authentik_policies_unique_password.uniquepasswordpolicy
- authentik_providers_google_workspace.googleworkspaceprovider
- authentik_providers_google_workspace.googleworkspaceprovidermapping
- authentik_providers_microsoft_entra.microsoftentraprovider
- authentik_providers_microsoft_entra.microsoftentraprovidermapping
- authentik_providers_ssf.ssfprovider
- authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage
- authentik_stages_mtls.mutualtlsstage
- authentik_stages_source.sourcestage
- authentik_events.event
- authentik_events.notificationtransport
- authentik_events.notification
- authentik_events.notificationrule
- authentik_events.notificationwebhookmapping
type: string
MutualTLSStage:
type: object
description: MutualTLSStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
mode:
$ref: '#/components/schemas/MutualTLSStageModeEnum'
certificate_authorities:
type: array
items:
type: string
format: uuid
description: Configure certificate authorities to validate the certificate
against. This option has a higher priority than the `client_certificate`
option on `Brand`.
cert_attribute:
$ref: '#/components/schemas/CertAttributeEnum'
user_attribute:
$ref: '#/components/schemas/UserAttributeEnum'
required:
- cert_attribute
- component
- meta_model_name
- mode
- name
- pk
- user_attribute
- verbose_name
- verbose_name_plural
MutualTLSStageModeEnum:
enum:
- optional
- required
type: string
MutualTLSStageRequest:
type: object
description: MutualTLSStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
mode:
$ref: '#/components/schemas/MutualTLSStageModeEnum'
certificate_authorities:
type: array
items:
type: string
format: uuid
description: Configure certificate authorities to validate the certificate
against. This option has a higher priority than the `client_certificate`
option on `Brand`.
cert_attribute:
$ref: '#/components/schemas/CertAttributeEnum'
user_attribute:
$ref: '#/components/schemas/UserAttributeEnum'
required:
- cert_attribute
- mode
- name
- user_attribute
NameIdPolicyEnum:
enum:
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
- urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
- urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
type: string
NetworkBindingEnum:
enum:
- no_binding
- bind_asn
- bind_asn_network
- bind_asn_network_ip
type: string
NotConfiguredActionEnum:
enum:
- skip
- deny
- configure
type: string
Notification:
type: object
description: Notification Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Uuid
severity:
allOf:
- $ref: '#/components/schemas/SeverityEnum'
readOnly: true
body:
type: string
readOnly: true
created:
type: string
format: date-time
readOnly: true
event:
$ref: '#/components/schemas/Event'
seen:
type: boolean
required:
- body
- created
- pk
- severity
NotificationRequest:
type: object
description: Notification Serializer
properties:
event:
$ref: '#/components/schemas/EventRequest'
seen:
type: boolean
NotificationRule:
type: object
description: NotificationRule Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pbm uuid
name:
type: string
transports:
type: array
items:
type: string
format: uuid
description: Select which transports should be used to notify the user.
If none are selected, the notification will only be shown in the authentik
UI.
severity:
allOf:
- $ref: '#/components/schemas/SeverityEnum'
description: Controls which severity level the created notifications will
have.
group:
type: string
format: uuid
nullable: true
description: Define which group of users this notification should be sent
and shown to. If left empty, Notification won't ben sent.
group_obj:
allOf:
- $ref: '#/components/schemas/Group'
readOnly: true
required:
- group_obj
- name
- pk
NotificationRuleRequest:
type: object
description: NotificationRule Serializer
properties:
name:
type: string
minLength: 1
transports:
type: array
items:
type: string
format: uuid
description: Select which transports should be used to notify the user.
If none are selected, the notification will only be shown in the authentik
UI.
severity:
allOf:
- $ref: '#/components/schemas/SeverityEnum'
description: Controls which severity level the created notifications will
have.
group:
type: string
format: uuid
nullable: true
description: Define which group of users this notification should be sent
and shown to. If left empty, Notification won't ben sent.
required:
- name
NotificationTransport:
type: object
description: NotificationTransport Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Uuid
name:
type: string
mode:
$ref: '#/components/schemas/NotificationTransportModeEnum'
mode_verbose:
type: string
description: Return selected mode with a UI Label
readOnly: true
webhook_url:
type: string
format: uri
webhook_mapping_body:
type: string
format: uuid
nullable: true
description: Customize the body of the request. Mapping should return data
that is JSON-serializable.
webhook_mapping_headers:
type: string
format: uuid
nullable: true
description: Configure additional headers to be sent. Mapping should return
a dictionary of key-value pairs
send_once:
type: boolean
description: Only send notification once, for example when sending a webhook
into a chat channel.
required:
- mode_verbose
- name
- pk
NotificationTransportModeEnum:
enum:
- local
- webhook
- webhook_slack
- email
type: string
NotificationTransportRequest:
type: object
description: NotificationTransport Serializer
properties:
name:
type: string
minLength: 1
mode:
$ref: '#/components/schemas/NotificationTransportModeEnum'
webhook_url:
type: string
format: uri
webhook_mapping_body:
type: string
format: uuid
nullable: true
description: Customize the body of the request. Mapping should return data
that is JSON-serializable.
webhook_mapping_headers:
type: string
format: uuid
nullable: true
description: Configure additional headers to be sent. Mapping should return
a dictionary of key-value pairs
send_once:
type: boolean
description: Only send notification once, for example when sending a webhook
into a chat channel.
required:
- name
NotificationTransportTest:
type: object
description: Notification test serializer
properties:
messages:
type: array
items:
type: string
required:
- messages
NotificationWebhookMapping:
type: object
description: NotificationWebhookMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
name:
type: string
expression:
type: string
required:
- expression
- name
- pk
NotificationWebhookMappingRequest:
type: object
description: NotificationWebhookMapping Serializer
properties:
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
required:
- expression
- name
OAuth2Provider:
type: object
description: OAuth2Provider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
assigned_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_application_name:
type: string
description: Application's display Name.
readOnly: true
assigned_backchannel_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_backchannel_application_name:
type: string
description: Application's display Name.
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
client_type:
allOf:
- $ref: '#/components/schemas/ClientTypeEnum'
description: Confidential clients are capable of maintaining the confidentiality
of their credentials. Public clients are incapable
client_id:
type: string
maxLength: 255
client_secret:
type: string
maxLength: 255
access_code_validity:
type: string
description: 'Access codes not valid on or after current time + this value
(Format: hours=1;minutes=2;seconds=3).'
access_token_validity:
type: string
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
refresh_token_validity:
type: string
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
include_claims_in_id_token:
type: boolean
description: Include User claims from scopes in the id_token, for applications
that don't access the userinfo endpoint.
signing_key:
type: string
format: uuid
nullable: true
description: Key used to sign the tokens.
encryption_key:
type: string
format: uuid
nullable: true
description: Key used to encrypt the tokens. When set, tokens will be encrypted
and returned as JWEs.
redirect_uris:
type: array
items:
$ref: '#/components/schemas/RedirectURI'
sub_mode:
allOf:
- $ref: '#/components/schemas/SubModeEnum'
description: Configure what data should be used as unique User Identifier.
For most cases, the default should be fine.
issuer_mode:
allOf:
- $ref: '#/components/schemas/IssuerModeEnum'
description: Configure how the issuer field of the ID Token should be filled.
jwt_federation_sources:
type: array
items:
type: string
format: uuid
title: Any JWT signed by the JWK of the selected source can be used to
authenticate.
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
jwt_federation_providers:
type: array
items:
type: integer
required:
- assigned_application_name
- assigned_application_slug
- assigned_backchannel_application_name
- assigned_backchannel_application_slug
- authorization_flow
- component
- invalidation_flow
- meta_model_name
- name
- pk
- redirect_uris
- verbose_name
- verbose_name_plural
OAuth2ProviderRequest:
type: object
description: OAuth2Provider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
client_type:
allOf:
- $ref: '#/components/schemas/ClientTypeEnum'
description: Confidential clients are capable of maintaining the confidentiality
of their credentials. Public clients are incapable
client_id:
type: string
minLength: 1
maxLength: 255
client_secret:
type: string
maxLength: 255
access_code_validity:
type: string
minLength: 1
description: 'Access codes not valid on or after current time + this value
(Format: hours=1;minutes=2;seconds=3).'
access_token_validity:
type: string
minLength: 1
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
refresh_token_validity:
type: string
minLength: 1
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
include_claims_in_id_token:
type: boolean
description: Include User claims from scopes in the id_token, for applications
that don't access the userinfo endpoint.
signing_key:
type: string
format: uuid
nullable: true
description: Key used to sign the tokens.
encryption_key:
type: string
format: uuid
nullable: true
description: Key used to encrypt the tokens. When set, tokens will be encrypted
and returned as JWEs.
redirect_uris:
type: array
items:
$ref: '#/components/schemas/RedirectURIRequest'
sub_mode:
allOf:
- $ref: '#/components/schemas/SubModeEnum'
description: Configure what data should be used as unique User Identifier.
For most cases, the default should be fine.
issuer_mode:
allOf:
- $ref: '#/components/schemas/IssuerModeEnum'
description: Configure how the issuer field of the ID Token should be filled.
jwt_federation_sources:
type: array
items:
type: string
format: uuid
title: Any JWT signed by the JWK of the selected source can be used to
authenticate.
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
jwt_federation_providers:
type: array
items:
type: integer
required:
- authorization_flow
- invalidation_flow
- name
- redirect_uris
OAuth2ProviderSetupURLs:
type: object
description: OAuth2 Provider Metadata serializer
properties:
issuer:
type: string
readOnly: true
authorize:
type: string
readOnly: true
token:
type: string
readOnly: true
user_info:
type: string
readOnly: true
provider_info:
type: string
readOnly: true
logout:
type: string
readOnly: true
jwks:
type: string
readOnly: true
required:
- authorize
- issuer
- jwks
- logout
- provider_info
- token
- user_info
OAuthDeviceCodeChallenge:
type: object
description: OAuth Device code challenge
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-provider-oauth2-device-code
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
OAuthDeviceCodeChallengeResponseRequest:
type: object
description: Response that includes the user-entered device code
properties:
component:
type: string
minLength: 1
default: ak-provider-oauth2-device-code
code:
type: string
minLength: 1
required:
- code
OAuthDeviceCodeFinishChallenge:
type: object
description: Final challenge after user enters their code
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-provider-oauth2-device-code-finish
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
OAuthDeviceCodeFinishChallengeResponseRequest:
type: object
description: Response that device has been authenticated and tab can be closed
properties:
component:
type: string
minLength: 1
default: ak-provider-oauth2-device-code-finish
OAuthSource:
type: object
description: OAuth Source Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pbm uuid
name:
type: string
description: Source's display Name.
slug:
type: string
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
readOnly: true
user_path_template:
type: string
icon:
type: string
nullable: true
readOnly: true
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
provider_type:
$ref: '#/components/schemas/ProviderTypeEnum'
request_token_url:
type: string
nullable: true
description: URL used to request the initial token. This URL is only required
for OAuth 1.
maxLength: 255
authorization_url:
type: string
nullable: true
description: URL the user is redirect to to conest the flow.
maxLength: 255
access_token_url:
type: string
nullable: true
description: URL used by authentik to retrieve tokens.
maxLength: 255
profile_url:
type: string
nullable: true
description: URL used by authentik to get user information.
maxLength: 255
consumer_key:
type: string
callback_url:
type: string
description: Get OAuth Callback URL
readOnly: true
additional_scopes:
type: string
type:
allOf:
- $ref: '#/components/schemas/SourceType'
readOnly: true
oidc_well_known_url:
type: string
oidc_jwks_url:
type: string
oidc_jwks: {}
authorization_code_auth_method:
allOf:
- $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum'
description: How to perform authentication during an authorization_code
token request flow
required:
- callback_url
- component
- consumer_key
- icon
- managed
- meta_model_name
- name
- pk
- provider_type
- slug
- type
- verbose_name
- verbose_name_plural
OAuthSourcePropertyMapping:
type: object
description: OAuthSourcePropertyMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
OAuthSourcePropertyMappingRequest:
type: object
description: OAuthSourcePropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
required:
- expression
- name
OAuthSourceRequest:
type: object
description: OAuth Source Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
user_path_template:
type: string
minLength: 1
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
provider_type:
$ref: '#/components/schemas/ProviderTypeEnum'
request_token_url:
type: string
nullable: true
description: URL used to request the initial token. This URL is only required
for OAuth 1.
maxLength: 255
authorization_url:
type: string
nullable: true
description: URL the user is redirect to to conest the flow.
maxLength: 255
access_token_url:
type: string
nullable: true
description: URL used by authentik to retrieve tokens.
maxLength: 255
profile_url:
type: string
nullable: true
description: URL used by authentik to get user information.
maxLength: 255
consumer_key:
type: string
minLength: 1
consumer_secret:
type: string
writeOnly: true
minLength: 1
additional_scopes:
type: string
oidc_well_known_url:
type: string
oidc_jwks_url:
type: string
oidc_jwks: {}
authorization_code_auth_method:
allOf:
- $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum'
description: How to perform authentication during an authorization_code
token request flow
required:
- consumer_key
- consumer_secret
- name
- provider_type
- slug
OpenIDConnectConfiguration:
type: object
description: rest_framework Serializer for OIDC Configuration
properties:
issuer:
type: string
authorization_endpoint:
type: string
token_endpoint:
type: string
userinfo_endpoint:
type: string
end_session_endpoint:
type: string
introspection_endpoint:
type: string
jwks_uri:
type: string
response_types_supported:
type: array
items:
type: string
id_token_signing_alg_values_supported:
type: array
items:
type: string
subject_types_supported:
type: array
items:
type: string
token_endpoint_auth_methods_supported:
type: array
items:
type: string
required:
- authorization_endpoint
- end_session_endpoint
- id_token_signing_alg_values_supported
- introspection_endpoint
- issuer
- jwks_uri
- response_types_supported
- subject_types_supported
- token_endpoint
- token_endpoint_auth_methods_supported
- userinfo_endpoint
OutgoingSyncDeleteAction:
enum:
- do_nothing
- delete
- suspend
type: string
Outpost:
type: object
description: Outpost Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Uuid
name:
type: string
type:
$ref: '#/components/schemas/OutpostTypeEnum'
providers:
type: array
items:
type: integer
providers_obj:
type: array
items:
$ref: '#/components/schemas/Provider'
readOnly: true
service_connection:
type: string
format: uuid
nullable: true
description: Select Service-Connection authentik should use to manage this
outpost. Leave empty if authentik should not handle the deployment.
service_connection_obj:
allOf:
- $ref: '#/components/schemas/ServiceConnection'
readOnly: true
refresh_interval_s:
type: integer
readOnly: true
token_identifier:
type: string
description: Get Token identifier
readOnly: true
config:
type: object
additionalProperties: {}
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
required:
- config
- name
- pk
- providers
- providers_obj
- refresh_interval_s
- service_connection_obj
- token_identifier
- type
OutpostDefaultConfig:
type: object
description: Global default outpost config
properties:
config:
type: object
additionalProperties: {}
readOnly: true
required:
- config
OutpostHealth:
type: object
description: Outpost health status
properties:
uid:
type: string
readOnly: true
last_seen:
type: string
format: date-time
readOnly: true
version:
type: string
readOnly: true
golang_version:
type: string
readOnly: true
openssl_enabled:
type: boolean
readOnly: true
openssl_version:
type: string
readOnly: true
fips_enabled:
type: boolean
nullable: true
description: Get FIPS enabled
readOnly: true
version_should:
type: string
readOnly: true
version_outdated:
type: boolean
readOnly: true
build_hash:
type: string
readOnly: true
build_hash_should:
type: string
readOnly: true
hostname:
type: string
readOnly: true
required:
- build_hash
- build_hash_should
- fips_enabled
- golang_version
- hostname
- last_seen
- openssl_enabled
- openssl_version
- uid
- version
- version_outdated
- version_should
OutpostRequest:
type: object
description: Outpost Serializer
properties:
name:
type: string
minLength: 1
type:
$ref: '#/components/schemas/OutpostTypeEnum'
providers:
type: array
items:
type: integer
service_connection:
type: string
format: uuid
nullable: true
description: Select Service-Connection authentik should use to manage this
outpost. Leave empty if authentik should not handle the deployment.
config:
type: object
additionalProperties: {}
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
required:
- config
- name
- providers
- type
OutpostTypeEnum:
enum:
- proxy
- ldap
- radius
- rac
type: string
PaginatedApplicationEntitlementList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ApplicationEntitlement'
required:
- pagination
- results
PaginatedApplicationList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Application'
required:
- pagination
- results
PaginatedAuthenticatedSessionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/AuthenticatedSession'
required:
- pagination
- results
PaginatedAuthenticatorDuoStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/AuthenticatorDuoStage'
required:
- pagination
- results
PaginatedAuthenticatorEmailStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/AuthenticatorEmailStage'
required:
- pagination
- results
PaginatedAuthenticatorEndpointGDTCStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
required:
- pagination
- results
PaginatedAuthenticatorSMSStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/AuthenticatorSMSStage'
required:
- pagination
- results
PaginatedAuthenticatorStaticStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/AuthenticatorStaticStage'
required:
- pagination
- results
PaginatedAuthenticatorTOTPStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/AuthenticatorTOTPStage'
required:
- pagination
- results
PaginatedAuthenticatorValidateStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/AuthenticatorValidateStage'
required:
- pagination
- results
PaginatedAuthenticatorWebAuthnStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
required:
- pagination
- results
PaginatedBlueprintInstanceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/BlueprintInstance'
required:
- pagination
- results
PaginatedBrandList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Brand'
required:
- pagination
- results
PaginatedCaptchaStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/CaptchaStage'
required:
- pagination
- results
PaginatedCertificateKeyPairList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/CertificateKeyPair'
required:
- pagination
- results
PaginatedConnectionTokenList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ConnectionToken'
required:
- pagination
- results
PaginatedConsentStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ConsentStage'
required:
- pagination
- results
PaginatedDenyStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/DenyStage'
required:
- pagination
- results
PaginatedDockerServiceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/DockerServiceConnection'
required:
- pagination
- results
PaginatedDomainList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Domain'
required:
- pagination
- results
PaginatedDummyPolicyList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/DummyPolicy'
required:
- pagination
- results
PaginatedDummyStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/DummyStage'
required:
- pagination
- results
PaginatedDuoDeviceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/DuoDevice'
required:
- pagination
- results
PaginatedEmailDeviceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/EmailDevice'
required:
- pagination
- results
PaginatedEmailStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/EmailStage'
required:
- pagination
- results
PaginatedEndpointDeviceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/EndpointDevice'
required:
- pagination
- results
PaginatedEndpointList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Endpoint'
required:
- pagination
- results
PaginatedEventList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Event'
required:
- pagination
- results
PaginatedEventMatcherPolicyList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/EventMatcherPolicy'
required:
- pagination
- results
PaginatedExpiringBaseGrantModelList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ExpiringBaseGrantModel'
required:
- pagination
- results
PaginatedExpressionPolicyList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ExpressionPolicy'
required:
- pagination
- results
PaginatedExtraRoleObjectPermissionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ExtraRoleObjectPermission'
required:
- pagination
- results
PaginatedExtraUserObjectPermissionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ExtraUserObjectPermission'
required:
- pagination
- results
PaginatedFlowList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Flow'
required:
- pagination
- results
PaginatedFlowStageBindingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/FlowStageBinding'
required:
- pagination
- results
PaginatedGeoIPPolicyList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/GeoIPPolicy'
required:
- pagination
- results
PaginatedGoogleWorkspaceProviderGroupList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/GoogleWorkspaceProviderGroup'
required:
- pagination
- results
PaginatedGoogleWorkspaceProviderList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/GoogleWorkspaceProvider'
required:
- pagination
- results
PaginatedGoogleWorkspaceProviderMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
required:
- pagination
- results
PaginatedGoogleWorkspaceProviderUserList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/GoogleWorkspaceProviderUser'
required:
- pagination
- results
PaginatedGroupKerberosSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/GroupKerberosSourceConnection'
required:
- pagination
- results
PaginatedGroupLDAPSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/GroupLDAPSourceConnection'
required:
- pagination
- results
PaginatedGroupList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Group'
required:
- pagination
- results
PaginatedGroupOAuthSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/GroupOAuthSourceConnection'
required:
- pagination
- results
PaginatedGroupPlexSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/GroupPlexSourceConnection'
required:
- pagination
- results
PaginatedGroupSAMLSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/GroupSAMLSourceConnection'
required:
- pagination
- results
PaginatedGroupSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/GroupSourceConnection'
required:
- pagination
- results
PaginatedIdentificationStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/IdentificationStage'
required:
- pagination
- results
PaginatedInitialPermissionsList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/InitialPermissions'
required:
- pagination
- results
PaginatedInvitationList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Invitation'
required:
- pagination
- results
PaginatedInvitationStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/InvitationStage'
required:
- pagination
- results
PaginatedKerberosSourceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/KerberosSource'
required:
- pagination
- results
PaginatedKerberosSourcePropertyMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
required:
- pagination
- results
PaginatedKubernetesServiceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/KubernetesServiceConnection'
required:
- pagination
- results
PaginatedLDAPOutpostConfigList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/LDAPOutpostConfig'
required:
- pagination
- results
PaginatedLDAPProviderList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/LDAPProvider'
required:
- pagination
- results
PaginatedLDAPSourceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/LDAPSource'
required:
- pagination
- results
PaginatedLDAPSourcePropertyMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
required:
- pagination
- results
PaginatedLicenseList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/License'
required:
- pagination
- results
PaginatedMicrosoftEntraProviderGroupList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/MicrosoftEntraProviderGroup'
required:
- pagination
- results
PaginatedMicrosoftEntraProviderList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/MicrosoftEntraProvider'
required:
- pagination
- results
PaginatedMicrosoftEntraProviderMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
required:
- pagination
- results
PaginatedMicrosoftEntraProviderUserList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/MicrosoftEntraProviderUser'
required:
- pagination
- results
PaginatedMutualTLSStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/MutualTLSStage'
required:
- pagination
- results
PaginatedNotificationList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Notification'
required:
- pagination
- results
PaginatedNotificationRuleList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/NotificationRule'
required:
- pagination
- results
PaginatedNotificationTransportList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/NotificationTransport'
required:
- pagination
- results
PaginatedNotificationWebhookMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/NotificationWebhookMapping'
required:
- pagination
- results
PaginatedOAuth2ProviderList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/OAuth2Provider'
required:
- pagination
- results
PaginatedOAuthSourceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/OAuthSource'
required:
- pagination
- results
PaginatedOAuthSourcePropertyMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
required:
- pagination
- results
PaginatedOutpostList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Outpost'
required:
- pagination
- results
PaginatedPasswordExpiryPolicyList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/PasswordExpiryPolicy'
required:
- pagination
- results
PaginatedPasswordPolicyList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/PasswordPolicy'
required:
- pagination
- results
PaginatedPasswordStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/PasswordStage'
required:
- pagination
- results
PaginatedPermissionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Permission'
required:
- pagination
- results
PaginatedPlexSourceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/PlexSource'
required:
- pagination
- results
PaginatedPlexSourcePropertyMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/PlexSourcePropertyMapping'
required:
- pagination
- results
PaginatedPolicyBindingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/PolicyBinding'
required:
- pagination
- results
PaginatedPolicyList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Policy'
required:
- pagination
- results
PaginatedPromptList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Prompt'
required:
- pagination
- results
PaginatedPromptStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/PromptStage'
required:
- pagination
- results
PaginatedPropertyMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/PropertyMapping'
required:
- pagination
- results
PaginatedProviderList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Provider'
required:
- pagination
- results
PaginatedProxyOutpostConfigList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ProxyOutpostConfig'
required:
- pagination
- results
PaginatedProxyProviderList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ProxyProvider'
required:
- pagination
- results
PaginatedRACPropertyMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/RACPropertyMapping'
required:
- pagination
- results
PaginatedRACProviderList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/RACProvider'
required:
- pagination
- results
PaginatedRadiusOutpostConfigList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/RadiusOutpostConfig'
required:
- pagination
- results
PaginatedRadiusProviderList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/RadiusProvider'
required:
- pagination
- results
PaginatedRadiusProviderPropertyMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
required:
- pagination
- results
PaginatedRedirectStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/RedirectStage'
required:
- pagination
- results
PaginatedReputationList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Reputation'
required:
- pagination
- results
PaginatedReputationPolicyList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ReputationPolicy'
required:
- pagination
- results
PaginatedRoleAssignedObjectPermissionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/RoleAssignedObjectPermission'
required:
- pagination
- results
PaginatedRoleList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Role'
required:
- pagination
- results
PaginatedSAMLPropertyMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SAMLPropertyMapping'
required:
- pagination
- results
PaginatedSAMLProviderList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SAMLProvider'
required:
- pagination
- results
PaginatedSAMLSourceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SAMLSource'
required:
- pagination
- results
PaginatedSAMLSourcePropertyMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
required:
- pagination
- results
PaginatedSCIMMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SCIMMapping'
required:
- pagination
- results
PaginatedSCIMProviderGroupList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SCIMProviderGroup'
required:
- pagination
- results
PaginatedSCIMProviderList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SCIMProvider'
required:
- pagination
- results
PaginatedSCIMProviderUserList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SCIMProviderUser'
required:
- pagination
- results
PaginatedSCIMSourceGroupList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SCIMSourceGroup'
required:
- pagination
- results
PaginatedSCIMSourceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SCIMSource'
required:
- pagination
- results
PaginatedSCIMSourcePropertyMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
required:
- pagination
- results
PaginatedSCIMSourceUserList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SCIMSourceUser'
required:
- pagination
- results
PaginatedSMSDeviceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SMSDevice'
required:
- pagination
- results
PaginatedSSFProviderList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SSFProvider'
required:
- pagination
- results
PaginatedSSFStreamList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SSFStream'
required:
- pagination
- results
PaginatedScopeMappingList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ScopeMapping'
required:
- pagination
- results
PaginatedServiceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/ServiceConnection'
required:
- pagination
- results
PaginatedSourceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Source'
required:
- pagination
- results
PaginatedSourceStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SourceStage'
required:
- pagination
- results
PaginatedStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Stage'
required:
- pagination
- results
PaginatedStaticDeviceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/StaticDevice'
required:
- pagination
- results
PaginatedSystemTaskList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SystemTask'
required:
- pagination
- results
PaginatedTOTPDeviceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/TOTPDevice'
required:
- pagination
- results
PaginatedTenantList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Tenant'
required:
- pagination
- results
PaginatedTokenList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/Token'
required:
- pagination
- results
PaginatedTokenModelList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/TokenModel'
required:
- pagination
- results
PaginatedUniquePasswordPolicyList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UniquePasswordPolicy'
required:
- pagination
- results
PaginatedUserAssignedObjectPermissionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserAssignedObjectPermission'
required:
- pagination
- results
PaginatedUserConsentList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserConsent'
required:
- pagination
- results
PaginatedUserDeleteStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserDeleteStage'
required:
- pagination
- results
PaginatedUserKerberosSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserKerberosSourceConnection'
required:
- pagination
- results
PaginatedUserLDAPSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserLDAPSourceConnection'
required:
- pagination
- results
PaginatedUserList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/User'
required:
- pagination
- results
PaginatedUserLoginStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserLoginStage'
required:
- pagination
- results
PaginatedUserLogoutStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserLogoutStage'
required:
- pagination
- results
PaginatedUserOAuthSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserOAuthSourceConnection'
required:
- pagination
- results
PaginatedUserPlexSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserPlexSourceConnection'
required:
- pagination
- results
PaginatedUserSAMLSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserSAMLSourceConnection'
required:
- pagination
- results
PaginatedUserSourceConnectionList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserSourceConnection'
required:
- pagination
- results
PaginatedUserWriteStageList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/UserWriteStage'
required:
- pagination
- results
PaginatedWebAuthnDeviceList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/WebAuthnDevice'
required:
- pagination
- results
PaginatedWebAuthnDeviceTypeList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/WebAuthnDeviceType'
required:
- pagination
- results
Pagination:
type: object
properties:
next:
type: number
previous:
type: number
count:
type: number
current:
type: number
total_pages:
type: number
start_index:
type: number
end_index:
type: number
required:
- next
- previous
- count
- current
- total_pages
- start_index
- end_index
PasswordChallenge:
type: object
description: Password challenge UI fields
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-password
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
recovery_url:
type: string
allow_show_password:
type: boolean
default: false
required:
- pending_user
- pending_user_avatar
PasswordChallengeResponseRequest:
type: object
description: Password challenge response
properties:
component:
type: string
minLength: 1
default: ak-stage-password
password:
type: string
minLength: 1
required:
- password
PasswordExpiryPolicy:
type: object
description: Password Expiry Policy Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Policy uuid
name:
type: string
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
bound_to:
type: integer
description: Return objects policy is bound to
readOnly: true
days:
type: integer
maximum: 2147483647
minimum: -2147483648
deny_only:
type: boolean
required:
- bound_to
- component
- days
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
PasswordExpiryPolicyRequest:
type: object
description: Password Expiry Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
days:
type: integer
maximum: 2147483647
minimum: -2147483648
deny_only:
type: boolean
required:
- days
- name
PasswordPolicy:
type: object
description: Password Policy Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Policy uuid
name:
type: string
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
bound_to:
type: integer
description: Return objects policy is bound to
readOnly: true
password_field:
type: string
description: Field key to check, field keys defined in Prompt stages are
available.
amount_digits:
type: integer
maximum: 2147483647
minimum: 0
amount_uppercase:
type: integer
maximum: 2147483647
minimum: 0
amount_lowercase:
type: integer
maximum: 2147483647
minimum: 0
amount_symbols:
type: integer
maximum: 2147483647
minimum: 0
length_min:
type: integer
maximum: 2147483647
minimum: 0
symbol_charset:
type: string
error_message:
type: string
check_static_rules:
type: boolean
check_have_i_been_pwned:
type: boolean
check_zxcvbn:
type: boolean
hibp_allowed_count:
type: integer
maximum: 2147483647
minimum: 0
description: How many times the password hash is allowed to be on haveibeenpwned
zxcvbn_score_threshold:
type: integer
maximum: 2147483647
minimum: 0
description: If the zxcvbn score is equal or less than this value, the policy
will fail.
required:
- bound_to
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
PasswordPolicyRequest:
type: object
description: Password Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
password_field:
type: string
minLength: 1
description: Field key to check, field keys defined in Prompt stages are
available.
amount_digits:
type: integer
maximum: 2147483647
minimum: 0
amount_uppercase:
type: integer
maximum: 2147483647
minimum: 0
amount_lowercase:
type: integer
maximum: 2147483647
minimum: 0
amount_symbols:
type: integer
maximum: 2147483647
minimum: 0
length_min:
type: integer
maximum: 2147483647
minimum: 0
symbol_charset:
type: string
minLength: 1
error_message:
type: string
check_static_rules:
type: boolean
check_have_i_been_pwned:
type: boolean
check_zxcvbn:
type: boolean
hibp_allowed_count:
type: integer
maximum: 2147483647
minimum: 0
description: How many times the password hash is allowed to be on haveibeenpwned
zxcvbn_score_threshold:
type: integer
maximum: 2147483647
minimum: 0
description: If the zxcvbn score is equal or less than this value, the policy
will fail.
required:
- name
PasswordStage:
type: object
description: PasswordStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
backends:
type: array
items:
$ref: '#/components/schemas/BackendsEnum'
description: Selection of backends to test the password against.
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
failed_attempts_before_cancel:
type: integer
maximum: 2147483647
minimum: -2147483648
description: How many attempts a user has before the flow is canceled. To
lock the user out, use a reputation policy and a user_write stage.
allow_show_password:
type: boolean
description: When enabled, provides a 'show password' button with the password
input field.
required:
- backends
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
PasswordStageRequest:
type: object
description: PasswordStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
backends:
type: array
items:
$ref: '#/components/schemas/BackendsEnum'
description: Selection of backends to test the password against.
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
failed_attempts_before_cancel:
type: integer
maximum: 2147483647
minimum: -2147483648
description: How many attempts a user has before the flow is canceled. To
lock the user out, use a reputation policy and a user_write stage.
allow_show_password:
type: boolean
description: When enabled, provides a 'show password' button with the password
input field.
required:
- backends
- name
PatchedApplicationEntitlementRequest:
type: object
description: ApplicationEntitlement Serializer
properties:
name:
type: string
minLength: 1
app:
type: string
format: uuid
attributes: {}
PatchedApplicationRequest:
type: object
description: Application Serializer
properties:
name:
type: string
minLength: 1
description: Application's display Name.
slug:
type: string
minLength: 1
description: Internal application name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
provider:
type: integer
nullable: true
backchannel_providers:
type: array
items:
type: integer
open_in_new_tab:
type: boolean
description: Open launch URL in a new browser tab or window.
meta_launch_url:
type: string
format: uri
meta_description:
type: string
meta_publisher:
type: string
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
group:
type: string
PatchedAuthenticatorDuoStageRequest:
type: object
description: AuthenticatorDuoStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
client_id:
type: string
minLength: 1
client_secret:
type: string
writeOnly: true
minLength: 1
api_hostname:
type: string
minLength: 1
admin_integration_key:
type: string
admin_secret_key:
type: string
writeOnly: true
PatchedAuthenticatorEmailStageRequest:
type: object
description: AuthenticatorEmailStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
use_global_settings:
type: boolean
description: When enabled, global Email connection settings will be used
and connection settings below will be ignored.
host:
type: string
minLength: 1
port:
type: integer
maximum: 2147483647
minimum: -2147483648
username:
type: string
password:
type: string
use_tls:
type: boolean
use_ssl:
type: boolean
timeout:
type: integer
maximum: 2147483647
minimum: -2147483648
from_address:
type: string
format: email
minLength: 1
maxLength: 254
subject:
type: string
minLength: 1
token_expiry:
type: string
minLength: 1
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
template:
type: string
minLength: 1
PatchedAuthenticatorEndpointGDTCStageRequest:
type: object
description: AuthenticatorEndpointGDTCStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
credentials: {}
PatchedAuthenticatorSMSStageRequest:
type: object
description: AuthenticatorSMSStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
provider:
$ref: '#/components/schemas/ProviderEnum'
from_number:
type: string
minLength: 1
account_sid:
type: string
minLength: 1
auth:
type: string
minLength: 1
auth_password:
type: string
auth_type:
$ref: '#/components/schemas/AuthTypeEnum'
verify_only:
type: boolean
description: When enabled, the Phone number is only used during enrollment
to verify the users authenticity. Only a hash of the phone number is saved
to ensure it is not reused in the future.
mapping:
type: string
format: uuid
nullable: true
description: Optionally modify the payload being sent to custom providers.
PatchedAuthenticatorStaticStageRequest:
type: object
description: AuthenticatorStaticStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
token_count:
type: integer
maximum: 2147483647
minimum: 0
token_length:
type: integer
maximum: 2147483647
minimum: 0
PatchedAuthenticatorTOTPStageRequest:
type: object
description: AuthenticatorTOTPStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
digits:
$ref: '#/components/schemas/DigitsEnum'
PatchedAuthenticatorValidateStageRequest:
type: object
description: AuthenticatorValidateStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
not_configured_action:
$ref: '#/components/schemas/NotConfiguredActionEnum'
device_classes:
type: array
items:
$ref: '#/components/schemas/DeviceClassesEnum'
description: Device classes which can be used to authenticate
configuration_stages:
type: array
items:
type: string
format: uuid
description: Stages used to configure Authenticator when user doesn't have
any compatible devices. After this configuration Stage passes, the user
is not prompted again.
last_auth_threshold:
type: string
minLength: 1
description: If any of the user's device has been used within this threshold,
this stage will be skipped
webauthn_user_verification:
allOf:
- $ref: '#/components/schemas/UserVerificationEnum'
description: Enforce user verification for WebAuthn devices.
webauthn_allowed_device_types:
type: array
items:
type: string
format: uuid
PatchedAuthenticatorWebAuthnStageRequest:
type: object
description: AuthenticatorWebAuthnStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
friendly_name:
type: string
nullable: true
minLength: 1
user_verification:
$ref: '#/components/schemas/UserVerificationEnum'
authenticator_attachment:
allOf:
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
nullable: true
resident_key_requirement:
$ref: '#/components/schemas/ResidentKeyRequirementEnum'
device_type_restrictions:
type: array
items:
type: string
format: uuid
PatchedBlueprintInstanceRequest:
type: object
description: Info about a single blueprint instance file
properties:
name:
type: string
minLength: 1
path:
type: string
default: ''
context: {}
enabled:
type: boolean
content:
type: string
PatchedBrandRequest:
type: object
description: Brand Serializer
properties:
domain:
type: string
minLength: 1
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
for `aa.b` and `ba.b`
default:
type: boolean
branding_title:
type: string
minLength: 1
branding_logo:
type: string
minLength: 1
branding_favicon:
type: string
minLength: 1
branding_custom_css:
type: string
branding_default_flow_background:
type: string
minLength: 1
flow_authentication:
type: string
format: uuid
nullable: true
flow_invalidation:
type: string
format: uuid
nullable: true
flow_recovery:
type: string
format: uuid
nullable: true
flow_unenrollment:
type: string
format: uuid
nullable: true
flow_user_settings:
type: string
format: uuid
nullable: true
flow_device_code:
type: string
format: uuid
nullable: true
default_application:
type: string
format: uuid
nullable: true
description: When set, external users will be redirected to this application
after authenticating.
web_certificate:
type: string
format: uuid
nullable: true
description: Web Certificate used by the authentik Core webserver.
client_certificates:
type: array
items:
type: string
format: uuid
description: Certificates used for client authentication.
attributes: {}
PatchedCaptchaStageRequest:
type: object
description: CaptchaStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
public_key:
type: string
minLength: 1
description: Public key, acquired your captcha Provider.
private_key:
type: string
writeOnly: true
minLength: 1
description: Private key, acquired your captcha Provider.
js_url:
type: string
minLength: 1
api_url:
type: string
minLength: 1
interactive:
type: boolean
score_min_threshold:
type: number
format: double
score_max_threshold:
type: number
format: double
error_on_invalid_score:
type: boolean
description: When enabled and the received captcha score is outside of the
given threshold, the stage will show an error message. When not enabled,
the flow will continue, but the data from the captcha will be available
in the context for policy decisions
PatchedCertificateKeyPairRequest:
type: object
description: CertificateKeyPair Serializer
properties:
name:
type: string
minLength: 1
certificate_data:
type: string
writeOnly: true
minLength: 1
description: PEM-encoded Certificate data
key_data:
type: string
writeOnly: true
description: Optional Private Key. If this is set, you can use this keypair
for encryption.
PatchedConnectionTokenRequest:
type: object
description: ConnectionToken Serializer
properties:
pk:
type: string
format: uuid
title: Connection token uuid
provider:
type: integer
endpoint:
type: string
format: uuid
PatchedConsentStageRequest:
type: object
description: ConsentStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
mode:
$ref: '#/components/schemas/ConsentStageModeEnum'
consent_expire_in:
type: string
minLength: 1
title: Consent expires in
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
PatchedDenyStageRequest:
type: object
description: DenyStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
deny_message:
type: string
PatchedDockerServiceConnectionRequest:
type: object
description: DockerServiceConnection Serializer
properties:
name:
type: string
minLength: 1
local:
type: boolean
description: If enabled, use the local connection. Required Docker socket/Kubernetes
Integration
url:
type: string
minLength: 1
description: Can be in the format of 'unix://<path>' when connecting to
a local docker daemon, or 'https://<hostname>:2376' when connecting to
a remote system.
tls_verification:
type: string
format: uuid
nullable: true
description: CA which the endpoint's Certificate is verified against. Can
be left empty for no validation.
tls_authentication:
type: string
format: uuid
nullable: true
description: Certificate/Key used for authentication. Can be left empty
for no authentication.
PatchedDomainRequest:
type: object
description: Domain Serializer
properties:
domain:
type: string
minLength: 1
maxLength: 253
is_primary:
type: boolean
tenant:
type: string
format: uuid
PatchedDummyPolicyRequest:
type: object
description: Dummy Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
result:
type: boolean
wait_min:
type: integer
maximum: 2147483647
minimum: -2147483648
wait_max:
type: integer
maximum: 2147483647
minimum: -2147483648
PatchedDummyStageRequest:
type: object
description: DummyStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
throw_error:
type: boolean
PatchedDuoDeviceRequest:
type: object
description: Serializer for Duo authenticator devices
properties:
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
PatchedEmailDeviceRequest:
type: object
description: Serializer for email authenticator devices
properties:
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
PatchedEmailStageRequest:
type: object
description: EmailStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
use_global_settings:
type: boolean
description: When enabled, global Email connection settings will be used
and connection settings below will be ignored.
host:
type: string
minLength: 1
port:
type: integer
maximum: 2147483647
minimum: -2147483648
username:
type: string
password:
type: string
writeOnly: true
use_tls:
type: boolean
use_ssl:
type: boolean
timeout:
type: integer
maximum: 2147483647
minimum: -2147483648
from_address:
type: string
format: email
minLength: 1
maxLength: 254
token_expiry:
type: string
minLength: 1
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
subject:
type: string
minLength: 1
template:
type: string
minLength: 1
activate_user_on_success:
type: boolean
description: Activate users upon completion of stage.
PatchedEndpointDeviceRequest:
type: object
description: Serializer for Endpoint authenticator devices
properties:
pk:
type: string
format: uuid
title: Uuid
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
PatchedEndpointRequest:
type: object
description: Endpoint Serializer
properties:
name:
type: string
minLength: 1
provider:
type: integer
protocol:
$ref: '#/components/schemas/ProtocolEnum'
host:
type: string
minLength: 1
settings: {}
property_mappings:
type: array
items:
type: string
format: uuid
auth_mode:
$ref: '#/components/schemas/AuthModeEnum'
maximum_connections:
type: integer
maximum: 2147483647
minimum: -2147483648
PatchedEventMatcherPolicyRequest:
type: object
description: Event Matcher Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
action:
allOf:
- $ref: '#/components/schemas/EventActions'
nullable: true
description: Match created events with this action type. When left empty,
all action types will be matched.
client_ip:
type: string
nullable: true
minLength: 1
description: Matches Event's Client IP (strict matching, for network matching
use an Expression Policy)
app:
allOf:
- $ref: '#/components/schemas/AppEnum'
nullable: true
description: Match events created by selected application. When left empty,
all applications are matched.
model:
allOf:
- $ref: '#/components/schemas/ModelEnum'
nullable: true
description: Match events created by selected model. When left empty, all
models are matched. When an app is selected, all the application's models
are matched.
PatchedEventRequest:
type: object
description: Event Serializer
properties:
user: {}
action:
$ref: '#/components/schemas/EventActions'
app:
type: string
minLength: 1
context: {}
client_ip:
type: string
nullable: true
minLength: 1
expires:
type: string
format: date-time
brand: {}
PatchedExpressionPolicyRequest:
type: object
description: Group Membership Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
expression:
type: string
minLength: 1
PatchedExtraRoleObjectPermissionRequest:
type: object
description: User permission with additional object-related data
properties:
object_pk:
type: string
minLength: 1
PatchedExtraUserObjectPermissionRequest:
type: object
description: User permission with additional object-related data
properties:
object_pk:
type: string
minLength: 1
PatchedFlowRequest:
type: object
description: Flow Serializer
properties:
name:
type: string
minLength: 1
slug:
type: string
minLength: 1
description: Visible in the URL.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
title:
type: string
minLength: 1
description: Shown as the Title in Flow pages.
designation:
allOf:
- $ref: '#/components/schemas/FlowDesignationEnum'
description: Decides what this Flow is used for. For example, the Authentication
flow is redirect to when an un-authenticated user visits authentik.
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
compatibility_mode:
type: boolean
description: Enable compatibility mode, increases compatibility with password
managers on mobile devices.
layout:
$ref: '#/components/schemas/FlowLayoutEnum'
denied_action:
allOf:
- $ref: '#/components/schemas/DeniedActionEnum'
description: Configure what should happen when a flow denies access to a
user.
authentication:
allOf:
- $ref: '#/components/schemas/AuthenticationEnum'
description: Required level of authentication and authorization to access
a flow.
PatchedFlowStageBindingRequest:
type: object
description: FlowStageBinding Serializer
properties:
target:
type: string
format: uuid
stage:
type: string
format: uuid
evaluate_on_plan:
type: boolean
description: Evaluate policies during the Flow planning process.
re_evaluate_policies:
type: boolean
description: Evaluate policies when the Stage is presented to the user.
order:
type: integer
maximum: 2147483647
minimum: -2147483648
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
invalid_response_action:
allOf:
- $ref: '#/components/schemas/InvalidResponseActionEnum'
description: Configure how the flow executor should handle an invalid response
to a challenge. RETRY returns the error message and a similar challenge
to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
restarts the flow while keeping the current context.
PatchedGeoIPPolicyRequest:
type: object
description: GeoIP Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
asns:
type: array
items:
type: integer
maximum: 2147483647
minimum: -2147483648
countries:
type: array
items:
$ref: '#/components/schemas/CountryCodeEnum'
maxItems: 249
check_history_distance:
type: boolean
history_max_distance_km:
type: integer
maximum: 9223372036854775807
minimum: 0
format: int64
distance_tolerance_km:
type: integer
maximum: 2147483647
minimum: 0
history_login_count:
type: integer
maximum: 2147483647
minimum: 0
check_impossible_travel:
type: boolean
impossible_tolerance_km:
type: integer
maximum: 2147483647
minimum: 0
PatchedGoogleWorkspaceProviderMappingRequest:
type: object
description: GoogleWorkspaceProviderMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
PatchedGoogleWorkspaceProviderRequest:
type: object
description: GoogleWorkspaceProvider Serializer
properties:
name:
type: string
minLength: 1
property_mappings:
type: array
items:
type: string
format: uuid
property_mappings_group:
type: array
items:
type: string
format: uuid
description: Property mappings used for group creation/updating.
delegated_subject:
type: string
format: email
minLength: 1
maxLength: 254
credentials: {}
scopes:
type: string
minLength: 1
exclude_users_service_account:
type: boolean
filter_group:
type: string
format: uuid
nullable: true
user_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
group_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
default_group_email_domain:
type: string
minLength: 1
dry_run:
type: boolean
description: When enabled, provider will not modify or create objects in
the remote system.
PatchedGroupKerberosSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
PatchedGroupLDAPSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
PatchedGroupOAuthSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
PatchedGroupPlexSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
PatchedGroupRequest:
type: object
description: Group Serializer
properties:
name:
type: string
minLength: 1
is_superuser:
type: boolean
description: Users added to this group will be superusers.
parent:
type: string
format: uuid
nullable: true
users:
type: array
items:
type: integer
attributes:
type: object
additionalProperties: {}
roles:
type: array
items:
type: string
format: uuid
PatchedGroupSAMLSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
PatchedGroupSourceConnectionRequest:
type: object
description: Group Source Connection
properties:
group:
type: string
format: uuid
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
PatchedIdentificationStageRequest:
type: object
description: IdentificationStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
user_fields:
type: array
items:
$ref: '#/components/schemas/UserFieldsEnum'
description: Fields of the user object to match against. (Hold shift to
select multiple options)
password_stage:
type: string
format: uuid
nullable: true
description: When set, shows a password field, instead of showing the password
field as separate step.
captcha_stage:
type: string
format: uuid
nullable: true
description: When set, adds functionality exactly like a Captcha stage,
but baked into the Identification stage.
case_insensitive_matching:
type: boolean
description: When enabled, user fields are matched regardless of their casing.
show_matched_user:
type: boolean
description: When a valid username/email has been entered, and this option
is enabled, the user's username and avatar will be shown. Otherwise, the
text that the user entered will be shown
enrollment_flow:
type: string
format: uuid
nullable: true
description: Optional enrollment flow, which is linked at the bottom of
the page.
recovery_flow:
type: string
format: uuid
nullable: true
description: Optional recovery flow, which is linked at the bottom of the
page.
passwordless_flow:
type: string
format: uuid
nullable: true
description: Optional passwordless flow, which is linked at the bottom of
the page.
sources:
type: array
items:
type: string
format: uuid
description: Specify which sources should be shown.
show_source_labels:
type: boolean
pretend_user_exists:
type: boolean
description: When enabled, the stage will succeed and continue even when
incorrect user info is entered.
enable_remember_me:
type: boolean
description: Show the user the 'Remember me on this device' toggle, allowing
repeat users to skip straight to entering their password.
PatchedInitialPermissionsRequest:
type: object
description: InitialPermissions serializer
properties:
name:
type: string
minLength: 1
maxLength: 150
mode:
$ref: '#/components/schemas/InitialPermissionsModeEnum'
role:
type: string
format: uuid
permissions:
type: array
items:
type: integer
PatchedInvitationRequest:
type: object
description: Invitation Serializer
properties:
name:
type: string
minLength: 1
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
expires:
type: string
format: date-time
nullable: true
fixed_data:
type: object
additionalProperties: {}
single_use:
type: boolean
description: When enabled, the invitation will be deleted after usage.
flow:
type: string
format: uuid
nullable: true
description: When set, only the configured flow can use this invitation.
PatchedInvitationStageRequest:
type: object
description: InvitationStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
continue_flow_without_invitation:
type: boolean
description: If this flag is set, this Stage will jump to the next Stage
when no Invitation is given. By default this Stage will cancel the Flow
when no invitation is given.
PatchedKerberosSourcePropertyMappingRequest:
type: object
description: Kerberos PropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
PatchedKerberosSourceRequest:
type: object
description: Kerberos Source Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
user_path_template:
type: string
minLength: 1
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
realm:
type: string
minLength: 1
description: Kerberos realm
krb5_conf:
type: string
description: Custom krb5.conf to use. Uses the system one by default
kadmin_type:
allOf:
- $ref: '#/components/schemas/KadminTypeEnum'
description: KAdmin server type
sync_users:
type: boolean
description: Sync users from Kerberos into authentik
sync_users_password:
type: boolean
description: When a user changes their password, sync it back to Kerberos
sync_principal:
type: string
description: Principal to authenticate to kadmin for sync.
sync_password:
type: string
writeOnly: true
description: Password to authenticate to kadmin for sync
sync_keytab:
type: string
writeOnly: true
description: Keytab to authenticate to kadmin for sync. Must be base64-encoded
or in the form TYPE:residual
sync_ccache:
type: string
description: Credentials cache to authenticate to kadmin for sync. Must
be in the form TYPE:residual
spnego_server_name:
type: string
description: Force the use of a specific server name for SPNEGO. Must be
in the form HTTP@hostname
spnego_keytab:
type: string
writeOnly: true
description: SPNEGO keytab base64-encoded or path to keytab in the form
FILE:path
spnego_ccache:
type: string
description: Credential cache to use for SPNEGO in form type:residual
password_login_update_internal_password:
type: boolean
description: If enabled, the authentik-stored password will be updated upon
login with the Kerberos password backend
PatchedKubernetesServiceConnectionRequest:
type: object
description: KubernetesServiceConnection Serializer
properties:
name:
type: string
minLength: 1
local:
type: boolean
description: If enabled, use the local connection. Required Docker socket/Kubernetes
Integration
kubeconfig:
description: Paste your kubeconfig here. authentik will automatically use
the currently selected context.
verify_ssl:
type: boolean
description: Verify SSL Certificates of the Kubernetes API endpoint
PatchedLDAPProviderRequest:
type: object
description: LDAPProvider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
base_dn:
type: string
minLength: 1
description: DN under which objects are accessible.
certificate:
type: string
format: uuid
nullable: true
tls_server_name:
type: string
uid_start_number:
type: integer
maximum: 2147483647
minimum: -2147483648
description: The start for uidNumbers, this number is added to the user.pk
to make sure that the numbers aren't too low for POSIX users. Default
is 2000 to ensure that we don't collide with local users uidNumber
gid_start_number:
type: integer
maximum: 2147483647
minimum: -2147483648
description: The start for gidNumbers, this number is added to a number
generated from the group.pk to make sure that the numbers aren't too low
for POSIX groups. Default is 4000 to ensure that we don't collide with
local groups or users primary groups gidNumber
search_mode:
$ref: '#/components/schemas/LDAPAPIAccessMode'
bind_mode:
$ref: '#/components/schemas/LDAPAPIAccessMode'
mfa_support:
type: boolean
description: When enabled, code-based multi-factor authentication can be
used by appending a semicolon and the TOTP code to the password. This
should only be enabled if all users that will bind to this provider have
a TOTP device configured, as otherwise a password may incorrectly be rejected
if it contains a semicolon.
PatchedLDAPSourcePropertyMappingRequest:
type: object
description: LDAP PropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
PatchedLDAPSourceRequest:
type: object
description: LDAP Source Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
user_path_template:
type: string
minLength: 1
server_uri:
type: string
minLength: 1
format: uri
peer_certificate:
type: string
format: uuid
nullable: true
description: Optionally verify the LDAP Server's Certificate against the
CA Chain in this keypair.
client_certificate:
type: string
format: uuid
nullable: true
description: Client certificate to authenticate against the LDAP Server's
Certificate.
bind_cn:
type: string
bind_password:
type: string
writeOnly: true
start_tls:
type: boolean
title: Enable Start TLS
sni:
type: boolean
title: Use Server URI for SNI verification
base_dn:
type: string
minLength: 1
additional_user_dn:
type: string
title: Addition User DN
description: Prepended to Base DN for User-queries.
additional_group_dn:
type: string
title: Addition Group DN
description: Prepended to Base DN for Group-queries.
user_object_filter:
type: string
minLength: 1
description: Consider Objects matching this filter to be Users.
group_object_filter:
type: string
minLength: 1
description: Consider Objects matching this filter to be Groups.
group_membership_field:
type: string
minLength: 1
description: Field which contains members of a group.
user_membership_attribute:
type: string
minLength: 1
description: Attribute which matches the value of `group_membership_field`.
object_uniqueness_field:
type: string
minLength: 1
description: Field which contains a unique Identifier.
password_login_update_internal_password:
type: boolean
description: Update internal authentik password when login succeeds with
LDAP
sync_users:
type: boolean
sync_users_password:
type: boolean
description: When a user changes their password, sync it back to LDAP. This
can only be enabled on a single LDAP source.
sync_groups:
type: boolean
sync_parent_group:
type: string
format: uuid
nullable: true
lookup_groups_from_user:
type: boolean
description: Lookup group membership based on a user attribute instead of
a group attribute. This allows nested group resolution on systems like
FreeIPA and Active Directory
delete_not_found_objects:
type: boolean
description: Delete authentik users and groups which were previously supplied
by this source, but are now missing from it.
PatchedLicenseRequest:
type: object
description: License Serializer
properties:
key:
type: string
minLength: 1
PatchedMicrosoftEntraProviderMappingRequest:
type: object
description: MicrosoftEntraProviderMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
PatchedMicrosoftEntraProviderRequest:
type: object
description: MicrosoftEntraProvider Serializer
properties:
name:
type: string
minLength: 1
property_mappings:
type: array
items:
type: string
format: uuid
property_mappings_group:
type: array
items:
type: string
format: uuid
description: Property mappings used for group creation/updating.
client_id:
type: string
minLength: 1
client_secret:
type: string
minLength: 1
tenant_id:
type: string
minLength: 1
exclude_users_service_account:
type: boolean
filter_group:
type: string
format: uuid
nullable: true
user_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
group_delete_action:
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
dry_run:
type: boolean
description: When enabled, provider will not modify or create objects in
the remote system.
PatchedMutualTLSStageRequest:
type: object
description: MutualTLSStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
mode:
$ref: '#/components/schemas/MutualTLSStageModeEnum'
certificate_authorities:
type: array
items:
type: string
format: uuid
description: Configure certificate authorities to validate the certificate
against. This option has a higher priority than the `client_certificate`
option on `Brand`.
cert_attribute:
$ref: '#/components/schemas/CertAttributeEnum'
user_attribute:
$ref: '#/components/schemas/UserAttributeEnum'
PatchedNotificationRequest:
type: object
description: Notification Serializer
properties:
event:
$ref: '#/components/schemas/EventRequest'
seen:
type: boolean
PatchedNotificationRuleRequest:
type: object
description: NotificationRule Serializer
properties:
name:
type: string
minLength: 1
transports:
type: array
items:
type: string
format: uuid
description: Select which transports should be used to notify the user.
If none are selected, the notification will only be shown in the authentik
UI.
severity:
allOf:
- $ref: '#/components/schemas/SeverityEnum'
description: Controls which severity level the created notifications will
have.
group:
type: string
format: uuid
nullable: true
description: Define which group of users this notification should be sent
and shown to. If left empty, Notification won't ben sent.
PatchedNotificationTransportRequest:
type: object
description: NotificationTransport Serializer
properties:
name:
type: string
minLength: 1
mode:
$ref: '#/components/schemas/NotificationTransportModeEnum'
webhook_url:
type: string
format: uri
webhook_mapping_body:
type: string
format: uuid
nullable: true
description: Customize the body of the request. Mapping should return data
that is JSON-serializable.
webhook_mapping_headers:
type: string
format: uuid
nullable: true
description: Configure additional headers to be sent. Mapping should return
a dictionary of key-value pairs
send_once:
type: boolean
description: Only send notification once, for example when sending a webhook
into a chat channel.
PatchedNotificationWebhookMappingRequest:
type: object
description: NotificationWebhookMapping Serializer
properties:
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
PatchedOAuth2ProviderRequest:
type: object
description: OAuth2Provider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
client_type:
allOf:
- $ref: '#/components/schemas/ClientTypeEnum'
description: Confidential clients are capable of maintaining the confidentiality
of their credentials. Public clients are incapable
client_id:
type: string
minLength: 1
maxLength: 255
client_secret:
type: string
maxLength: 255
access_code_validity:
type: string
minLength: 1
description: 'Access codes not valid on or after current time + this value
(Format: hours=1;minutes=2;seconds=3).'
access_token_validity:
type: string
minLength: 1
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
refresh_token_validity:
type: string
minLength: 1
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
include_claims_in_id_token:
type: boolean
description: Include User claims from scopes in the id_token, for applications
that don't access the userinfo endpoint.
signing_key:
type: string
format: uuid
nullable: true
description: Key used to sign the tokens.
encryption_key:
type: string
format: uuid
nullable: true
description: Key used to encrypt the tokens. When set, tokens will be encrypted
and returned as JWEs.
redirect_uris:
type: array
items:
$ref: '#/components/schemas/RedirectURIRequest'
sub_mode:
allOf:
- $ref: '#/components/schemas/SubModeEnum'
description: Configure what data should be used as unique User Identifier.
For most cases, the default should be fine.
issuer_mode:
allOf:
- $ref: '#/components/schemas/IssuerModeEnum'
description: Configure how the issuer field of the ID Token should be filled.
jwt_federation_sources:
type: array
items:
type: string
format: uuid
title: Any JWT signed by the JWK of the selected source can be used to
authenticate.
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
jwt_federation_providers:
type: array
items:
type: integer
PatchedOAuthSourcePropertyMappingRequest:
type: object
description: OAuthSourcePropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
PatchedOAuthSourceRequest:
type: object
description: OAuth Source Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
user_path_template:
type: string
minLength: 1
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
provider_type:
$ref: '#/components/schemas/ProviderTypeEnum'
request_token_url:
type: string
nullable: true
description: URL used to request the initial token. This URL is only required
for OAuth 1.
maxLength: 255
authorization_url:
type: string
nullable: true
description: URL the user is redirect to to conest the flow.
maxLength: 255
access_token_url:
type: string
nullable: true
description: URL used by authentik to retrieve tokens.
maxLength: 255
profile_url:
type: string
nullable: true
description: URL used by authentik to get user information.
maxLength: 255
consumer_key:
type: string
minLength: 1
consumer_secret:
type: string
writeOnly: true
minLength: 1
additional_scopes:
type: string
oidc_well_known_url:
type: string
oidc_jwks_url:
type: string
oidc_jwks: {}
authorization_code_auth_method:
allOf:
- $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum'
description: How to perform authentication during an authorization_code
token request flow
PatchedOutpostRequest:
type: object
description: Outpost Serializer
properties:
name:
type: string
minLength: 1
type:
$ref: '#/components/schemas/OutpostTypeEnum'
providers:
type: array
items:
type: integer
service_connection:
type: string
format: uuid
nullable: true
description: Select Service-Connection authentik should use to manage this
outpost. Leave empty if authentik should not handle the deployment.
config:
type: object
additionalProperties: {}
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
PatchedPasswordExpiryPolicyRequest:
type: object
description: Password Expiry Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
days:
type: integer
maximum: 2147483647
minimum: -2147483648
deny_only:
type: boolean
PatchedPasswordPolicyRequest:
type: object
description: Password Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
password_field:
type: string
minLength: 1
description: Field key to check, field keys defined in Prompt stages are
available.
amount_digits:
type: integer
maximum: 2147483647
minimum: 0
amount_uppercase:
type: integer
maximum: 2147483647
minimum: 0
amount_lowercase:
type: integer
maximum: 2147483647
minimum: 0
amount_symbols:
type: integer
maximum: 2147483647
minimum: 0
length_min:
type: integer
maximum: 2147483647
minimum: 0
symbol_charset:
type: string
minLength: 1
error_message:
type: string
check_static_rules:
type: boolean
check_have_i_been_pwned:
type: boolean
check_zxcvbn:
type: boolean
hibp_allowed_count:
type: integer
maximum: 2147483647
minimum: 0
description: How many times the password hash is allowed to be on haveibeenpwned
zxcvbn_score_threshold:
type: integer
maximum: 2147483647
minimum: 0
description: If the zxcvbn score is equal or less than this value, the policy
will fail.
PatchedPasswordStageRequest:
type: object
description: PasswordStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
backends:
type: array
items:
$ref: '#/components/schemas/BackendsEnum'
description: Selection of backends to test the password against.
configure_flow:
type: string
format: uuid
nullable: true
description: Flow used by an authenticated user to configure this Stage.
If empty, user will not be able to configure this stage.
failed_attempts_before_cancel:
type: integer
maximum: 2147483647
minimum: -2147483648
description: How many attempts a user has before the flow is canceled. To
lock the user out, use a reputation policy and a user_write stage.
allow_show_password:
type: boolean
description: When enabled, provides a 'show password' button with the password
input field.
PatchedPermissionAssignRequest:
type: object
description: Request to assign a new permission
properties:
permissions:
type: array
items:
type: string
minLength: 1
model:
$ref: '#/components/schemas/ModelEnum'
object_pk:
type: string
minLength: 1
PatchedPlexSourcePropertyMappingRequest:
type: object
description: PlexSourcePropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
PatchedPlexSourceRequest:
type: object
description: Plex Source Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
user_path_template:
type: string
minLength: 1
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
client_id:
type: string
minLength: 1
description: Client identifier used to talk to Plex.
allowed_servers:
type: array
items:
type: string
minLength: 1
description: Which servers a user has to be a member of to be granted access.
Empty list allows every server.
allow_friends:
type: boolean
description: Allow friends to authenticate, even if you don't share a server.
plex_token:
type: string
minLength: 1
description: Plex token used to check friends
PatchedPolicyBindingRequest:
type: object
description: PolicyBinding Serializer
properties:
policy:
type: string
format: uuid
nullable: true
group:
type: string
format: uuid
nullable: true
user:
type: integer
nullable: true
target:
type: string
format: uuid
negate:
type: boolean
description: Negates the outcome of the policy. Messages are unaffected.
enabled:
type: boolean
order:
type: integer
maximum: 2147483647
minimum: -2147483648
timeout:
type: integer
maximum: 2147483647
minimum: 0
description: Timeout after which Policy execution is terminated.
failure_result:
type: boolean
description: Result if the Policy execution fails.
PatchedPromptRequest:
type: object
description: Prompt Serializer
properties:
name:
type: string
minLength: 1
field_key:
type: string
minLength: 1
description: Name of the form field, also used to store the value
label:
type: string
minLength: 1
type:
$ref: '#/components/schemas/PromptTypeEnum'
required:
type: boolean
placeholder:
type: string
description: Optionally provide a short hint that describes the expected
input value. When creating a fixed choice field, enable interpreting as
expression and return a list to return multiple choices.
initial_value:
type: string
description: Optionally pre-fill the input with an initial value. When creating
a fixed choice field, enable interpreting as expression and return a list
to return multiple default choices.
order:
type: integer
maximum: 2147483647
minimum: -2147483648
promptstage_set:
type: array
items:
$ref: '#/components/schemas/StageRequest'
sub_text:
type: string
placeholder_expression:
type: boolean
initial_value_expression:
type: boolean
PatchedPromptStageRequest:
type: object
description: PromptStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
fields:
type: array
items:
type: string
format: uuid
validation_policies:
type: array
items:
type: string
format: uuid
PatchedProxyProviderRequest:
type: object
description: ProxyProvider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
internal_host:
type: string
format: uri
external_host:
type: string
minLength: 1
format: uri
internal_host_ssl_validation:
type: boolean
description: Validate SSL Certificates of upstream servers
certificate:
type: string
format: uuid
nullable: true
skip_path_regex:
type: string
description: Regular expressions for which authentication is not required.
Each new line is interpreted as a new Regular Expression.
basic_auth_enabled:
type: boolean
title: Set HTTP-Basic Authentication
description: Set a custom HTTP-Basic Authentication header based on values
from authentik.
basic_auth_password_attribute:
type: string
title: HTTP-Basic Password Key
description: User/Group Attribute used for the password part of the HTTP-Basic
Header.
basic_auth_user_attribute:
type: string
title: HTTP-Basic Username Key
description: User/Group Attribute used for the user part of the HTTP-Basic
Header. If not set, the user's Email address is used.
mode:
allOf:
- $ref: '#/components/schemas/ProxyMode'
description: Enable support for forwardAuth in traefik and nginx auth_request.
Exclusive with internal_host.
intercept_header_auth:
type: boolean
description: When enabled, this provider will intercept the authorization
header and authenticate requests based on its value.
cookie_domain:
type: string
jwt_federation_sources:
type: array
items:
type: string
format: uuid
title: Any JWT signed by the JWK of the selected source can be used to
authenticate.
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
jwt_federation_providers:
type: array
items:
type: integer
access_token_validity:
type: string
minLength: 1
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
refresh_token_validity:
type: string
minLength: 1
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
PatchedRACPropertyMappingRequest:
type: object
description: RACPropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
static_settings:
type: object
additionalProperties: {}
PatchedRACProviderRequest:
type: object
description: RACProvider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
property_mappings:
type: array
items:
type: string
format: uuid
settings: {}
connection_expiry:
type: string
minLength: 1
description: 'Determines how long a session lasts. Default of 0 means that
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
delete_token_on_disconnect:
type: boolean
description: When set to true, connection tokens will be deleted upon disconnect.
PatchedRadiusProviderPropertyMappingRequest:
type: object
description: RadiusProviderPropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
PatchedRadiusProviderRequest:
type: object
description: RadiusProvider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
client_networks:
type: string
minLength: 1
description: List of CIDRs (comma-separated) that clients can connect from.
A more specific CIDR will match before a looser one. Clients connecting
from a non-specified CIDR will be dropped.
shared_secret:
type: string
minLength: 1
description: Shared secret between clients and server to hash packets.
mfa_support:
type: boolean
description: When enabled, code-based multi-factor authentication can be
used by appending a semicolon and the TOTP code to the password. This
should only be enabled if all users that will bind to this provider have
a TOTP device configured, as otherwise a password may incorrectly be rejected
if it contains a semicolon.
PatchedRedirectStageRequest:
type: object
description: RedirectStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
keep_context:
type: boolean
mode:
$ref: '#/components/schemas/RedirectStageModeEnum'
target_static:
type: string
target_flow:
type: string
format: uuid
nullable: true
PatchedReputationPolicyRequest:
type: object
description: Reputation Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
check_ip:
type: boolean
check_username:
type: boolean
threshold:
type: integer
maximum: 2147483647
minimum: -2147483648
PatchedRoleRequest:
type: object
description: Role serializer
properties:
name:
type: string
minLength: 1
maxLength: 150
PatchedSAMLPropertyMappingRequest:
type: object
description: SAMLPropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
saml_name:
type: string
minLength: 1
friendly_name:
type: string
nullable: true
PatchedSAMLProviderRequest:
type: object
description: SAMLProvider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
acs_url:
type: string
minLength: 1
format: uri
audience:
type: string
description: Value of the audience restriction field of the assertion. When
left empty, no audience restriction will be added.
issuer:
type: string
minLength: 1
description: Also known as EntityID
assertion_valid_not_before:
type: string
minLength: 1
description: 'Assertion valid not before current time + this value (Format:
hours=-1;minutes=-2;seconds=-3).'
assertion_valid_not_on_or_after:
type: string
minLength: 1
description: 'Assertion not valid on or after current time + this value
(Format: hours=1;minutes=2;seconds=3).'
session_valid_not_on_or_after:
type: string
minLength: 1
description: 'Session not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
name_id_mapping:
type: string
format: uuid
nullable: true
title: NameID Property Mapping
description: Configure how the NameID value will be created. When left empty,
the NameIDPolicy of the incoming request will be considered
authn_context_class_ref_mapping:
type: string
format: uuid
nullable: true
title: AuthnContextClassRef Property Mapping
description: Configure how the AuthnContextClassRef value will be created.
When left empty, the AuthnContextClassRef will be set based on which authentication
methods the user used to authenticate.
digest_algorithm:
$ref: '#/components/schemas/DigestAlgorithmEnum'
signature_algorithm:
$ref: '#/components/schemas/SignatureAlgorithmEnum'
signing_kp:
type: string
format: uuid
nullable: true
title: Signing Keypair
description: Keypair used to sign outgoing Responses going to the Service
Provider.
verification_kp:
type: string
format: uuid
nullable: true
title: Verification Certificate
description: When selected, incoming assertion's Signatures will be validated
against this certificate. To allow unsigned Requests, leave on default.
encryption_kp:
type: string
format: uuid
nullable: true
title: Encryption Keypair
description: When selected, incoming assertions are encrypted by the IdP
using the public key of the encryption keypair. The assertion is decrypted
by the SP using the the private key.
sign_assertion:
type: boolean
sign_response:
type: boolean
sp_binding:
allOf:
- $ref: '#/components/schemas/SpBindingEnum'
title: Service Provider Binding
description: This determines how authentik sends the response back to the
Service Provider.
default_relay_state:
type: string
description: Default relay_state value for IDP-initiated logins
PatchedSAMLSourcePropertyMappingRequest:
type: object
description: SAMLSourcePropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
PatchedSAMLSourceRequest:
type: object
description: SAMLSource Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
user_path_template:
type: string
minLength: 1
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
pre_authentication_flow:
type: string
format: uuid
description: Flow used before authentication.
issuer:
type: string
description: Also known as Entity ID. Defaults the Metadata URL.
sso_url:
type: string
minLength: 1
description: URL that the initial Login request is sent to.
format: uri
slo_url:
type: string
nullable: true
description: Optional URL if your IDP supports Single-Logout.
format: uri
allow_idp_initiated:
type: boolean
description: Allows authentication flows initiated by the IdP. This can
be a security risk, as no validation of the request ID is done.
name_id_policy:
allOf:
- $ref: '#/components/schemas/NameIdPolicyEnum'
description: NameID Policy sent to the IdP. Can be unset, in which case
no Policy is sent.
binding_type:
$ref: '#/components/schemas/BindingTypeEnum'
verification_kp:
type: string
format: uuid
nullable: true
title: Verification Certificate
description: When selected, incoming assertion's Signatures will be validated
against this certificate. To allow unsigned Requests, leave on default.
signing_kp:
type: string
format: uuid
nullable: true
title: Signing Keypair
description: Keypair used to sign outgoing Responses going to the Identity
Provider.
digest_algorithm:
$ref: '#/components/schemas/DigestAlgorithmEnum'
signature_algorithm:
$ref: '#/components/schemas/SignatureAlgorithmEnum'
temporary_user_delete_after:
type: string
minLength: 1
title: Delete temporary users after
description: 'Time offset when temporary users should be deleted. This only
applies if your IDP uses the NameID Format ''transient'', and the user
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
encryption_kp:
type: string
format: uuid
nullable: true
title: Encryption Keypair
description: When selected, incoming assertions are encrypted by the IdP
using the public key of the encryption keypair. The assertion is decrypted
by the SP using the the private key.
PatchedSCIMMappingRequest:
type: object
description: SCIMMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
PatchedSCIMProviderRequest:
type: object
description: SCIMProvider Serializer
properties:
name:
type: string
minLength: 1
property_mappings:
type: array
items:
type: string
format: uuid
property_mappings_group:
type: array
items:
type: string
format: uuid
description: Property mappings used for group creation/updating.
url:
type: string
minLength: 1
description: Base URL to SCIM requests, usually ends in /v2
verify_certificates:
type: boolean
token:
type: string
minLength: 1
description: Authentication token
compatibility_mode:
allOf:
- $ref: '#/components/schemas/CompatibilityModeEnum'
title: SCIM Compatibility Mode
description: Alter authentik behavior for vendor-specific SCIM implementations.
exclude_users_service_account:
type: boolean
filter_group:
type: string
format: uuid
nullable: true
dry_run:
type: boolean
description: When enabled, provider will not modify or create objects in
the remote system.
PatchedSCIMSourceGroupRequest:
type: object
description: SCIMSourceGroup Serializer
properties:
id:
type: string
minLength: 1
group:
type: string
format: uuid
source:
type: string
format: uuid
attributes: {}
PatchedSCIMSourcePropertyMappingRequest:
type: object
description: SCIMSourcePropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
PatchedSCIMSourceRequest:
type: object
description: SCIMSource Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
user_path_template:
type: string
minLength: 1
PatchedSCIMSourceUserRequest:
type: object
description: SCIMSourceUser Serializer
properties:
id:
type: string
minLength: 1
user:
type: integer
source:
type: string
format: uuid
attributes: {}
PatchedSMSDeviceRequest:
type: object
description: Serializer for sms authenticator devices
properties:
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
PatchedSSFProviderRequest:
type: object
description: SSFProvider Serializer
properties:
name:
type: string
minLength: 1
signing_key:
type: string
format: uuid
description: Key used to sign the SSF Events.
oidc_auth_providers:
type: array
items:
type: integer
event_retention:
type: string
minLength: 1
PatchedScopeMappingRequest:
type: object
description: ScopeMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
scope_name:
type: string
minLength: 1
description: Scope name requested by the client
description:
type: string
description: Description shown to the user when consenting. If left empty,
the user won't be informed.
PatchedSettingsRequest:
type: object
description: Settings Serializer
properties:
avatars:
type: string
minLength: 1
description: Configure how authentik should show avatars for users.
default_user_change_name:
type: boolean
description: Enable the ability for users to change their name.
default_user_change_email:
type: boolean
description: Enable the ability for users to change their email address.
default_user_change_username:
type: boolean
description: Enable the ability for users to change their username.
event_retention:
type: string
minLength: 1
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
reputation_lower_limit:
type: integer
maximum: 0
minimum: -2147483648
description: Reputation cannot decrease lower than this value. Zero or negative.
reputation_upper_limit:
type: integer
maximum: 2147483647
minimum: 0
description: Reputation cannot increase higher than this value. Zero or
positive.
footer_links:
description: The option configures the footer links on the flow executor
pages.
gdpr_compliance:
type: boolean
description: When enabled, all the events caused by a user will be deleted
upon the user's deletion.
impersonation:
type: boolean
description: Globally enable/disable impersonation.
impersonation_require_reason:
type: boolean
description: Require administrators to provide a reason for impersonating
a user.
default_token_duration:
type: string
minLength: 1
description: Default token duration
default_token_length:
type: integer
maximum: 2147483647
minimum: 1
description: Default token length
PatchedSourceStageRequest:
type: object
description: SourceStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
source:
type: string
format: uuid
resume_timeout:
type: string
minLength: 1
description: 'Amount of time a user can take to return from the source to
continue the flow (Format: hours=-1;minutes=-2;seconds=-3)'
PatchedStaticDeviceRequest:
type: object
description: Serializer for static authenticator devices
properties:
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
PatchedTOTPDeviceRequest:
type: object
description: Serializer for totp authenticator devices
properties:
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
PatchedTenantRequest:
type: object
description: Tenant Serializer
properties:
schema_name:
type: string
minLength: 1
maxLength: 63
name:
type: string
minLength: 1
ready:
type: boolean
PatchedTokenRequest:
type: object
description: Token Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
identifier:
type: string
minLength: 1
maxLength: 255
pattern: ^[-a-zA-Z0-9_]+$
intent:
$ref: '#/components/schemas/IntentEnum'
user:
type: integer
description:
type: string
expires:
type: string
format: date-time
nullable: true
expiring:
type: boolean
PatchedUniquePasswordPolicyRequest:
type: object
description: Password Uniqueness Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
password_field:
type: string
minLength: 1
description: Field key to check, field keys defined in Prompt stages are
available.
num_historical_passwords:
type: integer
maximum: 2147483647
minimum: 0
description: Number of passwords to check against.
PatchedUserDeleteStageRequest:
type: object
description: UserDeleteStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
PatchedUserKerberosSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
PatchedUserLDAPSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
PatchedUserLoginStageRequest:
type: object
description: UserLoginStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
session_duration:
type: string
minLength: 1
description: 'Determines how long a session lasts. Default of 0 means that
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
terminate_other_sessions:
type: boolean
description: Terminate all other sessions of the user logging in.
remember_me_offset:
type: string
minLength: 1
description: 'Offset the session will be extended by when the user picks
the remember me option. Default of 0 means that the remember me option
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
network_binding:
allOf:
- $ref: '#/components/schemas/NetworkBindingEnum'
description: Bind sessions created by this stage to the configured network
geoip_binding:
allOf:
- $ref: '#/components/schemas/GeoipBindingEnum'
description: Bind sessions created by this stage to the configured GeoIP
location
PatchedUserLogoutStageRequest:
type: object
description: UserLogoutStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
PatchedUserOAuthSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
access_token:
type: string
writeOnly: true
nullable: true
PatchedUserPlexSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
plex_token:
type: string
writeOnly: true
minLength: 1
PatchedUserRequest:
type: object
description: User Serializer
properties:
username:
type: string
minLength: 1
maxLength: 150
name:
type: string
description: User's display name.
is_active:
type: boolean
title: Active
description: Designates whether this user should be treated as active. Unselect
this instead of deleting accounts.
last_login:
type: string
format: date-time
nullable: true
groups:
type: array
items:
type: string
format: uuid
email:
type: string
format: email
title: Email address
maxLength: 254
attributes:
type: object
additionalProperties: {}
path:
type: string
minLength: 1
type:
$ref: '#/components/schemas/UserTypeEnum'
PatchedUserSAMLSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
PatchedUserSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
PatchedUserWriteStageRequest:
type: object
description: UserWriteStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
user_creation_mode:
$ref: '#/components/schemas/UserCreationModeEnum'
create_users_as_inactive:
type: boolean
description: When set, newly created users are inactive and cannot login.
create_users_group:
type: string
format: uuid
nullable: true
description: Optionally add newly created users to this group.
user_type:
$ref: '#/components/schemas/UserTypeEnum'
user_path_template:
type: string
PatchedWebAuthnDeviceRequest:
type: object
description: Serializer for WebAuthn authenticator devices
properties:
name:
type: string
minLength: 1
maxLength: 200
Permission:
type: object
description: Global permission
properties:
id:
type: integer
readOnly: true
name:
type: string
maxLength: 255
codename:
type: string
maxLength: 100
model:
type: string
title: Python model class name
readOnly: true
app_label:
type: string
readOnly: true
app_label_verbose:
type: string
description: Human-readable app label
readOnly: true
model_verbose:
type: string
description: Human-readable model name
readOnly: true
required:
- app_label
- app_label_verbose
- codename
- id
- model
- model_verbose
- name
PermissionAssignRequest:
type: object
description: Request to assign a new permission
properties:
permissions:
type: array
items:
type: string
minLength: 1
model:
$ref: '#/components/schemas/ModelEnum'
object_pk:
type: string
minLength: 1
required:
- permissions
PermissionAssignResult:
type: object
description: Result from assigning permissions to a user/role
properties:
id:
type: string
required:
- id
PermissionRequest:
type: object
description: Global permission
properties:
name:
type: string
minLength: 1
maxLength: 255
codename:
type: string
minLength: 1
maxLength: 100
required:
- codename
- name
PlexAuthenticationChallenge:
type: object
description: Challenge shown to the user in identification stage
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-source-plex
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
client_id:
type: string
slug:
type: string
required:
- client_id
- slug
PlexAuthenticationChallengeResponseRequest:
type: object
description: Pseudo class for plex response
properties:
component:
type: string
minLength: 1
default: ak-source-plex
PlexSource:
type: object
description: Plex Source Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pbm uuid
name:
type: string
description: Source's display Name.
slug:
type: string
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
readOnly: true
user_path_template:
type: string
icon:
type: string
readOnly: true
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
client_id:
type: string
description: Client identifier used to talk to Plex.
allowed_servers:
type: array
items:
type: string
description: Which servers a user has to be a member of to be granted access.
Empty list allows every server.
allow_friends:
type: boolean
description: Allow friends to authenticate, even if you don't share a server.
plex_token:
type: string
description: Plex token used to check friends
required:
- component
- icon
- managed
- meta_model_name
- name
- pk
- plex_token
- slug
- verbose_name
- verbose_name_plural
PlexSourcePropertyMapping:
type: object
description: PlexSourcePropertyMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
PlexSourcePropertyMappingRequest:
type: object
description: PlexSourcePropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
required:
- expression
- name
PlexSourceRequest:
type: object
description: Plex Source Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
user_path_template:
type: string
minLength: 1
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
client_id:
type: string
minLength: 1
description: Client identifier used to talk to Plex.
allowed_servers:
type: array
items:
type: string
minLength: 1
description: Which servers a user has to be a member of to be granted access.
Empty list allows every server.
allow_friends:
type: boolean
description: Allow friends to authenticate, even if you don't share a server.
plex_token:
type: string
minLength: 1
description: Plex token used to check friends
required:
- name
- plex_token
- slug
PlexTokenRedeemRequest:
type: object
description: Serializer to redeem a plex token
properties:
plex_token:
type: string
minLength: 1
required:
- plex_token
Policy:
type: object
description: Policy Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Policy uuid
name:
type: string
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
bound_to:
type: integer
description: Return objects policy is bound to
readOnly: true
required:
- bound_to
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
PolicyBinding:
type: object
description: PolicyBinding Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Policy binding uuid
policy:
type: string
format: uuid
nullable: true
group:
type: string
format: uuid
nullable: true
user:
type: integer
nullable: true
policy_obj:
allOf:
- $ref: '#/components/schemas/Policy'
readOnly: true
group_obj:
allOf:
- $ref: '#/components/schemas/Group'
readOnly: true
user_obj:
allOf:
- $ref: '#/components/schemas/User'
readOnly: true
target:
type: string
format: uuid
negate:
type: boolean
description: Negates the outcome of the policy. Messages are unaffected.
enabled:
type: boolean
order:
type: integer
maximum: 2147483647
minimum: -2147483648
timeout:
type: integer
maximum: 2147483647
minimum: 0
description: Timeout after which Policy execution is terminated.
failure_result:
type: boolean
description: Result if the Policy execution fails.
required:
- group_obj
- order
- pk
- policy_obj
- target
- user_obj
PolicyBindingRequest:
type: object
description: PolicyBinding Serializer
properties:
policy:
type: string
format: uuid
nullable: true
group:
type: string
format: uuid
nullable: true
user:
type: integer
nullable: true
target:
type: string
format: uuid
negate:
type: boolean
description: Negates the outcome of the policy. Messages are unaffected.
enabled:
type: boolean
order:
type: integer
maximum: 2147483647
minimum: -2147483648
timeout:
type: integer
maximum: 2147483647
minimum: 0
description: Timeout after which Policy execution is terminated.
failure_result:
type: boolean
description: Result if the Policy execution fails.
required:
- order
- target
PolicyEngineMode:
enum:
- all
- any
type: string
PolicyRequest:
type: object
description: Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
required:
- name
PolicyTestRequest:
type: object
description: Test policy execution for a user with context
properties:
user:
type: integer
context:
type: object
additionalProperties: {}
required:
- user
PolicyTestResult:
type: object
description: result of a policy test
properties:
passing:
type: boolean
messages:
type: array
items:
type: string
readOnly: true
log_messages:
type: array
items:
$ref: '#/components/schemas/LogEvent'
readOnly: true
required:
- log_messages
- messages
- passing
Prompt:
type: object
description: Prompt Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Prompt uuid
name:
type: string
field_key:
type: string
description: Name of the form field, also used to store the value
label:
type: string
type:
$ref: '#/components/schemas/PromptTypeEnum'
required:
type: boolean
placeholder:
type: string
description: Optionally provide a short hint that describes the expected
input value. When creating a fixed choice field, enable interpreting as
expression and return a list to return multiple choices.
initial_value:
type: string
description: Optionally pre-fill the input with an initial value. When creating
a fixed choice field, enable interpreting as expression and return a list
to return multiple default choices.
order:
type: integer
maximum: 2147483647
minimum: -2147483648
promptstage_set:
type: array
items:
$ref: '#/components/schemas/Stage'
sub_text:
type: string
placeholder_expression:
type: boolean
initial_value_expression:
type: boolean
required:
- field_key
- label
- name
- pk
- type
PromptChallenge:
type: object
description: Initial challenge being sent, define fields
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-prompt
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
fields:
type: array
items:
$ref: '#/components/schemas/StagePrompt'
required:
- fields
PromptChallengeResponseRequest:
type: object
description: |-
Validate response, fields are dynamically created based
on the stage
properties:
component:
type: string
minLength: 1
default: ak-stage-prompt
additionalProperties: {}
PromptRequest:
type: object
description: Prompt Serializer
properties:
name:
type: string
minLength: 1
field_key:
type: string
minLength: 1
description: Name of the form field, also used to store the value
label:
type: string
minLength: 1
type:
$ref: '#/components/schemas/PromptTypeEnum'
required:
type: boolean
placeholder:
type: string
description: Optionally provide a short hint that describes the expected
input value. When creating a fixed choice field, enable interpreting as
expression and return a list to return multiple choices.
initial_value:
type: string
description: Optionally pre-fill the input with an initial value. When creating
a fixed choice field, enable interpreting as expression and return a list
to return multiple default choices.
order:
type: integer
maximum: 2147483647
minimum: -2147483648
promptstage_set:
type: array
items:
$ref: '#/components/schemas/StageRequest'
sub_text:
type: string
placeholder_expression:
type: boolean
initial_value_expression:
type: boolean
required:
- field_key
- label
- name
- type
PromptStage:
type: object
description: PromptStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
fields:
type: array
items:
type: string
format: uuid
validation_policies:
type: array
items:
type: string
format: uuid
required:
- component
- fields
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
PromptStageRequest:
type: object
description: PromptStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
fields:
type: array
items:
type: string
format: uuid
validation_policies:
type: array
items:
type: string
format: uuid
required:
- fields
- name
PromptTypeEnum:
enum:
- text
- text_area
- text_read_only
- text_area_read_only
- username
- email
- password
- number
- checkbox
- radio-button-group
- dropdown
- date
- date-time
- file
- separator
- hidden
- static
- ak-locale
type: string
PropertyMapping:
type: object
description: PropertyMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
PropertyMappingPreview:
type: object
description: Preview how the current user is mapped via the property mappings
selected in a provider
properties:
preview:
type: object
additionalProperties: {}
readOnly: true
required:
- preview
PropertyMappingTestRequest:
type: object
description: Test property mapping execution for a user/group with context
properties:
user:
type: integer
nullable: true
context:
type: object
additionalProperties: {}
group:
type: string
format: uuid
nullable: true
PropertyMappingTestResult:
type: object
description: Result of a Property-mapping test
properties:
result:
type: string
readOnly: true
successful:
type: boolean
readOnly: true
required:
- result
- successful
ProtocolEnum:
enum:
- rdp
- vnc
- ssh
type: string
Provider:
type: object
description: Provider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
assigned_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_application_name:
type: string
description: Application's display Name.
readOnly: true
assigned_backchannel_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_backchannel_application_name:
type: string
description: Application's display Name.
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- assigned_application_name
- assigned_application_slug
- assigned_backchannel_application_name
- assigned_backchannel_application_slug
- authorization_flow
- component
- invalidation_flow
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
ProviderEnum:
enum:
- twilio
- generic
type: string
ProviderModelEnum:
enum:
- authentik_providers_google_workspace.googleworkspaceprovider
- authentik_providers_ldap.ldapprovider
- authentik_providers_microsoft_entra.microsoftentraprovider
- authentik_providers_oauth2.oauth2provider
- authentik_providers_proxy.proxyprovider
- authentik_providers_rac.racprovider
- authentik_providers_radius.radiusprovider
- authentik_providers_saml.samlprovider
- authentik_providers_scim.scimprovider
- authentik_providers_ssf.ssfprovider
type: string
ProviderRequest:
type: object
description: Provider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
required:
- authorization_flow
- invalidation_flow
- name
ProviderTypeEnum:
enum:
- apple
- openidconnect
- azuread
- discord
- facebook
- github
- gitlab
- google
- mailcow
- okta
- patreon
- reddit
- twitch
- twitter
type: string
ProxyMode:
enum:
- proxy
- forward_single
- forward_domain
type: string
ProxyOutpostConfig:
type: object
description: Proxy provider serializer for outposts
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
internal_host:
type: string
format: uri
external_host:
type: string
format: uri
internal_host_ssl_validation:
type: boolean
description: Validate SSL Certificates of upstream servers
client_id:
type: string
maxLength: 255
client_secret:
type: string
maxLength: 255
oidc_configuration:
allOf:
- $ref: '#/components/schemas/OpenIDConnectConfiguration'
readOnly: true
cookie_secret:
type: string
certificate:
type: string
format: uuid
nullable: true
skip_path_regex:
type: string
description: Regular expressions for which authentication is not required.
Each new line is interpreted as a new Regular Expression.
basic_auth_enabled:
type: boolean
title: Set HTTP-Basic Authentication
description: Set a custom HTTP-Basic Authentication header based on values
from authentik.
basic_auth_password_attribute:
type: string
title: HTTP-Basic Password Key
description: User/Group Attribute used for the password part of the HTTP-Basic
Header.
basic_auth_user_attribute:
type: string
title: HTTP-Basic Username Key
description: User/Group Attribute used for the user part of the HTTP-Basic
Header. If not set, the user's Email address is used.
mode:
allOf:
- $ref: '#/components/schemas/ProxyMode'
description: Enable support for forwardAuth in traefik and nginx auth_request.
Exclusive with internal_host.
cookie_domain:
type: string
access_token_validity:
type: number
format: double
nullable: true
description: Get token validity as second count
readOnly: true
intercept_header_auth:
type: boolean
description: When enabled, this provider will intercept the authorization
header and authenticate requests based on its value.
scopes_to_request:
type: array
items:
type: string
description: |-
Get all the scope names the outpost should request,
including custom-defined ones
readOnly: true
assigned_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_application_name:
type: string
description: Application's display Name.
readOnly: true
required:
- access_token_validity
- assigned_application_name
- assigned_application_slug
- external_host
- name
- oidc_configuration
- pk
- scopes_to_request
ProxyProvider:
type: object
description: ProxyProvider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
assigned_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_application_name:
type: string
description: Application's display Name.
readOnly: true
assigned_backchannel_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_backchannel_application_name:
type: string
description: Application's display Name.
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
client_id:
type: string
readOnly: true
internal_host:
type: string
format: uri
external_host:
type: string
format: uri
internal_host_ssl_validation:
type: boolean
description: Validate SSL Certificates of upstream servers
certificate:
type: string
format: uuid
nullable: true
skip_path_regex:
type: string
description: Regular expressions for which authentication is not required.
Each new line is interpreted as a new Regular Expression.
basic_auth_enabled:
type: boolean
title: Set HTTP-Basic Authentication
description: Set a custom HTTP-Basic Authentication header based on values
from authentik.
basic_auth_password_attribute:
type: string
title: HTTP-Basic Password Key
description: User/Group Attribute used for the password part of the HTTP-Basic
Header.
basic_auth_user_attribute:
type: string
title: HTTP-Basic Username Key
description: User/Group Attribute used for the user part of the HTTP-Basic
Header. If not set, the user's Email address is used.
mode:
allOf:
- $ref: '#/components/schemas/ProxyMode'
description: Enable support for forwardAuth in traefik and nginx auth_request.
Exclusive with internal_host.
intercept_header_auth:
type: boolean
description: When enabled, this provider will intercept the authorization
header and authenticate requests based on its value.
redirect_uris:
type: array
items:
$ref: '#/components/schemas/RedirectURI'
readOnly: true
cookie_domain:
type: string
jwt_federation_sources:
type: array
items:
type: string
format: uuid
title: Any JWT signed by the JWK of the selected source can be used to
authenticate.
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
jwt_federation_providers:
type: array
items:
type: integer
access_token_validity:
type: string
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
refresh_token_validity:
type: string
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
outpost_set:
type: array
items:
type: string
readOnly: true
required:
- assigned_application_name
- assigned_application_slug
- assigned_backchannel_application_name
- assigned_backchannel_application_slug
- authorization_flow
- client_id
- component
- external_host
- invalidation_flow
- meta_model_name
- name
- outpost_set
- pk
- redirect_uris
- verbose_name
- verbose_name_plural
ProxyProviderRequest:
type: object
description: ProxyProvider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
internal_host:
type: string
format: uri
external_host:
type: string
minLength: 1
format: uri
internal_host_ssl_validation:
type: boolean
description: Validate SSL Certificates of upstream servers
certificate:
type: string
format: uuid
nullable: true
skip_path_regex:
type: string
description: Regular expressions for which authentication is not required.
Each new line is interpreted as a new Regular Expression.
basic_auth_enabled:
type: boolean
title: Set HTTP-Basic Authentication
description: Set a custom HTTP-Basic Authentication header based on values
from authentik.
basic_auth_password_attribute:
type: string
title: HTTP-Basic Password Key
description: User/Group Attribute used for the password part of the HTTP-Basic
Header.
basic_auth_user_attribute:
type: string
title: HTTP-Basic Username Key
description: User/Group Attribute used for the user part of the HTTP-Basic
Header. If not set, the user's Email address is used.
mode:
allOf:
- $ref: '#/components/schemas/ProxyMode'
description: Enable support for forwardAuth in traefik and nginx auth_request.
Exclusive with internal_host.
intercept_header_auth:
type: boolean
description: When enabled, this provider will intercept the authorization
header and authenticate requests based on its value.
cookie_domain:
type: string
jwt_federation_sources:
type: array
items:
type: string
format: uuid
title: Any JWT signed by the JWK of the selected source can be used to
authenticate.
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
jwt_federation_providers:
type: array
items:
type: integer
access_token_validity:
type: string
minLength: 1
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
refresh_token_validity:
type: string
minLength: 1
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
required:
- authorization_flow
- external_host
- invalidation_flow
- name
RACPropertyMapping:
type: object
description: RACPropertyMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
static_settings:
type: object
additionalProperties: {}
required:
- component
- meta_model_name
- name
- pk
- static_settings
- verbose_name
- verbose_name_plural
RACPropertyMappingRequest:
type: object
description: RACPropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
static_settings:
type: object
additionalProperties: {}
required:
- name
- static_settings
RACProvider:
type: object
description: RACProvider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
assigned_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_application_name:
type: string
description: Application's display Name.
readOnly: true
assigned_backchannel_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_backchannel_application_name:
type: string
description: Application's display Name.
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
settings: {}
outpost_set:
type: array
items:
type: string
readOnly: true
connection_expiry:
type: string
description: 'Determines how long a session lasts. Default of 0 means that
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
delete_token_on_disconnect:
type: boolean
description: When set to true, connection tokens will be deleted upon disconnect.
required:
- assigned_application_name
- assigned_application_slug
- assigned_backchannel_application_name
- assigned_backchannel_application_slug
- authorization_flow
- component
- meta_model_name
- name
- outpost_set
- pk
- verbose_name
- verbose_name_plural
RACProviderRequest:
type: object
description: RACProvider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
property_mappings:
type: array
items:
type: string
format: uuid
settings: {}
connection_expiry:
type: string
minLength: 1
description: 'Determines how long a session lasts. Default of 0 means that
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
delete_token_on_disconnect:
type: boolean
description: When set to true, connection tokens will be deleted upon disconnect.
required:
- authorization_flow
- name
RadiusCheckAccess:
type: object
description: Base serializer class which doesn't implement create/update methods
properties:
attributes:
type: string
access:
$ref: '#/components/schemas/PolicyTestResult'
required:
- access
RadiusOutpostConfig:
type: object
description: RadiusProvider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
application_slug:
type: string
auth_flow_slug:
type: string
client_networks:
type: string
description: List of CIDRs (comma-separated) that clients can connect from.
A more specific CIDR will match before a looser one. Clients connecting
from a non-specified CIDR will be dropped.
shared_secret:
type: string
description: Shared secret between clients and server to hash packets.
mfa_support:
type: boolean
description: When enabled, code-based multi-factor authentication can be
used by appending a semicolon and the TOTP code to the password. This
should only be enabled if all users that will bind to this provider have
a TOTP device configured, as otherwise a password may incorrectly be rejected
if it contains a semicolon.
required:
- application_slug
- auth_flow_slug
- name
- pk
RadiusProvider:
type: object
description: RadiusProvider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
assigned_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_application_name:
type: string
description: Application's display Name.
readOnly: true
assigned_backchannel_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_backchannel_application_name:
type: string
description: Application's display Name.
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
client_networks:
type: string
description: List of CIDRs (comma-separated) that clients can connect from.
A more specific CIDR will match before a looser one. Clients connecting
from a non-specified CIDR will be dropped.
shared_secret:
type: string
description: Shared secret between clients and server to hash packets.
outpost_set:
type: array
items:
type: string
readOnly: true
mfa_support:
type: boolean
description: When enabled, code-based multi-factor authentication can be
used by appending a semicolon and the TOTP code to the password. This
should only be enabled if all users that will bind to this provider have
a TOTP device configured, as otherwise a password may incorrectly be rejected
if it contains a semicolon.
required:
- assigned_application_name
- assigned_application_slug
- assigned_backchannel_application_name
- assigned_backchannel_application_slug
- authorization_flow
- component
- invalidation_flow
- meta_model_name
- name
- outpost_set
- pk
- verbose_name
- verbose_name_plural
RadiusProviderPropertyMapping:
type: object
description: RadiusProviderPropertyMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
RadiusProviderPropertyMappingRequest:
type: object
description: RadiusProviderPropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
required:
- expression
- name
RadiusProviderRequest:
type: object
description: RadiusProvider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
client_networks:
type: string
minLength: 1
description: List of CIDRs (comma-separated) that clients can connect from.
A more specific CIDR will match before a looser one. Clients connecting
from a non-specified CIDR will be dropped.
shared_secret:
type: string
minLength: 1
description: Shared secret between clients and server to hash packets.
mfa_support:
type: boolean
description: When enabled, code-based multi-factor authentication can be
used by appending a semicolon and the TOTP code to the password. This
should only be enabled if all users that will bind to this provider have
a TOTP device configured, as otherwise a password may incorrectly be rejected
if it contains a semicolon.
required:
- authorization_flow
- invalidation_flow
- name
RedirectChallenge:
type: object
description: Challenge type to redirect the client
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: xak-flow-redirect
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
to:
type: string
required:
- to
RedirectChallengeResponseRequest:
type: object
description: Redirect challenge response
properties:
component:
type: string
minLength: 1
default: xak-flow-redirect
to:
type: string
minLength: 1
required:
- to
RedirectStage:
type: object
description: RedirectStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
keep_context:
type: boolean
mode:
$ref: '#/components/schemas/RedirectStageModeEnum'
target_static:
type: string
target_flow:
type: string
format: uuid
nullable: true
required:
- component
- meta_model_name
- mode
- name
- pk
- verbose_name
- verbose_name_plural
RedirectStageModeEnum:
enum:
- static
- flow
type: string
RedirectStageRequest:
type: object
description: RedirectStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
keep_context:
type: boolean
mode:
$ref: '#/components/schemas/RedirectStageModeEnum'
target_static:
type: string
target_flow:
type: string
format: uuid
nullable: true
required:
- mode
- name
RedirectURI:
type: object
description: A single allowed redirect URI entry
properties:
matching_mode:
$ref: '#/components/schemas/MatchingModeEnum'
url:
type: string
required:
- matching_mode
- url
RedirectURIRequest:
type: object
description: A single allowed redirect URI entry
properties:
matching_mode:
$ref: '#/components/schemas/MatchingModeEnum'
url:
type: string
minLength: 1
required:
- matching_mode
- url
Reputation:
type: object
description: Reputation Serializer
properties:
pk:
type: string
format: uuid
title: Reputation uuid
identifier:
type: string
ip:
type: string
ip_geo_data: {}
ip_asn_data: {}
score:
type: integer
maximum: 9223372036854775807
minimum: -9223372036854775808
format: int64
updated:
type: string
format: date-time
readOnly: true
required:
- identifier
- ip
- updated
ReputationPolicy:
type: object
description: Reputation Policy Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Policy uuid
name:
type: string
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
bound_to:
type: integer
description: Return objects policy is bound to
readOnly: true
check_ip:
type: boolean
check_username:
type: boolean
threshold:
type: integer
maximum: 2147483647
minimum: -2147483648
required:
- bound_to
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
ReputationPolicyRequest:
type: object
description: Reputation Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
check_ip:
type: boolean
check_username:
type: boolean
threshold:
type: integer
maximum: 2147483647
minimum: -2147483648
required:
- name
ResidentKeyRequirementEnum:
enum:
- discouraged
- preferred
- required
type: string
Role:
type: object
description: Role serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Uuid
name:
type: string
maxLength: 150
required:
- name
- pk
RoleAssignedObjectPermission:
type: object
description: Roles assigned object permission serializer
properties:
role_pk:
type: string
readOnly: true
name:
type: string
readOnly: true
permissions:
type: array
items:
$ref: '#/components/schemas/RoleObjectPermission'
required:
- name
- permissions
- role_pk
RoleObjectPermission:
type: object
description: Role-bound object level permission
properties:
id:
type: integer
readOnly: true
codename:
type: string
readOnly: true
model:
type: string
title: Python model class name
readOnly: true
app_label:
type: string
readOnly: true
object_pk:
type: string
name:
type: string
readOnly: true
required:
- app_label
- codename
- id
- model
- name
- object_pk
RoleRequest:
type: object
description: Role serializer
properties:
name:
type: string
minLength: 1
maxLength: 150
required:
- name
SAMLMetadata:
type: object
description: SAML Provider Metadata serializer
properties:
metadata:
type: string
readOnly: true
download_url:
type: string
readOnly: true
required:
- download_url
- metadata
SAMLPropertyMapping:
type: object
description: SAMLPropertyMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
saml_name:
type: string
friendly_name:
type: string
nullable: true
required:
- component
- expression
- meta_model_name
- name
- pk
- saml_name
- verbose_name
- verbose_name_plural
SAMLPropertyMappingRequest:
type: object
description: SAMLPropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
saml_name:
type: string
minLength: 1
friendly_name:
type: string
nullable: true
required:
- expression
- name
- saml_name
SAMLProvider:
type: object
description: SAMLProvider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
assigned_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_application_name:
type: string
description: Application's display Name.
readOnly: true
assigned_backchannel_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_backchannel_application_name:
type: string
description: Application's display Name.
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
acs_url:
type: string
format: uri
audience:
type: string
description: Value of the audience restriction field of the assertion. When
left empty, no audience restriction will be added.
issuer:
type: string
description: Also known as EntityID
assertion_valid_not_before:
type: string
description: 'Assertion valid not before current time + this value (Format:
hours=-1;minutes=-2;seconds=-3).'
assertion_valid_not_on_or_after:
type: string
description: 'Assertion not valid on or after current time + this value
(Format: hours=1;minutes=2;seconds=3).'
session_valid_not_on_or_after:
type: string
description: 'Session not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
name_id_mapping:
type: string
format: uuid
nullable: true
title: NameID Property Mapping
description: Configure how the NameID value will be created. When left empty,
the NameIDPolicy of the incoming request will be considered
authn_context_class_ref_mapping:
type: string
format: uuid
nullable: true
title: AuthnContextClassRef Property Mapping
description: Configure how the AuthnContextClassRef value will be created.
When left empty, the AuthnContextClassRef will be set based on which authentication
methods the user used to authenticate.
digest_algorithm:
$ref: '#/components/schemas/DigestAlgorithmEnum'
signature_algorithm:
$ref: '#/components/schemas/SignatureAlgorithmEnum'
signing_kp:
type: string
format: uuid
nullable: true
title: Signing Keypair
description: Keypair used to sign outgoing Responses going to the Service
Provider.
verification_kp:
type: string
format: uuid
nullable: true
title: Verification Certificate
description: When selected, incoming assertion's Signatures will be validated
against this certificate. To allow unsigned Requests, leave on default.
encryption_kp:
type: string
format: uuid
nullable: true
title: Encryption Keypair
description: When selected, incoming assertions are encrypted by the IdP
using the public key of the encryption keypair. The assertion is decrypted
by the SP using the the private key.
sign_assertion:
type: boolean
sign_response:
type: boolean
sp_binding:
allOf:
- $ref: '#/components/schemas/SpBindingEnum'
title: Service Provider Binding
description: This determines how authentik sends the response back to the
Service Provider.
default_relay_state:
type: string
description: Default relay_state value for IDP-initiated logins
url_download_metadata:
type: string
description: Get metadata download URL
readOnly: true
url_sso_post:
type: string
description: Get SSO Post URL
readOnly: true
url_sso_redirect:
type: string
description: Get SSO Redirect URL
readOnly: true
url_sso_init:
type: string
description: Get SSO IDP-Initiated URL
readOnly: true
url_slo_post:
type: string
description: Get SLO POST URL
readOnly: true
url_slo_redirect:
type: string
description: Get SLO redirect URL
readOnly: true
required:
- acs_url
- assigned_application_name
- assigned_application_slug
- assigned_backchannel_application_name
- assigned_backchannel_application_slug
- authorization_flow
- component
- invalidation_flow
- meta_model_name
- name
- pk
- url_download_metadata
- url_slo_post
- url_slo_redirect
- url_sso_init
- url_sso_post
- url_sso_redirect
- verbose_name
- verbose_name_plural
SAMLProviderImportRequest:
type: object
description: Import saml provider from XML Metadata
properties:
name:
type: string
minLength: 1
authorization_flow:
type: string
format: uuid
invalidation_flow:
type: string
format: uuid
file:
type: string
format: binary
required:
- authorization_flow
- file
- invalidation_flow
- name
SAMLProviderRequest:
type: object
description: SAMLProvider Serializer
properties:
name:
type: string
minLength: 1
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow used for authentication when the associated application
is accessed by an un-authenticated user.
authorization_flow:
type: string
format: uuid
description: Flow used when authorizing this provider.
invalidation_flow:
type: string
format: uuid
description: Flow used ending the session from a provider.
property_mappings:
type: array
items:
type: string
format: uuid
acs_url:
type: string
minLength: 1
format: uri
audience:
type: string
description: Value of the audience restriction field of the assertion. When
left empty, no audience restriction will be added.
issuer:
type: string
minLength: 1
description: Also known as EntityID
assertion_valid_not_before:
type: string
minLength: 1
description: 'Assertion valid not before current time + this value (Format:
hours=-1;minutes=-2;seconds=-3).'
assertion_valid_not_on_or_after:
type: string
minLength: 1
description: 'Assertion not valid on or after current time + this value
(Format: hours=1;minutes=2;seconds=3).'
session_valid_not_on_or_after:
type: string
minLength: 1
description: 'Session not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
name_id_mapping:
type: string
format: uuid
nullable: true
title: NameID Property Mapping
description: Configure how the NameID value will be created. When left empty,
the NameIDPolicy of the incoming request will be considered
authn_context_class_ref_mapping:
type: string
format: uuid
nullable: true
title: AuthnContextClassRef Property Mapping
description: Configure how the AuthnContextClassRef value will be created.
When left empty, the AuthnContextClassRef will be set based on which authentication
methods the user used to authenticate.
digest_algorithm:
$ref: '#/components/schemas/DigestAlgorithmEnum'
signature_algorithm:
$ref: '#/components/schemas/SignatureAlgorithmEnum'
signing_kp:
type: string
format: uuid
nullable: true
title: Signing Keypair
description: Keypair used to sign outgoing Responses going to the Service
Provider.
verification_kp:
type: string
format: uuid
nullable: true
title: Verification Certificate
description: When selected, incoming assertion's Signatures will be validated
against this certificate. To allow unsigned Requests, leave on default.
encryption_kp:
type: string
format: uuid
nullable: true
title: Encryption Keypair
description: When selected, incoming assertions are encrypted by the IdP
using the public key of the encryption keypair. The assertion is decrypted
by the SP using the the private key.
sign_assertion:
type: boolean
sign_response:
type: boolean
sp_binding:
allOf:
- $ref: '#/components/schemas/SpBindingEnum'
title: Service Provider Binding
description: This determines how authentik sends the response back to the
Service Provider.
default_relay_state:
type: string
description: Default relay_state value for IDP-initiated logins
required:
- acs_url
- authorization_flow
- invalidation_flow
- name
SAMLSource:
type: object
description: SAMLSource Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pbm uuid
name:
type: string
description: Source's display Name.
slug:
type: string
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
readOnly: true
user_path_template:
type: string
icon:
type: string
readOnly: true
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
pre_authentication_flow:
type: string
format: uuid
description: Flow used before authentication.
issuer:
type: string
description: Also known as Entity ID. Defaults the Metadata URL.
sso_url:
type: string
description: URL that the initial Login request is sent to.
format: uri
slo_url:
type: string
nullable: true
description: Optional URL if your IDP supports Single-Logout.
format: uri
allow_idp_initiated:
type: boolean
description: Allows authentication flows initiated by the IdP. This can
be a security risk, as no validation of the request ID is done.
name_id_policy:
allOf:
- $ref: '#/components/schemas/NameIdPolicyEnum'
description: NameID Policy sent to the IdP. Can be unset, in which case
no Policy is sent.
binding_type:
$ref: '#/components/schemas/BindingTypeEnum'
verification_kp:
type: string
format: uuid
nullable: true
title: Verification Certificate
description: When selected, incoming assertion's Signatures will be validated
against this certificate. To allow unsigned Requests, leave on default.
signing_kp:
type: string
format: uuid
nullable: true
title: Signing Keypair
description: Keypair used to sign outgoing Responses going to the Identity
Provider.
digest_algorithm:
$ref: '#/components/schemas/DigestAlgorithmEnum'
signature_algorithm:
$ref: '#/components/schemas/SignatureAlgorithmEnum'
temporary_user_delete_after:
type: string
title: Delete temporary users after
description: 'Time offset when temporary users should be deleted. This only
applies if your IDP uses the NameID Format ''transient'', and the user
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
encryption_kp:
type: string
format: uuid
nullable: true
title: Encryption Keypair
description: When selected, incoming assertions are encrypted by the IdP
using the public key of the encryption keypair. The assertion is decrypted
by the SP using the the private key.
required:
- component
- icon
- managed
- meta_model_name
- name
- pk
- pre_authentication_flow
- slug
- sso_url
- verbose_name
- verbose_name_plural
SAMLSourcePropertyMapping:
type: object
description: SAMLSourcePropertyMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
SAMLSourcePropertyMappingRequest:
type: object
description: SAMLSourcePropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
required:
- expression
- name
SAMLSourceRequest:
type: object
description: SAMLSource Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
user_path_template:
type: string
minLength: 1
group_matching_mode:
allOf:
- $ref: '#/components/schemas/GroupMatchingModeEnum'
description: How the source determines if an existing group should be used
or a new group created.
pre_authentication_flow:
type: string
format: uuid
description: Flow used before authentication.
issuer:
type: string
description: Also known as Entity ID. Defaults the Metadata URL.
sso_url:
type: string
minLength: 1
description: URL that the initial Login request is sent to.
format: uri
slo_url:
type: string
nullable: true
description: Optional URL if your IDP supports Single-Logout.
format: uri
allow_idp_initiated:
type: boolean
description: Allows authentication flows initiated by the IdP. This can
be a security risk, as no validation of the request ID is done.
name_id_policy:
allOf:
- $ref: '#/components/schemas/NameIdPolicyEnum'
description: NameID Policy sent to the IdP. Can be unset, in which case
no Policy is sent.
binding_type:
$ref: '#/components/schemas/BindingTypeEnum'
verification_kp:
type: string
format: uuid
nullable: true
title: Verification Certificate
description: When selected, incoming assertion's Signatures will be validated
against this certificate. To allow unsigned Requests, leave on default.
signing_kp:
type: string
format: uuid
nullable: true
title: Signing Keypair
description: Keypair used to sign outgoing Responses going to the Identity
Provider.
digest_algorithm:
$ref: '#/components/schemas/DigestAlgorithmEnum'
signature_algorithm:
$ref: '#/components/schemas/SignatureAlgorithmEnum'
temporary_user_delete_after:
type: string
minLength: 1
title: Delete temporary users after
description: 'Time offset when temporary users should be deleted. This only
applies if your IDP uses the NameID Format ''transient'', and the user
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
encryption_kp:
type: string
format: uuid
nullable: true
title: Encryption Keypair
description: When selected, incoming assertions are encrypted by the IdP
using the public key of the encryption keypair. The assertion is decrypted
by the SP using the the private key.
required:
- name
- pre_authentication_flow
- slug
- sso_url
SCIMMapping:
type: object
description: SCIMMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
SCIMMappingRequest:
type: object
description: SCIMMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
required:
- expression
- name
SCIMProvider:
type: object
description: SCIMProvider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
property_mappings:
type: array
items:
type: string
format: uuid
property_mappings_group:
type: array
items:
type: string
format: uuid
description: Property mappings used for group creation/updating.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
assigned_backchannel_application_slug:
type: string
description: Internal application name, used in URLs.
readOnly: true
assigned_backchannel_application_name:
type: string
description: Application's display Name.
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
url:
type: string
description: Base URL to SCIM requests, usually ends in /v2
verify_certificates:
type: boolean
token:
type: string
description: Authentication token
compatibility_mode:
allOf:
- $ref: '#/components/schemas/CompatibilityModeEnum'
title: SCIM Compatibility Mode
description: Alter authentik behavior for vendor-specific SCIM implementations.
exclude_users_service_account:
type: boolean
filter_group:
type: string
format: uuid
nullable: true
dry_run:
type: boolean
description: When enabled, provider will not modify or create objects in
the remote system.
required:
- assigned_backchannel_application_name
- assigned_backchannel_application_slug
- component
- meta_model_name
- name
- pk
- token
- url
- verbose_name
- verbose_name_plural
SCIMProviderGroup:
type: object
description: SCIMProviderGroup Serializer
properties:
id:
type: string
format: uuid
readOnly: true
scim_id:
type: string
group:
type: string
format: uuid
group_obj:
allOf:
- $ref: '#/components/schemas/UserGroup'
readOnly: true
provider:
type: integer
attributes:
readOnly: true
required:
- attributes
- group
- group_obj
- id
- provider
- scim_id
SCIMProviderGroupRequest:
type: object
description: SCIMProviderGroup Serializer
properties:
scim_id:
type: string
minLength: 1
group:
type: string
format: uuid
provider:
type: integer
required:
- group
- provider
- scim_id
SCIMProviderRequest:
type: object
description: SCIMProvider Serializer
properties:
name:
type: string
minLength: 1
property_mappings:
type: array
items:
type: string
format: uuid
property_mappings_group:
type: array
items:
type: string
format: uuid
description: Property mappings used for group creation/updating.
url:
type: string
minLength: 1
description: Base URL to SCIM requests, usually ends in /v2
verify_certificates:
type: boolean
token:
type: string
minLength: 1
description: Authentication token
compatibility_mode:
allOf:
- $ref: '#/components/schemas/CompatibilityModeEnum'
title: SCIM Compatibility Mode
description: Alter authentik behavior for vendor-specific SCIM implementations.
exclude_users_service_account:
type: boolean
filter_group:
type: string
format: uuid
nullable: true
dry_run:
type: boolean
description: When enabled, provider will not modify or create objects in
the remote system.
required:
- name
- token
- url
SCIMProviderUser:
type: object
description: SCIMProviderUser Serializer
properties:
id:
type: string
format: uuid
readOnly: true
scim_id:
type: string
user:
type: integer
user_obj:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
provider:
type: integer
attributes:
readOnly: true
required:
- attributes
- id
- provider
- scim_id
- user
- user_obj
SCIMProviderUserRequest:
type: object
description: SCIMProviderUser Serializer
properties:
scim_id:
type: string
minLength: 1
user:
type: integer
provider:
type: integer
required:
- provider
- scim_id
- user
SCIMSource:
type: object
description: SCIMSource Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pbm uuid
name:
type: string
description: Source's display Name.
slug:
type: string
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
readOnly: true
user_path_template:
type: string
root_url:
type: string
description: Get Root URL
readOnly: true
token_obj:
allOf:
- $ref: '#/components/schemas/Token'
readOnly: true
required:
- component
- managed
- meta_model_name
- name
- pk
- root_url
- slug
- token_obj
- verbose_name
- verbose_name_plural
SCIMSourceGroup:
type: object
description: SCIMSourceGroup Serializer
properties:
id:
type: string
group:
type: string
format: uuid
group_obj:
allOf:
- $ref: '#/components/schemas/UserGroup'
readOnly: true
source:
type: string
format: uuid
attributes: {}
required:
- group
- group_obj
- id
- source
SCIMSourceGroupRequest:
type: object
description: SCIMSourceGroup Serializer
properties:
id:
type: string
minLength: 1
group:
type: string
format: uuid
source:
type: string
format: uuid
attributes: {}
required:
- group
- id
- source
SCIMSourcePropertyMapping:
type: object
description: SCIMSourcePropertyMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- expression
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
SCIMSourcePropertyMappingRequest:
type: object
description: SCIMSourcePropertyMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
required:
- expression
- name
SCIMSourceRequest:
type: object
description: SCIMSource Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
user_path_template:
type: string
minLength: 1
required:
- name
- slug
SCIMSourceUser:
type: object
description: SCIMSourceUser Serializer
properties:
id:
type: string
user:
type: integer
user_obj:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
source:
type: string
format: uuid
attributes: {}
required:
- id
- source
- user
- user_obj
SCIMSourceUserRequest:
type: object
description: SCIMSourceUser Serializer
properties:
id:
type: string
minLength: 1
user:
type: integer
source:
type: string
format: uuid
attributes: {}
required:
- id
- source
- user
SMSDevice:
type: object
description: Serializer for sms authenticator devices
properties:
name:
type: string
description: The human-readable name of this device.
maxLength: 64
pk:
type: integer
readOnly: true
title: ID
phone_number:
type: string
readOnly: true
user:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
required:
- name
- phone_number
- pk
- user
SMSDeviceRequest:
type: object
description: Serializer for sms authenticator devices
properties:
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
required:
- name
SSFProvider:
type: object
description: SSFProvider Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
signing_key:
type: string
format: uuid
description: Key used to sign the SSF Events.
token_obj:
allOf:
- $ref: '#/components/schemas/Token'
readOnly: true
oidc_auth_providers:
type: array
items:
type: integer
ssf_url:
type: string
nullable: true
readOnly: true
event_retention:
type: string
required:
- component
- meta_model_name
- name
- pk
- signing_key
- ssf_url
- token_obj
- verbose_name
- verbose_name_plural
SSFProviderRequest:
type: object
description: SSFProvider Serializer
properties:
name:
type: string
minLength: 1
signing_key:
type: string
format: uuid
description: Key used to sign the SSF Events.
oidc_auth_providers:
type: array
items:
type: integer
event_retention:
type: string
minLength: 1
required:
- name
- signing_key
SSFStream:
type: object
description: SSFStream Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Uuid
provider:
type: integer
provider_obj:
allOf:
- $ref: '#/components/schemas/SSFProvider'
readOnly: true
delivery_method:
$ref: '#/components/schemas/DeliveryMethodEnum'
endpoint_url:
type: string
nullable: true
events_requested:
type: array
items:
$ref: '#/components/schemas/EventsRequestedEnum'
format:
type: string
aud:
type: array
items:
type: string
iss:
type: string
required:
- delivery_method
- format
- iss
- pk
- provider
- provider_obj
ScopeMapping:
type: object
description: ScopeMapping Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pm uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
expression:
type: string
component:
type: string
description: Get object's component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
scope_name:
type: string
description: Scope name requested by the client
description:
type: string
description: Description shown to the user when consenting. If left empty,
the user won't be informed.
required:
- component
- expression
- meta_model_name
- name
- pk
- scope_name
- verbose_name
- verbose_name_plural
ScopeMappingRequest:
type: object
description: ScopeMapping Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
name:
type: string
minLength: 1
expression:
type: string
minLength: 1
scope_name:
type: string
minLength: 1
description: Scope name requested by the client
description:
type: string
description: Description shown to the user when consenting. If left empty,
the user won't be informed.
required:
- expression
- name
- scope_name
SelectableStage:
type: object
description: Serializer for stages which can be selected by users
properties:
pk:
type: string
format: uuid
name:
type: string
verbose_name:
type: string
meta_model_name:
type: string
required:
- meta_model_name
- name
- pk
- verbose_name
ServiceConnection:
type: object
description: ServiceConnection Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Uuid
name:
type: string
local:
type: boolean
description: If enabled, use the local connection. Required Docker socket/Kubernetes
Integration
component:
type: string
description: Return component used to edit this object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
ServiceConnectionRequest:
type: object
description: ServiceConnection Serializer
properties:
name:
type: string
minLength: 1
local:
type: boolean
description: If enabled, use the local connection. Required Docker socket/Kubernetes
Integration
required:
- name
ServiceConnectionState:
type: object
description: Serializer for Service connection state
properties:
healthy:
type: boolean
readOnly: true
version:
type: string
readOnly: true
required:
- healthy
- version
SessionEndChallenge:
type: object
description: Challenge for ending a session
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-session-end
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
application_name:
type: string
application_launch_url:
type: string
invalidation_flow_url:
type: string
brand_name:
type: string
required:
- brand_name
- pending_user
- pending_user_avatar
SessionUser:
type: object
description: |-
Response for the /user/me endpoint, returns the currently active user (as `user` property)
and, if this user is being impersonated, the original user in the `original` property.
properties:
user:
$ref: '#/components/schemas/UserSelf'
original:
$ref: '#/components/schemas/UserSelf'
required:
- user
Settings:
type: object
description: Settings Serializer
properties:
avatars:
type: string
description: Configure how authentik should show avatars for users.
default_user_change_name:
type: boolean
description: Enable the ability for users to change their name.
default_user_change_email:
type: boolean
description: Enable the ability for users to change their email address.
default_user_change_username:
type: boolean
description: Enable the ability for users to change their username.
event_retention:
type: string
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
reputation_lower_limit:
type: integer
maximum: 0
minimum: -2147483648
description: Reputation cannot decrease lower than this value. Zero or negative.
reputation_upper_limit:
type: integer
maximum: 2147483647
minimum: 0
description: Reputation cannot increase higher than this value. Zero or
positive.
footer_links:
description: The option configures the footer links on the flow executor
pages.
gdpr_compliance:
type: boolean
description: When enabled, all the events caused by a user will be deleted
upon the user's deletion.
impersonation:
type: boolean
description: Globally enable/disable impersonation.
impersonation_require_reason:
type: boolean
description: Require administrators to provide a reason for impersonating
a user.
default_token_duration:
type: string
description: Default token duration
default_token_length:
type: integer
maximum: 2147483647
minimum: 1
description: Default token length
SettingsRequest:
type: object
description: Settings Serializer
properties:
avatars:
type: string
minLength: 1
description: Configure how authentik should show avatars for users.
default_user_change_name:
type: boolean
description: Enable the ability for users to change their name.
default_user_change_email:
type: boolean
description: Enable the ability for users to change their email address.
default_user_change_username:
type: boolean
description: Enable the ability for users to change their username.
event_retention:
type: string
minLength: 1
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
reputation_lower_limit:
type: integer
maximum: 0
minimum: -2147483648
description: Reputation cannot decrease lower than this value. Zero or negative.
reputation_upper_limit:
type: integer
maximum: 2147483647
minimum: 0
description: Reputation cannot increase higher than this value. Zero or
positive.
footer_links:
description: The option configures the footer links on the flow executor
pages.
gdpr_compliance:
type: boolean
description: When enabled, all the events caused by a user will be deleted
upon the user's deletion.
impersonation:
type: boolean
description: Globally enable/disable impersonation.
impersonation_require_reason:
type: boolean
description: Require administrators to provide a reason for impersonating
a user.
default_token_duration:
type: string
minLength: 1
description: Default token duration
default_token_length:
type: integer
maximum: 2147483647
minimum: 1
description: Default token length
SeverityEnum:
enum:
- notice
- warning
- alert
type: string
ShellChallenge:
type: object
description: challenge type to render HTML as-is
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: xak-flow-shell
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
body:
type: string
required:
- body
SignatureAlgorithmEnum:
enum:
- http://www.w3.org/2000/09/xmldsig#rsa-sha1
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512
- http://www.w3.org/2000/09/xmldsig#dsa-sha1
type: string
Source:
type: object
description: Source Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Pbm uuid
name:
type: string
description: Source's display Name.
slug:
type: string
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
readOnly: true
user_path_template:
type: string
icon:
type: string
nullable: true
description: |-
Get the URL to the Icon. If the name is /static or
starts with http it is returned as-is
readOnly: true
required:
- component
- icon
- managed
- meta_model_name
- name
- pk
- slug
- verbose_name
- verbose_name_plural
SourceRequest:
type: object
description: Source Serializer
properties:
name:
type: string
minLength: 1
description: Source's display Name.
slug:
type: string
minLength: 1
description: Internal source name, used in URLs.
maxLength: 50
pattern: ^[-a-zA-Z0-9_]+$
enabled:
type: boolean
authentication_flow:
type: string
format: uuid
nullable: true
description: Flow to use when authenticating existing users.
enrollment_flow:
type: string
format: uuid
nullable: true
description: Flow to use when enrolling new users.
user_property_mappings:
type: array
items:
type: string
format: uuid
group_property_mappings:
type: array
items:
type: string
format: uuid
policy_engine_mode:
$ref: '#/components/schemas/PolicyEngineMode'
user_matching_mode:
allOf:
- $ref: '#/components/schemas/UserMatchingModeEnum'
description: How the source determines if an existing user should be authenticated
or a new user enrolled.
user_path_template:
type: string
minLength: 1
required:
- name
- slug
SourceStage:
type: object
description: SourceStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
source:
type: string
format: uuid
resume_timeout:
type: string
description: 'Amount of time a user can take to return from the source to
continue the flow (Format: hours=-1;minutes=-2;seconds=-3)'
required:
- component
- meta_model_name
- name
- pk
- source
- verbose_name
- verbose_name_plural
SourceStageRequest:
type: object
description: SourceStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
source:
type: string
format: uuid
resume_timeout:
type: string
minLength: 1
description: 'Amount of time a user can take to return from the source to
continue the flow (Format: hours=-1;minutes=-2;seconds=-3)'
required:
- name
- source
SourceType:
type: object
description: Serializer for SourceType
properties:
name:
type: string
verbose_name:
type: string
urls_customizable:
type: boolean
request_token_url:
type: string
readOnly: true
nullable: true
authorization_url:
type: string
readOnly: true
nullable: true
access_token_url:
type: string
readOnly: true
nullable: true
profile_url:
type: string
readOnly: true
nullable: true
oidc_well_known_url:
type: string
readOnly: true
nullable: true
oidc_jwks_url:
type: string
readOnly: true
nullable: true
required:
- access_token_url
- authorization_url
- name
- oidc_jwks_url
- oidc_well_known_url
- profile_url
- request_token_url
- urls_customizable
- verbose_name
SpBindingEnum:
enum:
- redirect
- post
type: string
Stage:
type: object
description: Stage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
StagePrompt:
type: object
description: Serializer for a single Prompt field
properties:
field_key:
type: string
label:
type: string
type:
$ref: '#/components/schemas/PromptTypeEnum'
required:
type: boolean
placeholder:
type: string
initial_value:
type: string
order:
type: integer
sub_text:
type: string
choices:
type: array
items:
type: string
nullable: true
required:
- choices
- field_key
- initial_value
- label
- order
- placeholder
- required
- sub_text
- type
StageRequest:
type: object
description: Stage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
required:
- name
StaticDevice:
type: object
description: Serializer for static authenticator devices
properties:
name:
type: string
description: The human-readable name of this device.
maxLength: 64
token_set:
type: array
items:
$ref: '#/components/schemas/StaticDeviceToken'
readOnly: true
pk:
type: integer
readOnly: true
title: ID
user:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
required:
- name
- pk
- token_set
- user
StaticDeviceRequest:
type: object
description: Serializer for static authenticator devices
properties:
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
required:
- name
StaticDeviceToken:
type: object
description: Serializer for static device's tokens
properties:
token:
type: string
maxLength: 16
required:
- token
StaticDeviceTokenRequest:
type: object
description: Serializer for static device's tokens
properties:
token:
type: string
minLength: 1
maxLength: 16
required:
- token
SubModeEnum:
enum:
- hashed_user_id
- user_id
- user_uuid
- user_username
- user_email
- user_upn
type: string
SyncObjectModelEnum:
enum:
- authentik.core.models.User
- authentik.core.models.Group
type: string
SyncObjectRequest:
type: object
description: Sync object serializer
properties:
sync_object_model:
$ref: '#/components/schemas/SyncObjectModelEnum'
sync_object_id:
type: string
minLength: 1
override_dry_run:
type: boolean
default: false
required:
- sync_object_id
- sync_object_model
SyncObjectResult:
type: object
description: Result of a single object sync
properties:
messages:
type: array
items:
$ref: '#/components/schemas/LogEvent'
readOnly: true
required:
- messages
SyncStatus:
type: object
description: Provider sync status
properties:
is_running:
type: boolean
readOnly: true
tasks:
type: array
items:
$ref: '#/components/schemas/SystemTask'
readOnly: true
required:
- is_running
- tasks
SystemInfo:
type: object
description: Get system information.
properties:
http_headers:
type: object
additionalProperties:
type: string
description: Get HTTP Request headers
readOnly: true
http_host:
type: string
description: Get HTTP host
readOnly: true
http_is_secure:
type: boolean
description: Get HTTP Secure flag
readOnly: true
runtime:
type: object
description: Get versions
properties:
python_version:
type: string
environment:
type: string
architecture:
type: string
platform:
type: string
uname:
type: string
openssl_version:
type: string
openssl_fips_enabled:
type: boolean
nullable: true
authentik_version:
type: string
required:
- architecture
- authentik_version
- environment
- openssl_fips_enabled
- openssl_version
- platform
- python_version
- uname
readOnly: true
brand:
type: string
description: Currently active brand
readOnly: true
server_time:
type: string
format: date-time
description: Current server time
readOnly: true
embedded_outpost_disabled:
type: boolean
description: Whether the embedded outpost is disabled
readOnly: true
embedded_outpost_host:
type: string
description: Get the FQDN configured on the embedded outpost
readOnly: true
required:
- brand
- embedded_outpost_disabled
- embedded_outpost_host
- http_headers
- http_host
- http_is_secure
- runtime
- server_time
SystemTask:
type: object
description: Serialize TaskInfo and TaskResult
properties:
uuid:
type: string
format: uuid
readOnly: true
name:
type: string
full_name:
type: string
description: Get full name with UID
readOnly: true
uid:
type: string
description:
type: string
start_timestamp:
type: string
format: date-time
readOnly: true
finish_timestamp:
type: string
format: date-time
readOnly: true
duration:
type: number
format: double
readOnly: true
status:
$ref: '#/components/schemas/SystemTaskStatusEnum'
messages:
type: array
items:
$ref: '#/components/schemas/LogEvent'
expires:
type: string
format: date-time
nullable: true
expiring:
type: boolean
required:
- description
- duration
- finish_timestamp
- full_name
- messages
- name
- start_timestamp
- status
- uuid
SystemTaskStatusEnum:
enum:
- unknown
- successful
- warning
- error
type: string
TOTPDevice:
type: object
description: Serializer for totp authenticator devices
properties:
name:
type: string
description: The human-readable name of this device.
maxLength: 64
pk:
type: integer
readOnly: true
title: ID
user:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
required:
- name
- pk
- user
TOTPDeviceRequest:
type: object
description: Serializer for totp authenticator devices
properties:
name:
type: string
minLength: 1
description: The human-readable name of this device.
maxLength: 64
required:
- name
Tenant:
type: object
description: Tenant Serializer
properties:
tenant_uuid:
type: string
format: uuid
readOnly: true
schema_name:
type: string
maxLength: 63
name:
type: string
ready:
type: boolean
required:
- name
- schema_name
- tenant_uuid
TenantAdminGroupRequestRequest:
type: object
description: Tenant admin group creation request serializer
properties:
user:
type: string
minLength: 1
required:
- user
TenantRecoveryKeyRequestRequest:
type: object
description: Tenant recovery key creation request serializer
properties:
user:
type: string
minLength: 1
duration_days:
type: integer
required:
- duration_days
- user
TenantRecoveryKeyResponse:
type: object
description: Tenant recovery key creation response serializer
properties:
expiry:
type: string
format: date-time
url:
type: string
required:
- expiry
- url
TenantRequest:
type: object
description: Tenant Serializer
properties:
schema_name:
type: string
minLength: 1
maxLength: 63
name:
type: string
minLength: 1
ready:
type: boolean
required:
- name
- schema_name
Token:
type: object
description: Token Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Token uuid
managed:
type: string
nullable: true
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
identifier:
type: string
maxLength: 255
pattern: ^[-a-zA-Z0-9_]+$
intent:
$ref: '#/components/schemas/IntentEnum'
user:
type: integer
user_obj:
allOf:
- $ref: '#/components/schemas/User'
readOnly: true
description:
type: string
expires:
type: string
format: date-time
nullable: true
expiring:
type: boolean
required:
- identifier
- pk
- user_obj
TokenModel:
type: object
description: Serializer for BaseGrantModel and RefreshToken
properties:
pk:
type: integer
readOnly: true
title: ID
provider:
$ref: '#/components/schemas/OAuth2Provider'
user:
$ref: '#/components/schemas/User'
is_expired:
type: boolean
description: Check if token is expired yet.
readOnly: true
expires:
type: string
format: date-time
nullable: true
scope:
type: array
items:
type: string
id_token:
type: string
description: Get the token's id_token as JSON String
readOnly: true
revoked:
type: boolean
required:
- id_token
- is_expired
- pk
- provider
- scope
- user
TokenRequest:
type: object
description: Token Serializer
properties:
managed:
type: string
nullable: true
minLength: 1
title: Managed by authentik
description: Objects that are managed by authentik. These objects are created
and updated automatically. This flag only indicates that an object can
be overwritten by migrations. You can still modify the objects via the
API, but expect changes to be overwritten in a later update.
identifier:
type: string
minLength: 1
maxLength: 255
pattern: ^[-a-zA-Z0-9_]+$
intent:
$ref: '#/components/schemas/IntentEnum'
user:
type: integer
description:
type: string
expires:
type: string
format: date-time
nullable: true
expiring:
type: boolean
required:
- identifier
TokenSetKeyRequest:
type: object
properties:
key:
type: string
minLength: 1
required:
- key
TokenView:
type: object
description: Show token's current key
properties:
key:
type: string
readOnly: true
required:
- key
TransactionApplicationRequest:
type: object
description: Serializer for creating a provider and an application in one transaction
properties:
app:
$ref: '#/components/schemas/ApplicationRequest'
provider_model:
$ref: '#/components/schemas/ProviderModelEnum'
provider:
$ref: '#/components/schemas/modelRequest'
policy_bindings:
type: array
items:
$ref: '#/components/schemas/TransactionPolicyBindingRequest'
required:
- app
- provider
- provider_model
TransactionApplicationResponse:
type: object
description: Transactional creation response
properties:
applied:
type: boolean
logs:
type: array
items:
type: string
required:
- applied
- logs
TransactionPolicyBindingRequest:
type: object
description: PolicyBindingSerializer which does not require target as target
is set implicitly
properties:
policy:
type: string
format: uuid
nullable: true
group:
type: string
format: uuid
nullable: true
user:
type: integer
nullable: true
negate:
type: boolean
description: Negates the outcome of the policy. Messages are unaffected.
enabled:
type: boolean
order:
type: integer
maximum: 2147483647
minimum: -2147483648
timeout:
type: integer
maximum: 2147483647
minimum: 0
description: Timeout after which Policy execution is terminated.
failure_result:
type: boolean
description: Result if the Policy execution fails.
required:
- order
TypeCreate:
type: object
description: Types of an object that can be created
properties:
name:
type: string
description:
type: string
component:
type: string
model_name:
type: string
icon_url:
type: string
requires_enterprise:
type: boolean
default: false
required:
- component
- description
- model_name
- name
UiThemeEnum:
enum:
- automatic
- light
- dark
type: string
UniquePasswordPolicy:
type: object
description: Password Uniqueness Policy Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Policy uuid
name:
type: string
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
component:
type: string
description: Get object component so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
bound_to:
type: integer
description: Return objects policy is bound to
readOnly: true
password_field:
type: string
description: Field key to check, field keys defined in Prompt stages are
available.
num_historical_passwords:
type: integer
maximum: 2147483647
minimum: 0
description: Number of passwords to check against.
required:
- bound_to
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
UniquePasswordPolicyRequest:
type: object
description: Password Uniqueness Policy Serializer
properties:
name:
type: string
minLength: 1
execution_logging:
type: boolean
description: When this option is enabled, all executions of this policy
will be logged. By default, only execution errors are logged.
password_field:
type: string
minLength: 1
description: Field key to check, field keys defined in Prompt stages are
available.
num_historical_passwords:
type: integer
maximum: 2147483647
minimum: 0
description: Number of passwords to check against.
required:
- name
UsedBy:
type: object
description: A list of all objects referencing the queried object
properties:
app:
type: string
model_name:
type: string
pk:
type: string
name:
type: string
action:
$ref: '#/components/schemas/UsedByActionEnum'
required:
- action
- app
- model_name
- name
- pk
UsedByActionEnum:
enum:
- cascade
- cascade_many
- set_null
- set_default
type: string
User:
type: object
description: User Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
username:
type: string
maxLength: 150
name:
type: string
description: User's display name.
is_active:
type: boolean
title: Active
description: Designates whether this user should be treated as active. Unselect
this instead of deleting accounts.
last_login:
type: string
format: date-time
nullable: true
date_joined:
type: string
format: date-time
readOnly: true
is_superuser:
type: boolean
readOnly: true
groups:
type: array
items:
type: string
format: uuid
groups_obj:
type: array
items:
$ref: '#/components/schemas/UserGroup'
readOnly: true
nullable: true
email:
type: string
format: email
title: Email address
maxLength: 254
avatar:
type: string
description: User's avatar, either a http/https URL or a data URI
readOnly: true
attributes:
type: object
additionalProperties: {}
uid:
type: string
readOnly: true
path:
type: string
type:
$ref: '#/components/schemas/UserTypeEnum'
uuid:
type: string
format: uuid
readOnly: true
password_change_date:
type: string
format: date-time
readOnly: true
required:
- avatar
- date_joined
- groups_obj
- is_superuser
- name
- password_change_date
- pk
- uid
- username
- uuid
UserAccountRequest:
type: object
description: Account adding/removing operations
properties:
pk:
type: integer
required:
- pk
UserAssignedObjectPermission:
type: object
description: Users assigned object permission serializer
properties:
pk:
type: integer
readOnly: true
title: ID
username:
type: string
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
only.
pattern: ^[\w.@+-]+$
maxLength: 150
name:
type: string
description: User's display name.
is_active:
type: boolean
title: Active
description: Designates whether this user should be treated as active. Unselect
this instead of deleting accounts.
last_login:
type: string
format: date-time
nullable: true
email:
type: string
format: email
title: Email address
maxLength: 254
attributes:
type: object
additionalProperties: {}
uid:
type: string
readOnly: true
permissions:
type: array
items:
$ref: '#/components/schemas/UserObjectPermission'
is_superuser:
type: boolean
required:
- is_superuser
- name
- permissions
- pk
- uid
- username
UserAttributeEnum:
enum:
- username
- email
type: string
UserConsent:
type: object
description: UserConsent Serializer
properties:
pk:
type: integer
readOnly: true
title: ID
expires:
type: string
format: date-time
nullable: true
expiring:
type: boolean
user:
$ref: '#/components/schemas/User'
application:
$ref: '#/components/schemas/Application'
permissions:
type: string
default: ''
required:
- application
- pk
- user
UserCreationModeEnum:
enum:
- never_create
- create_when_required
- always_create
type: string
UserDeleteStage:
type: object
description: UserDeleteStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
UserDeleteStageRequest:
type: object
description: UserDeleteStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
required:
- name
UserFieldsEnum:
enum:
- email
- username
- upn
type: string
UserGroup:
type: object
description: Simplified Group Serializer for user's groups
properties:
pk:
type: string
format: uuid
readOnly: true
title: Group uuid
num_pk:
type: integer
description: Get a numerical, int32 ID for the group
readOnly: true
name:
type: string
is_superuser:
type: boolean
description: Users added to this group will be superusers.
parent:
type: string
format: uuid
nullable: true
parent_name:
type: string
readOnly: true
nullable: true
attributes:
type: object
additionalProperties: {}
required:
- name
- num_pk
- parent_name
- pk
UserGroupRequest:
type: object
description: Simplified Group Serializer for user's groups
properties:
name:
type: string
minLength: 1
is_superuser:
type: boolean
description: Users added to this group will be superusers.
parent:
type: string
format: uuid
nullable: true
attributes:
type: object
additionalProperties: {}
required:
- name
UserKerberosSourceConnection:
type: object
description: User source connection
properties:
pk:
type: integer
readOnly: true
title: ID
user:
type: integer
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- identifier
- last_updated
- pk
- source
- source_obj
- user
UserKerberosSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
required:
- identifier
- source
- user
UserLDAPSourceConnection:
type: object
description: User source connection
properties:
pk:
type: integer
readOnly: true
title: ID
user:
type: integer
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- identifier
- last_updated
- pk
- source
- source_obj
- user
UserLDAPSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
required:
- identifier
- source
- user
UserLoginChallenge:
type: object
description: Empty challenge
properties:
flow_info:
$ref: '#/components/schemas/ContextualFlowInfo'
component:
type: string
default: ak-stage-user-login
response_errors:
type: object
additionalProperties:
type: array
items:
$ref: '#/components/schemas/ErrorDetail'
pending_user:
type: string
pending_user_avatar:
type: string
required:
- pending_user
- pending_user_avatar
UserLoginChallengeResponseRequest:
type: object
description: User login challenge
properties:
component:
type: string
minLength: 1
default: ak-stage-user-login
remember_me:
type: boolean
required:
- remember_me
UserLoginStage:
type: object
description: UserLoginStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
session_duration:
type: string
description: 'Determines how long a session lasts. Default of 0 means that
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
terminate_other_sessions:
type: boolean
description: Terminate all other sessions of the user logging in.
remember_me_offset:
type: string
description: 'Offset the session will be extended by when the user picks
the remember me option. Default of 0 means that the remember me option
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
network_binding:
allOf:
- $ref: '#/components/schemas/NetworkBindingEnum'
description: Bind sessions created by this stage to the configured network
geoip_binding:
allOf:
- $ref: '#/components/schemas/GeoipBindingEnum'
description: Bind sessions created by this stage to the configured GeoIP
location
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
UserLoginStageRequest:
type: object
description: UserLoginStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
session_duration:
type: string
minLength: 1
description: 'Determines how long a session lasts. Default of 0 means that
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
terminate_other_sessions:
type: boolean
description: Terminate all other sessions of the user logging in.
remember_me_offset:
type: string
minLength: 1
description: 'Offset the session will be extended by when the user picks
the remember me option. Default of 0 means that the remember me option
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
network_binding:
allOf:
- $ref: '#/components/schemas/NetworkBindingEnum'
description: Bind sessions created by this stage to the configured network
geoip_binding:
allOf:
- $ref: '#/components/schemas/GeoipBindingEnum'
description: Bind sessions created by this stage to the configured GeoIP
location
required:
- name
UserLogoutStage:
type: object
description: UserLogoutStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
UserLogoutStageRequest:
type: object
description: UserLogoutStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
required:
- name
UserMatchingModeEnum:
enum:
- identifier
- email_link
- email_deny
- username_link
- username_deny
type: string
UserMetrics:
type: object
description: User Metrics
properties:
logins:
type: array
items:
$ref: '#/components/schemas/Coordinate'
readOnly: true
logins_failed:
type: array
items:
$ref: '#/components/schemas/Coordinate'
readOnly: true
authorizations:
type: array
items:
$ref: '#/components/schemas/Coordinate'
readOnly: true
required:
- authorizations
- logins
- logins_failed
UserOAuthSourceConnection:
type: object
description: User source connection
properties:
pk:
type: integer
readOnly: true
title: ID
user:
type: integer
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- identifier
- last_updated
- pk
- source
- source_obj
- user
UserOAuthSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
access_token:
type: string
writeOnly: true
nullable: true
required:
- identifier
- source
- user
UserObjectPermission:
type: object
description: User-bound object level permission
properties:
id:
type: integer
readOnly: true
codename:
type: string
readOnly: true
model:
type: string
title: Python model class name
readOnly: true
app_label:
type: string
readOnly: true
object_pk:
type: string
name:
type: string
readOnly: true
required:
- app_label
- codename
- id
- model
- name
- object_pk
UserPasswordSetRequest:
type: object
properties:
password:
type: string
minLength: 1
required:
- password
UserPath:
type: object
properties:
paths:
type: array
items:
type: string
readOnly: true
required:
- paths
UserPlexSourceConnection:
type: object
description: User source connection
properties:
pk:
type: integer
readOnly: true
title: ID
user:
type: integer
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- identifier
- last_updated
- pk
- source
- source_obj
- user
UserPlexSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
plex_token:
type: string
writeOnly: true
minLength: 1
required:
- identifier
- plex_token
- source
- user
UserRequest:
type: object
description: User Serializer
properties:
username:
type: string
minLength: 1
maxLength: 150
name:
type: string
description: User's display name.
is_active:
type: boolean
title: Active
description: Designates whether this user should be treated as active. Unselect
this instead of deleting accounts.
last_login:
type: string
format: date-time
nullable: true
groups:
type: array
items:
type: string
format: uuid
email:
type: string
format: email
title: Email address
maxLength: 254
attributes:
type: object
additionalProperties: {}
path:
type: string
minLength: 1
type:
$ref: '#/components/schemas/UserTypeEnum'
required:
- name
- username
UserSAMLSourceConnection:
type: object
description: User source connection
properties:
pk:
type: integer
readOnly: true
title: ID
user:
type: integer
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- identifier
- last_updated
- pk
- source
- source_obj
- user
UserSAMLSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
required:
- identifier
- source
- user
UserSelf:
type: object
description: User Serializer for information a user can retrieve about themselves
properties:
pk:
type: integer
readOnly: true
title: ID
username:
type: string
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
only.
pattern: ^[\w.@+-]+$
maxLength: 150
name:
type: string
description: User's display name.
is_active:
type: boolean
readOnly: true
title: Active
description: Designates whether this user should be treated as active. Unselect
this instead of deleting accounts.
is_superuser:
type: boolean
readOnly: true
groups:
type: array
items:
$ref: '#/components/schemas/UserSelfGroups'
readOnly: true
email:
type: string
format: email
title: Email address
maxLength: 254
avatar:
type: string
description: User's avatar, either a http/https URL or a data URI
readOnly: true
uid:
type: string
readOnly: true
settings:
type: object
additionalProperties: {}
description: Get user settings with brand and group settings applied
readOnly: true
type:
$ref: '#/components/schemas/UserTypeEnum'
system_permissions:
type: array
items:
type: string
description: Get all system permissions assigned to the user
readOnly: true
required:
- avatar
- groups
- is_active
- is_superuser
- name
- pk
- settings
- system_permissions
- uid
- username
UserSelfGroups:
type: object
properties:
name:
type: string
readOnly: true
pk:
type: string
readOnly: true
required:
- name
- pk
UserServiceAccountRequest:
type: object
properties:
name:
type: string
minLength: 1
create_group:
type: boolean
default: false
expiring:
type: boolean
default: true
expires:
type: string
format: date-time
description: If not provided, valid for 360 days
required:
- name
UserServiceAccountResponse:
type: object
properties:
username:
type: string
token:
type: string
user_uid:
type: string
user_pk:
type: integer
group_pk:
type: string
required:
- token
- user_pk
- user_uid
- username
UserSetting:
type: object
description: Serializer for User settings for stages and sources
properties:
object_uid:
type: string
component:
type: string
title:
type: string
configure_url:
type: string
icon_url:
type: string
required:
- component
- object_uid
- title
UserSourceConnection:
type: object
description: User source connection
properties:
pk:
type: integer
readOnly: true
title: ID
user:
type: integer
source:
type: string
format: uuid
source_obj:
allOf:
- $ref: '#/components/schemas/Source'
readOnly: true
identifier:
type: string
created:
type: string
format: date-time
readOnly: true
last_updated:
type: string
format: date-time
readOnly: true
required:
- created
- identifier
- last_updated
- pk
- source
- source_obj
- user
UserSourceConnectionRequest:
type: object
description: User source connection
properties:
user:
type: integer
source:
type: string
format: uuid
identifier:
type: string
minLength: 1
required:
- identifier
- source
- user
UserTypeEnum:
enum:
- internal
- external
- service_account
- internal_service_account
type: string
UserVerificationEnum:
enum:
- required
- preferred
- discouraged
type: string
UserWriteStage:
type: object
description: UserWriteStage Serializer
properties:
pk:
type: string
format: uuid
readOnly: true
title: Stage uuid
name:
type: string
component:
type: string
description: Get object type so that we know how to edit the object
readOnly: true
verbose_name:
type: string
description: Return object's verbose_name
readOnly: true
verbose_name_plural:
type: string
description: Return object's plural verbose_name
readOnly: true
meta_model_name:
type: string
description: Return internal model name
readOnly: true
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSet'
user_creation_mode:
$ref: '#/components/schemas/UserCreationModeEnum'
create_users_as_inactive:
type: boolean
description: When set, newly created users are inactive and cannot login.
create_users_group:
type: string
format: uuid
nullable: true
description: Optionally add newly created users to this group.
user_type:
$ref: '#/components/schemas/UserTypeEnum'
user_path_template:
type: string
required:
- component
- meta_model_name
- name
- pk
- verbose_name
- verbose_name_plural
UserWriteStageRequest:
type: object
description: UserWriteStage Serializer
properties:
name:
type: string
minLength: 1
flow_set:
type: array
items:
$ref: '#/components/schemas/FlowSetRequest'
user_creation_mode:
$ref: '#/components/schemas/UserCreationModeEnum'
create_users_as_inactive:
type: boolean
description: When set, newly created users are inactive and cannot login.
create_users_group:
type: string
format: uuid
nullable: true
description: Optionally add newly created users to this group.
user_type:
$ref: '#/components/schemas/UserTypeEnum'
user_path_template:
type: string
required:
- name
ValidationError:
type: object
description: Validation Error
properties:
non_field_errors:
type: array
items:
type: string
code:
type: string
additionalProperties: {}
Version:
type: object
description: Get running and latest version.
properties:
version_current:
type: string
description: Get current version
readOnly: true
version_latest:
type: string
description: Get latest version from cache
readOnly: true
version_latest_valid:
type: boolean
description: Check if latest version is valid
readOnly: true
build_hash:
type: string
description: Get build hash, if version is not latest or released
readOnly: true
outdated:
type: boolean
description: Check if we're running the latest version
readOnly: true
outpost_outdated:
type: boolean
description: Check if any outpost is outdated/has a version mismatch
readOnly: true
required:
- build_hash
- outdated
- outpost_outdated
- version_current
- version_latest
- version_latest_valid
VersionHistory:
type: object
description: VersionHistory Serializer
properties:
id:
type: integer
readOnly: true
timestamp:
type: string
format: date-time
version:
type: string
build:
type: string
required:
- build
- id
- timestamp
- version
WebAuthnDevice:
type: object
description: Serializer for WebAuthn authenticator devices
properties:
pk:
type: integer
readOnly: true
title: ID
name:
type: string
maxLength: 200
created_on:
type: string
format: date-time
readOnly: true
device_type:
allOf:
- $ref: '#/components/schemas/WebAuthnDeviceType'
readOnly: true
nullable: true
aaguid:
type: string
readOnly: true
user:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
required:
- aaguid
- created_on
- device_type
- name
- pk
- user
WebAuthnDeviceRequest:
type: object
description: Serializer for WebAuthn authenticator devices
properties:
name:
type: string
minLength: 1
maxLength: 200
required:
- name
WebAuthnDeviceType:
type: object
description: WebAuthnDeviceType Serializer
properties:
aaguid:
type: string
format: uuid
description:
type: string
required:
- aaguid
- description
WebAuthnDeviceTypeRequest:
type: object
description: WebAuthnDeviceType Serializer
properties:
aaguid:
type: string
format: uuid
description:
type: string
minLength: 1
required:
- aaguid
- description
Worker:
type: object
properties:
worker_id:
type: string
version:
type: string
version_matching:
type: boolean
required:
- version
- version_matching
- worker_id
modelRequest:
oneOf:
- $ref: '#/components/schemas/GoogleWorkspaceProviderRequest'
- $ref: '#/components/schemas/LDAPProviderRequest'
- $ref: '#/components/schemas/MicrosoftEntraProviderRequest'
- $ref: '#/components/schemas/OAuth2ProviderRequest'
- $ref: '#/components/schemas/ProxyProviderRequest'
- $ref: '#/components/schemas/RACProviderRequest'
- $ref: '#/components/schemas/RadiusProviderRequest'
- $ref: '#/components/schemas/SAMLProviderRequest'
- $ref: '#/components/schemas/SCIMProviderRequest'
- $ref: '#/components/schemas/SSFProviderRequest'
discriminator:
propertyName: provider_model
mapping:
authentik_providers_google_workspace.googleworkspaceprovider: '#/components/schemas/GoogleWorkspaceProviderRequest'
authentik_providers_ldap.ldapprovider: '#/components/schemas/LDAPProviderRequest'
authentik_providers_microsoft_entra.microsoftentraprovider: '#/components/schemas/MicrosoftEntraProviderRequest'
authentik_providers_oauth2.oauth2provider: '#/components/schemas/OAuth2ProviderRequest'
authentik_providers_proxy.proxyprovider: '#/components/schemas/ProxyProviderRequest'
authentik_providers_rac.racprovider: '#/components/schemas/RACProviderRequest'
authentik_providers_radius.radiusprovider: '#/components/schemas/RadiusProviderRequest'
authentik_providers_saml.samlprovider: '#/components/schemas/SAMLProviderRequest'
authentik_providers_scim.scimprovider: '#/components/schemas/SCIMProviderRequest'
authentik_providers_ssf.ssfprovider: '#/components/schemas/SSFProviderRequest'
securitySchemes:
authentik:
type: http
scheme: bearer
servers:
- url: /api/v3/
Reference in New Issue View Git Blame Copy Permalink